plm-deploy/docker-compose-prod.yml

# PLM System Production Docker Compose Configuration
# Domain: aifly.ren
# Version: v1.0 (2026-03-31)
# Author: 运维总监 (ops)

version: '3.8'

services:
  # ==================== PostgreSQL 集群 ====================
  postgres-primary:
    image: postgres:16-alpine
    container_name: plm-postgres-primary
    restart: unless-stopped
    environment:
      POSTGRES_USER: plm_admin
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-PlmSecureP@ss2026!}
      POSTGRES_DB: plm_database
      PGDATA: /var/lib/postgresql/data/pgdata
      POSTGRES_INITDB_ARGS: "--encoding=UTF8 --lc-collate=C --lc-ctype=C"
    volumes:
      - ./postgresql/primary/data:/var/lib/postgresql/data
      - ./postgresql/init:/docker-entrypoint-initdb.d
      - ./postgresql/backups:/backups
    ports:
      - "5432:5432"
    networks:
      - plm-network
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U plm_admin -d plm_database"]
      interval: 10s
      timeout: 5s
      retries: 5
    deploy:
      resources:
        limits:
          memory: 4G
        reservations:
          memory: 2G

  postgres-replica:
    image: postgres:16-alpine
    container_name: plm-postgres-replica
    restart: unless-stopped
    environment:
      POSTGRES_USER: plm_admin
      POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-PlmSecureP@ss2026!}
      PGDATA: /var/lib/postgresql/data/pgdata
    volumes:
      - ./postgresql/replica/data:/var/lib/postgresql/data
    ports:
      - "5433:5432"
    networks:
      - plm-network
    depends_on:
      postgres-primary:
        condition: service_healthy
    healthcheck:
      test: ["CMD-SHELL", "pg_isready -U plm_admin"]
      interval: 10s
      timeout: 5s
      retries: 5
    deploy:
      resources:
        limits:
          memory: 2G
        reservations:
          memory: 1G

  # ==================== Redis 集群 ====================
  redis-master:
    image: redis:7-alpine
    container_name: plm-redis-master
    restart: unless-stopped
    command: redis-server --appendonly yes --maxmemory 512mb --maxmemory-policy allkeys-lru
    volumes:
      - ./redis/master/data:/data
      - ./redis/master/redis.conf:/usr/local/etc/redis/redis.conf:ro
    ports:
      - "6379:6379"
    networks:
      - plm-network
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5

  redis-replica:
    image: redis:7-alpine
    container_name: plm-redis-replica
    restart: unless-stopped
    command: redis-server --replicaof redis-master 6379 --appendonly yes
    volumes:
      - ./redis/replica/data:/data
    ports:
      - "6380:6379"
    networks:
      - plm-network
    depends_on:
      redis-master:
        condition: service_healthy
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 10s
      timeout: 5s
      retries: 5

  # ==================== 监控 ====================
  prometheus:
    image: prom/prometheus:v2.45.0
    container_name: plm-prometheus
    restart: unless-stopped
    volumes:
      - ./prometheus/prometheus.yml:/etc/prometheus/prometheus.yml:ro
      - ./prometheus/data:/prometheus
    ports:
      - "9090:9090"
    networks:
      - plm-network
    command:
      - '--config.file=/etc/prometheus/prometheus.yml'
      - '--storage.tsdb.path=/prometheus'
      - '--storage.tsdb.retention.time=15d'

  grafana:
    image: grafana/grafana:10.0.0
    container_name: plm-grafana
    restart: unless-stopped
    environment:
      GF_SECURITY_ADMIN_USER: ${GRAFANA_ADMIN:-admin}
      GF_SECURITY_ADMIN_PASSWORD: ${GRAFANA_PASSWORD:-GrafanaP@ss2026!}
    volumes:
      - ./grafana/data:/var/lib/grafana
      - ./grafana/provisioning:/etc/grafana/provisioning
    ports:
      - "3001:3000"
    networks:
      - plm-network
    depends_on:
      - prometheus

  # ==================== 日志收集 ====================
  loki:
    image: grafana/loki:2.9.0
    container_name: plm-loki
    restart: unless-stopped
    volumes:
      - ./loki/loki.yml:/etc/loki/local-config.yaml:ro
      - ./loki/data:/loki
    ports:
      - "3100:3100"
    networks:
      - plm-network
    command: -config.file=/etc/loki/local-config.yaml

  promtail:
    image: grafana/promtail:2.9.0
    container_name: plm-promtail
    restart: unless-stopped
    volumes:
      - ./promtail/promtail.yml:/etc/promtail/config.yml:ro
      - /var/log:/var/log:ro
      - ./logs:/logs:ro
    networks:
      - plm-network
    command: -config.file=/etc/promtail/config.yml
    depends_on:
      - loki

networks:
  plm-network:
    driver: bridge
    ipam:
      config:
        - subnet: 172.28.0.0/16

volumes:
  postgres_primary_data:
  postgres_replica_data:
  redis_master_data:
  redis_replica_data:
  prometheus_data:
  grafana_data:
  loki_data: