epguides-api/docker-compose.prod.yml at master · frecar/epguides-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
# =============================================================================
# Production Configuration
# Usage: make up-prod  (or: docker compose -f docker-compose.prod.yml up)
# =============================================================================
# Optimized for 6-core / 5GB server
# Memory: API 1.5GB + Redis 3GB + OS ~500MB = 5GB

services:
  epguides-api:
    build:
      context: .
    # 5 workers = 6 cores - 1 (reserved for Redis + OS)
    # uvloop + httptools: ~2x faster than default asyncio
    command: >
      uvicorn app.main:app
      --host 0.0.0.0
      --port 3000
      --workers 5
      --loop uvloop
      --http httptools
      --timeout-keep-alive 30
      --timeout-graceful-shutdown 30
      --limit-concurrency 500
      --backlog 1024
      --log-level warning
    ports:
      - "3000:3000"
    environment:
      PYTHONDONTWRITEBYTECODE: "1"
      PYTHONUNBUFFERED: "1"
      PYTHONOPTIMIZE: "2"
      REDIS_HOST: ${REDIS_HOST:-redis}
      REDIS_PORT: ${REDIS_PORT:-6379}
      CACHE_TTL_SECONDS: ${CACHE_TTL_SECONDS:-3600}
      LOG_LEVEL: ${LOG_LEVEL:-INFO}
      API_BASE_URL: ${API_BASE_URL:-https://epguides.frecar.no}
      LOG_REQUESTS: ${LOG_REQUESTS:-true}
      LLM_ENABLED: ${LLM_ENABLED:-true}
      LLM_API_URL: ${LLM_API_URL:-}
      LLM_API_KEY: ${LLM_API_KEY:-}
      SENTRY_DSN: ${SENTRY_DSN:-}
    depends_on:
      redis:
        condition: service_healthy
    deploy:
      resources:
        limits:
          cpus: "5"
          memory: 1536M
        reservations:
          cpus: "2"
          memory: 512M
    healthcheck:
      test: ["CMD", "python", "healthcheck.py"]
      interval: 10s
      timeout: 5s
      retries: 3
      start_period: 10s
    cap_drop:
      - ALL
    read_only: true
    tmpfs:
      - /tmp:size=64M
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped
    stop_grace_period: 35s
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

  redis:
    image: redis:7
    command: >
      redis-server
      --maxmemory 3gb
      --maxmemory-policy allkeys-lru
      --save ""
      --appendonly no
      --io-threads 2
      --io-threads-do-reads yes
      --tcp-backlog 511
      --tcp-keepalive 300
      --timeout 0
    ports:
      - "127.0.0.1:6379:6379"
    volumes:
      - redis-data:/data
    ulimits:
      nofile:
        soft: 65536
        hard: 65536
    sysctls:
      - net.core.somaxconn=511
    deploy:
      resources:
        limits:
          cpus: "1"
          memory: 3G
        reservations:
          cpus: "0.5"
          memory: 1G
    healthcheck:
      test: ["CMD", "redis-cli", "ping"]
      interval: 5s
      timeout: 3s
      retries: 3
    cap_drop:
      - ALL
    cap_add:
      - SETUID
      - SETGID
    read_only: true
    tmpfs:
      - /tmp:size=16M
    security_opt:
      - no-new-privileges:true
    restart: unless-stopped
    logging:
      driver: "json-file"
      options:
        max-size: "10m"
        max-file: "3"

volumes:
  redis-data: