docker-compose.yaml

# Use `make up`, not `docker compose up`,
# as this YAML requires ${U7S_...} variables to be set.
---
services:
  node:
    build: .
    hostname: ${U7S_NODE_NAME}
    privileged: true
    restart: always
    networks:
      default:
        ipv4_address: ${U7S_NODE_IP}
    ports:
      # etcd
      - 2379:2379
      # kube-apiserver
      - 6443:6443
      # kubelet
      - 10250:10250
      # flannel
      - 8472:8472/udp
    volumes:
      - .:/usernetes:ro
      - /boot:/boot:ro
      - /lib/modules:/lib/modules:ro
      - node-var:/var
      - node-opt:/opt
      - node-etc:/etc
      - type: tmpfs
        target: /run
      - type: tmpfs
        target: /tmp
    working_dir: /usernetes
    environment:
      KUBECONFIG: /etc/kubernetes/admin.conf
      U7S_HOST_IP: ${U7S_HOST_IP}
    sysctls:
      - net.ipv4.ip_forward=1
      # In addition, `net.ipv4.conf.default.rp_filter`
      # has to be set to 0 (disabled) or 2 (loose)
      # in the daemon's network namespace.
    annotations:
      # Accelerate network for nerdctl >= 2.0.0-beta.4 with bypass4netns >= 0.4.1
      "nerdctl/bypass4netns": "${U7S_B4NN:-false}"
      "nerdctl/bypass4netns-ignore-bind": "true"
      "nerdctl/bypass4netns-ignore-subnets": "${U7S_B4NN_IGNORE_SUBNETS:-}"
networks:
  default:
    ipam:
      config:
        # Each of the nodes has to have a different IP.
        # The node IP here is not accessible from other nodes.
        - subnet: ${U7S_NODE_SUBNET}
volumes:
  node-var: {}
  node-opt: {}
  node-etc: {}