因为应用容器化部署已经是标准化的流程,无需再详篇介绍具体的部署流程。所以本文只提供相关的配置文档。如果对部署过程不了解的同学,请先自学容器基础。
1 2 docker.io/xhuaustc/confluence:6.7.1 docker.io/xhuaustc/atlassian-mysql:5.7
镜像构建配置 mysql镜像 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 # my.cnf [mysqld] # Disabling symbolic-links is recommended to prevent assorted security risks symbolic-links = 0 # http://www.percona.com/blog/2008/05/31/dns-achilles-heel-mysql-installation/ skip_name_resolve # http://www.chriscalender.com/ignoring-the-lostfound-directory-in-your-datadir/ ignore-db-dir=lost+found character_set_server=utf8 init_connect='SET NAMES utf8' collation_server=utf8_bin transaction_isolation='read-committed' !includedir /etc/my.cnf.d
1 2 3 # Dockerfile FROM centos/mysql-57-centos7 COPY my.cnf /etc/my.cnf
confluence镜像 1 git clone https://github.com/cptactionhank/docker-atlassian-confluence
在Dockerfile目录下添加server.xml, setenv.sh与atlassian-extras-decoder-v2-3.3.0.jar
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 # server.xml <?xml version="1.0"?> <Server port="8000" shutdown="SHUTDOWN"> <Service name="Tomcat-Standalone"> <Connector port="8090" connectionTimeout="300000" redirectPort="8443" maxThreads="400" minSpareThreads="10" enableLookups="false" acceptCount="100" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11NioProtocol"/> <Engine name="Standalone" defaultHost="localhost"> <Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4"> <Context path="" docBase="../confluence" reloadable="false" useHttpOnly="true"> <!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties --> <Manager pathname=""/> <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="600"/> </Context> <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" reloadable="false" useHttpOnly="true"> <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="600"/> </Context> </Host> </Engine> <!-- To run Confluence via HTTPS: * Uncomment the Connector below * Execute: %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows) $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix) with a password value of "changeit" for both the certificate and the keystore itself. * Restart and visit https://localhost:8443/ For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS --> <!-- <Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" protocol="org.apache.coyote.http11.Http11NioProtocol" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true" clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true" URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/> --> </Service> </Server>
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 # setenv.sh # See the CATALINA_OPTS below for tuning the JVM arguments used to start Confluence. echo "If you encounter issues starting up Confluence, please see the Installation guide at http://confluence.atlassian.com/display/DOC/Confluence+Installation+Guide" # set the location of the pid file if [ -z "$CATALINA_PID" ] ; then if [ -n "$CATALINA_BASE" ] ; then CATALINA_PID="$CATALINA_BASE"/work/catalina.pid elif [ -n "$CATALINA_HOME" ] ; then CATALINA_PID="$CATALINA_HOME"/work/catalina.pid fi fi export CATALINA_PID PRGDIR=`dirname "$0"` if [ -z "$CATALINA_BASE" ]; then if [ -z "$CATALINA_HOME" ]; then LOGBASE=$PRGDIR LOGTAIL=.. else LOGBASE=$CATALINA_HOME LOGTAIL=. fi else LOGBASE=$CATALINA_BASE LOGTAIL=. fi PUSHED_DIR=`pwd` cd $LOGBASE cd $LOGTAIL LOGBASEABS=`pwd` cd $PUSHED_DIR echo "" echo "Server startup logs are located in $LOGBASEABS/logs/catalina.out" # IMPORTANT NOTE: Only set JAVA_HOME or JRE_HOME above this line # Get standard Java environment variables if $os400; then # -r will Only work on the os400 if the files are: # 1. owned by the user # 2. owned by the PRIMARY group of the user # this will not work if the user belongs in secondary groups . "$CATALINA_HOME"/bin/setjre.sh else if [ -r "$CATALINA_HOME"/bin/setjre.sh ]; then . "$CATALINA_HOME"/bin/setjre.sh else echo "Cannot find $CATALINA_HOME/bin/setjre.sh" echo "This file is needed to run this program" exit 1 fi fi echo "---------------------------------------------------------------------------" echo "Using Java: $JRE_HOME/bin/java" CONFLUENCE_CONTEXT_PATH=`$JRE_HOME/bin/java -jar $CATALINA_HOME/bin/confluence-context-path-extractor.jar $CATALINA_HOME` export CONFLUENCE_CONTEXT_PATH $JRE_HOME/bin/java -jar $CATALINA_HOME/bin/synchrony-proxy-watchdog.jar $CATALINA_HOME echo "---------------------------------------------------------------------------" JVM_MINIMUM_MEMORY=${JVM_XMS:-384m} JVM_MAXIMUM_MEMORY=${JVM_XMX:-768m} # Set the JVM arguments used to start Confluence. For a description of the options, see # http://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html CATALINA_OPTS="-Xms${JVM_MINIMUM_MEMORY} -Xmx${JVM_MAXIMUM_MEMORY} -XX:-PrintGCDetails -XX:+PrintGCDateStamps -XX:-PrintTenuringDistribution ${CATALINA_OPTS}" CATALINA_OPTS="-Xloggc:$LOGBASEABS/logs/gc-`date +%F_%H-%M-%S`.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=2M ${CATALINA_OPTS}" CATALINA_OPTS="-XX:G1ReservePercent=20 ${CATALINA_OPTS}" CATALINA_OPTS="-Djava.awt.headless=true ${CATALINA_OPTS}" CATALINA_OPTS="-Datlassian.plugins.enable.wait=300 ${CATALINA_OPTS}" CATALINA_OPTS="-Dsynchrony.enable.xhr.fallback=true ${CATALINA_OPTS}" CATALINA_OPTS="-Dorg.apache.tomcat.websocket.DEFAULT_BUFFER_SIZE=32768 ${CATALINA_OPTS}" CATALINA_OPTS="${START_CONFLUENCE_JAVA_OPTS} ${CATALINA_OPTS}" CATALINA_OPTS="-Dconfluence.context.path=${CONFLUENCE_CONTEXT_PATH} ${CATALINA_OPTS}" export CATALINA_OPTS
修改Dockerfile
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 # Dockerfile FROM openjdk:8-alpine # Setup useful environment variables ENV CONF_HOME /var/atlassian/confluence ENV CONF_INSTALL /opt/atlassian/confluence ENV CONF_VERSION 6.7.1 ENV JAVA_CACERTS $JAVA_HOME/jre/lib/security/cacerts ENV CERTIFICATE $CONF_HOME/certificate # Install Atlassian Confluence and helper tools and setup initial home # directory structure. RUN set -x \ && apk --no-cache add curl xmlstarlet bash ttf-dejavu libc6-compat \ && mkdir -p "${CONF_HOME}" \ && chmod -R 777 "${CONF_HOME}" \ && mkdir -p "${CONF_INSTALL}/conf" \ && curl -Ls "https://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-${CONF_VERSION}.tar.gz" | tar -xz --directory "${CONF_INSTALL}" --strip-components=1 --no-same-owner \ && curl -Ls "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.1.44.tar.gz" | tar -xz --directory "${CONF_INSTALL}/confluence/WEB-INF/lib" --strip-components=1 --no-same-owner "mysql-connector-java-5.1.44/mysql-connector-java-5.1.44-bin.jar" \ && chmod -R 777 "${CONF_INSTALL}/conf" \ && chmod -R 777 "${CONF_INSTALL}/temp" \ && chmod -R 777 "${CONF_INSTALL}/logs" \ && chmod -R 777 "${CONF_INSTALL}/work" \ && echo -e "\nconfluence.home=$CONF_HOME" >> "${CONF_INSTALL}/confluence/WEB-INF/classes/confluence-init.properties" \ && xmlstarlet ed --inplace \ --delete "Server/@debug" \ --delete "Server/Service/Connector/@debug" \ --delete "Server/Service/Connector/@useURIValidationHack" \ --delete "Server/Service/Connector/@minProcessors" \ --delete "Server/Service/Connector/@maxProcessors" \ --delete "Server/Service/Engine/@debug" \ --delete "Server/Service/Engine/Host/@debug" \ --delete "Server/Service/Engine/Host/Context/@debug" \ "${CONF_INSTALL}/conf/server.xml" \ && touch -d "@0" "${CONF_INSTALL}/conf/server.xml" # Use the default unprivileged account. This could be considered bad practice # on systems where multiple processes end up being executed by 'daemon' but # here we only ever run one process anyway. # Expose default HTTP connector port. EXPOSE 8090 8091 # Set volume mount points for installation and home directory. Changes to the # home directory needs to be persisted as well as parts of the installation # directory due to eg. logs. VOLUME ["/var/atlassian/confluence", "/opt/atlassian/confluence/logs"] # Set the default working directory as the Confluence home directory. WORKDIR /var/atlassian/confluence COPY docker-entrypoint.sh / COPY atlassian-extras-decoder-v2-3.3.0.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/atlassian-extras-decoder-v2-3.3.0.jar COPY server.xml /opt/atlassian/confluence/conf/server.xml ENTRYPOINT ["/docker-entrypoint.sh"] # Run Atlassian Confluence as a foreground process by default. CMD ["/opt/atlassian/confluence/bin/start-confluence.sh", "-fg"]
docker-compose配置 因为mysql用mysql用户启动的,需要把data/mysql权限改为777chmod 777 data/mysql -R
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 wiki: image: xhuaustc/confluence:6.7.1 restart: always environment: - JVM_XMX=1024m - JVM_XMS=512m ports: - '10380:8090' links: - db volumes: - ./data/confluence:/var/atlassian/confluence - ./data/logs:/opt/atlassian/confluence/logs db: image: xhuaustc/atlassian-mysql:5.7 restart: always environment: - MYSQL_USER=confluence - MYSQL_PASSWORD=conflence - MYSQL_DATABASE=confluence - MYSQL_ROOT_PASSWORD=confluence volumes: - ./data/mysql:/var/lib/mysql
Openshfit confluence模板 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 apiVersion: v1 kind: Template metadata: creationTimestamp: null name: confluence objects: - apiVersion: v1 kind: DeploymentConfig metadata: labels: run: confluence name: confluence spec: replicas: 1 selector: run: confluence strategy: type: Recreate template: metadata: labels: run: confluence spec: containers: - env: - name: JVM_XMX value: '2048m' - name: JVM_XMS value: '1024m' image: docker.io/xhuaustc/confluence:6.7.1 imagePullPolicy: IfNotPresent name: confluence volumeMounts: - mountPath: /var/atlassian/confluence name: volume-7iy6x - mountPath: /opt/atlassian/confluence/logs name: volume-zsyly volumes: - name: volume-7iy6x persistentVolumeClaim: claimName: confluence - name: volume-zsyly persistentVolumeClaim: claimName: log triggers: - type: ConfigChange - apiVersion: v1 kind: DeploymentConfig metadata: labels: run: mysql name: mysql spec: replicas: 1 selector: run: mysql strategy: type: Recreate template: metadata: labels: run: mysql spec: containers: - env: - name: MYSQL_USER value: confluence - name: MYSQL_PASSWORD value: confluence - name: MYSQL_DATABASE value: confluence - name: MYSQL_ROOT_PASSWORD value: confluence image: docker.io/xhuaustc/atlassian-mysql:5.7 imagePullPolicy: IfNotPresent name: mysql volumeMounts: - mountPath: /var/lib/mysql name: volume-uiwfa volumes: - name: volume-uiwfa persistentVolumeClaim: claimName: mysql-data triggers: - type: ConfigChange - apiVersion: v1 kind: Service metadata: labels: run: confluence name: confluence spec: ports: - port: 8090 protocol: TCP targetPort: 8090 selector: run: confluence type: ClusterIP - apiVersion: v1 kind: Service metadata: labels: run: mysql name: mysql spec: ports: - port: 3306 protocol: TCP targetPort: 3306 selector: run: mysql type: ClusterIP - apiVersion: v1 kind: Route metadata: annotations: haproxy.router.openshift.io/timeout: 3000s labels: run: confluence name: confluence spec: port: targetPort: 8090 to: kind: Service name: confluence weight: 100 wildcardPolicy: None - apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: volume.beta.kubernetes.io/storage-class: ceph-rbd-sc volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd name: confluence spec: accessModes: - ReadWriteOnce resources: requests: storage: 20Gi - apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: volume.beta.kubernetes.io/storage-class: ceph-rbd-sc volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd name: log spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi - apiVersion: v1 kind: PersistentVolumeClaim metadata: annotations: volume.beta.kubernetes.io/storage-class: ceph-rbd-sc volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd name: mysql-data spec: accessModes: - ReadWriteOnce resources: requests: storage: 10Gi
