version: '3'

services:

  etcd-1:
    container_name: etcd-1
    image: quay.io/coreos/etcd:v3.5.9
    entrypoint: /usr/local/bin/etcd
    # volumes:
    # - ./etcd-data:/etcd-data
    command:
      - '--name=etcd-1'
      - '--initial-advertise-peer-urls=http://etcd-1:2380'
      - '--listen-peer-urls=http://0.0.0.0:2380'
      - '--listen-client-urls=http://0.0.0.0:2379'
      - '--advertise-client-urls=http://0.0.0.0:2379'
      - '--heartbeat-interval=250'
      - '--election-timeout=1250'
      - '--data-dir=/etcd-data'
      - '--initial-cluster=etcd-1=http://etcd-1:2380'
    ports:
    - 2379:2379
    - 2380:2380
    restart: always

  master1:
    image: "rancher/k3s:${K3S_VERSION:-latest}"
    container_name: master1
    command: server --node-name=master1 --flannel-backend=wireguard-native --flannel-external-ip --disable-network-policy --disable traefik --disable local-storage --disable-helm-controller --disable metrics-server --disable coredns --node-external-ip="${K3S_MASTER}"  --cluster-init --advertise-address ${K3S_MASTER} --tls-san ${K3S_MASTER} --tls-san ${K3S_MASTER2} --node-label "node-type=master" --node-label "node-name=master1" --node-label "k8s=egate" 
#  --kube-proxy-arg iptables-sync-period=2s --kube-proxy-arg masquerade-all=true
    tmpfs:
    - /run
    - /var/run
    ulimits:
      nproc: 65535
      nofile:
        soft: 65535
        hard: 65535
    privileged: true
    restart: always
    environment:
    - K3S_TOKEN=${K3S_TOKEN:?err}
    - K3S_KUBECONFIG_OUTPUT=/output/kubeconfig.yaml
    - K3S_KUBECONFIG_MODE=666
    - K3S_DATASTORE_ENDPOINT=http://${K3S_MASTER}:2379
    volumes:
    - ./output:/output
    # - ../registry/registries.yaml:/etc/rancher/k3s/registries.yaml
    ports:
    - 6443:6443
    networks:
      vv:
        ipv4_address: 172.25.0.34

  worker1:
    image: "rancher/k3s:${K3S_VERSION:-latest}"
    container_name: worker1
    command: agent --node-name=worker1 --node-external-ip="${K3S_MASTER}" --node-label "node-type=worker" --node-label "node-name=worker1" --node-label "k8s=egate"
    tmpfs:
    - /run
    - /var/run
    ulimits:
      nproc: 65535
      nofile:
        soft: 65535
        hard: 65535
    privileged: true
    restart: always
    environment:
    - K3S_URL=https://${K3S_MASTER}:6443
    - K3S_TOKEN=${K3S_TOKEN:?err}
    # volumes:
    # - ../registry/registries.yaml:/etc/rancher/k3s/registries.yaml
    ports:
    - 8472:8472/udp
    - 51820:51820/udp
    - 51821:51821/udp
    networks:
      vv:
        ipv4_address: 172.25.0.35

  nginx:
    image: "nginx"
    container_name: nginx
    restart: always
    ports:
    - 3001:3001
    - 3002:3002
    - 3003:3003
    - 3004:3004
    - 3005:3005
    - 3006:3006
    - 3007:3007
    volumes:
      - ./nginx/default.conf:/etc/nginx/conf.d/default.conf
    networks:
      vv:
        ipv4_address: 172.25.0.20

networks:
  vv:
    driver: bridge
    ipam:
      driver: default
      config:
          - subnet: 172.25.0.0/24
            gateway: 172.25.0.1