因为应用容器化部署已经是标准化的流程,无需再详篇介绍具体的部署流程。所以本文只提供相关的配置文档。如果对部署过程不了解的同学,请先自学容器基础。
镜像已经创建好了,如下
docker.io/xhuaustc/confluence:6.7.1
docker.io/xhuaustc/atlassian-mysql:5.7
镜像构建配置
mysql镜像
# my.cnf
[mysqld]
# Disabling symbolic-links is recommended to prevent assorted security risks
symbolic-links = 0
# http://www.percona.com/blog/2008/05/31/dns-achilles-heel-mysql-installation/
skip_name_resolve
# http://www.chriscalender.com/ignoring-the-lostfound-directory-in-your-datadir/
ignore-db-dir=lost+found
character_set_server=utf8
init_connect='SET NAMES utf8'
collation_server=utf8_bin
transaction_isolation='read-committed'
!includedir /etc/my.cnf.d
# Dockerfile
FROM centos/mysql-57-centos7
COPY my.cnf /etc/my.cnf
confluence镜像
git clone https://github.com/cptactionhank/docker-atlassian-confluence
在Dockerfile目录下添加server.xml, setenv.sh与atlassian-extras-decoder-v2-3.3.0.jar
# server.xml
<?xml version="1.0"?>
<Server port="8000" shutdown="SHUTDOWN">
<Service name="Tomcat-Standalone">
<Connector port="8090" connectionTimeout="300000" redirectPort="8443" maxThreads="400" minSpareThreads="10" enableLookups="false" acceptCount="100" URIEncoding="UTF-8" protocol="org.apache.coyote.http11.Http11NioProtocol"/>
<Engine name="Standalone" defaultHost="localhost">
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
<Context path="" docBase="../confluence" reloadable="false" useHttpOnly="true">
<!-- Logger is deprecated in Tomcat 5.5. Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
<Manager pathname=""/>
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="600"/>
</Context>
<Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" reloadable="false" useHttpOnly="true">
<Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="600"/>
</Context>
</Host>
</Engine>
<!--
To run Confluence via HTTPS:
* Uncomment the Connector below
* Execute:
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
with a password value of "changeit" for both the certificate and the keystore itself.
* Restart and visit https://localhost:8443/
For more info, see https://confluence.atlassian.com/display/DOC/Running+Confluence+Over+SSL+or+HTTPS
-->
<!--
<Connector port="8443" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
protocol="org.apache.coyote.http11.Http11NioProtocol"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocols="TLSv1,TLSv1.1,TLSv1.2" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" SSLEnabled="true"
URIEncoding="UTF-8" keystorePass="<MY_CERTIFICATE_PASSWORD>"/>
-->
</Service>
</Server>
# setenv.sh
# See the CATALINA_OPTS below for tuning the JVM arguments used to start Confluence.
echo "If you encounter issues starting up Confluence, please see the Installation guide at http://confluence.atlassian.com/display/DOC/Confluence+Installation+Guide"
# set the location of the pid file
if [ -z "$CATALINA_PID" ] ; then
if [ -n "$CATALINA_BASE" ] ; then
CATALINA_PID="$CATALINA_BASE"/work/catalina.pid
elif [ -n "$CATALINA_HOME" ] ; then
CATALINA_PID="$CATALINA_HOME"/work/catalina.pid
fi
fi
export CATALINA_PID
PRGDIR=`dirname "$0"`
if [ -z "$CATALINA_BASE" ]; then
if [ -z "$CATALINA_HOME" ]; then
LOGBASE=$PRGDIR
LOGTAIL=..
else
LOGBASE=$CATALINA_HOME
LOGTAIL=.
fi
else
LOGBASE=$CATALINA_BASE
LOGTAIL=.
fi
PUSHED_DIR=`pwd`
cd $LOGBASE
cd $LOGTAIL
LOGBASEABS=`pwd`
cd $PUSHED_DIR
echo ""
echo "Server startup logs are located in $LOGBASEABS/logs/catalina.out"
# IMPORTANT NOTE: Only set JAVA_HOME or JRE_HOME above this line
# Get standard Java environment variables
if $os400; then
# -r will Only work on the os400 if the files are:
# 1. owned by the user
# 2. owned by the PRIMARY group of the user
# this will not work if the user belongs in secondary groups
. "$CATALINA_HOME"/bin/setjre.sh
else
if [ -r "$CATALINA_HOME"/bin/setjre.sh ]; then
. "$CATALINA_HOME"/bin/setjre.sh
else
echo "Cannot find $CATALINA_HOME/bin/setjre.sh"
echo "This file is needed to run this program"
exit 1
fi
fi
echo "---------------------------------------------------------------------------"
echo "Using Java: $JRE_HOME/bin/java"
CONFLUENCE_CONTEXT_PATH=`$JRE_HOME/bin/java -jar $CATALINA_HOME/bin/confluence-context-path-extractor.jar $CATALINA_HOME`
export CONFLUENCE_CONTEXT_PATH
$JRE_HOME/bin/java -jar $CATALINA_HOME/bin/synchrony-proxy-watchdog.jar $CATALINA_HOME
echo "---------------------------------------------------------------------------"
JVM_MINIMUM_MEMORY=${JVM_XMS:-384m}
JVM_MAXIMUM_MEMORY=${JVM_XMX:-768m}
# Set the JVM arguments used to start Confluence. For a description of the options, see
# http://www.oracle.com/technetwork/java/javase/tech/vmoptions-jsp-140102.html
CATALINA_OPTS="-Xms${JVM_MINIMUM_MEMORY} -Xmx${JVM_MAXIMUM_MEMORY} -XX:-PrintGCDetails -XX:+PrintGCDateStamps -XX:-PrintTenuringDistribution ${CATALINA_OPTS}"
CATALINA_OPTS="-Xloggc:$LOGBASEABS/logs/gc-`date +%F_%H-%M-%S`.log -XX:+UseGCLogFileRotation -XX:NumberOfGCLogFiles=5 -XX:GCLogFileSize=2M ${CATALINA_OPTS}"
CATALINA_OPTS="-XX:G1ReservePercent=20 ${CATALINA_OPTS}"
CATALINA_OPTS="-Djava.awt.headless=true ${CATALINA_OPTS}"
CATALINA_OPTS="-Datlassian.plugins.enable.wait=300 ${CATALINA_OPTS}"
CATALINA_OPTS="-Dsynchrony.enable.xhr.fallback=true ${CATALINA_OPTS}"
CATALINA_OPTS="-Dorg.apache.tomcat.websocket.DEFAULT_BUFFER_SIZE=32768 ${CATALINA_OPTS}"
CATALINA_OPTS="${START_CONFLUENCE_JAVA_OPTS} ${CATALINA_OPTS}"
CATALINA_OPTS="-Dconfluence.context.path=${CONFLUENCE_CONTEXT_PATH} ${CATALINA_OPTS}"
export CATALINA_OPTS
修改Dockerfile
# Dockerfile
FROM openjdk:8-alpine
# Setup useful environment variables
ENV CONF_HOME /var/atlassian/confluence
ENV CONF_INSTALL /opt/atlassian/confluence
ENV CONF_VERSION 6.7.1
ENV JAVA_CACERTS $JAVA_HOME/jre/lib/security/cacerts
ENV CERTIFICATE $CONF_HOME/certificate
# Install Atlassian Confluence and helper tools and setup initial home
# directory structure.
RUN set -x \
&& apk --no-cache add curl xmlstarlet bash ttf-dejavu libc6-compat \
&& mkdir -p "${CONF_HOME}" \
&& chmod -R 777 "${CONF_HOME}" \
&& mkdir -p "${CONF_INSTALL}/conf" \
&& curl -Ls "https://www.atlassian.com/software/confluence/downloads/binary/atlassian-confluence-${CONF_VERSION}.tar.gz" | tar -xz --directory "${CONF_INSTALL}" --strip-components=1 --no-same-owner \
&& curl -Ls "https://dev.mysql.com/get/Downloads/Connector-J/mysql-connector-java-5.1.44.tar.gz" | tar -xz --directory "${CONF_INSTALL}/confluence/WEB-INF/lib" --strip-components=1 --no-same-owner "mysql-connector-java-5.1.44/mysql-connector-java-5.1.44-bin.jar" \
&& chmod -R 777 "${CONF_INSTALL}/conf" \
&& chmod -R 777 "${CONF_INSTALL}/temp" \
&& chmod -R 777 "${CONF_INSTALL}/logs" \
&& chmod -R 777 "${CONF_INSTALL}/work" \
&& echo -e "\nconfluence.home=$CONF_HOME" >> "${CONF_INSTALL}/confluence/WEB-INF/classes/confluence-init.properties" \
&& xmlstarlet ed --inplace \
--delete "Server/@debug" \
--delete "Server/Service/Connector/@debug" \
--delete "Server/Service/Connector/@useURIValidationHack" \
--delete "Server/Service/Connector/@minProcessors" \
--delete "Server/Service/Connector/@maxProcessors" \
--delete "Server/Service/Engine/@debug" \
--delete "Server/Service/Engine/Host/@debug" \
--delete "Server/Service/Engine/Host/Context/@debug" \
"${CONF_INSTALL}/conf/server.xml" \
&& touch -d "@0" "${CONF_INSTALL}/conf/server.xml"
# Use the default unprivileged account. This could be considered bad practice
# on systems where multiple processes end up being executed by 'daemon' but
# here we only ever run one process anyway.
# Expose default HTTP connector port.
EXPOSE 8090 8091
# Set volume mount points for installation and home directory. Changes to the
# home directory needs to be persisted as well as parts of the installation
# directory due to eg. logs.
VOLUME ["/var/atlassian/confluence", "/opt/atlassian/confluence/logs"]
# Set the default working directory as the Confluence home directory.
WORKDIR /var/atlassian/confluence
COPY docker-entrypoint.sh /
COPY atlassian-extras-decoder-v2-3.3.0.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/atlassian-extras-decoder-v2-3.3.0.jar
COPY server.xml /opt/atlassian/confluence/conf/server.xml
ENTRYPOINT ["/docker-entrypoint.sh"]
# Run Atlassian Confluence as a foreground process by default.
CMD ["/opt/atlassian/confluence/bin/start-confluence.sh", "-fg"]
docker-compose配置
因为mysql用mysql用户启动的,需要把data/mysql权限改为777
chmod 777 data/mysql -R
wiki:
image: xhuaustc/confluence:6.7.1
restart: always
environment:
- JVM_XMX=1024m
- JVM_XMS=512m
ports:
- '10380:8090'
links:
- db
volumes:
- ./data/confluence:/var/atlassian/confluence
- ./data/logs:/opt/atlassian/confluence/logs
db:
image: xhuaustc/atlassian-mysql:5.7
restart: always
environment:
- MYSQL_USER=confluence
- MYSQL_PASSWORD=conflence
- MYSQL_DATABASE=confluence
- MYSQL_ROOT_PASSWORD=confluence
volumes:
- ./data/mysql:/var/lib/mysql
Openshfit confluence模板
apiVersion: v1
kind: Template
metadata:
creationTimestamp: null
name: confluence
objects:
- apiVersion: v1
kind: DeploymentConfig
metadata:
labels:
run: confluence
name: confluence
spec:
replicas: 1
selector:
run: confluence
strategy:
type: Recreate
template:
metadata:
labels:
run: confluence
spec:
containers:
- env:
- name: JVM_XMX
value: '2048m'
- name: JVM_XMS
value: '1024m'
image: docker.io/xhuaustc/confluence:6.7.1
imagePullPolicy: IfNotPresent
name: confluence
volumeMounts:
- mountPath: /var/atlassian/confluence
name: volume-7iy6x
- mountPath: /opt/atlassian/confluence/logs
name: volume-zsyly
volumes:
- name: volume-7iy6x
persistentVolumeClaim:
claimName: confluence
- name: volume-zsyly
persistentVolumeClaim:
claimName: log
triggers:
- type: ConfigChange
- apiVersion: v1
kind: DeploymentConfig
metadata:
labels:
run: mysql
name: mysql
spec:
replicas: 1
selector:
run: mysql
strategy:
type: Recreate
template:
metadata:
labels:
run: mysql
spec:
containers:
- env:
- name: MYSQL_USER
value: confluence
- name: MYSQL_PASSWORD
value: confluence
- name: MYSQL_DATABASE
value: confluence
- name: MYSQL_ROOT_PASSWORD
value: confluence
image: docker.io/xhuaustc/atlassian-mysql:5.7
imagePullPolicy: IfNotPresent
name: mysql
volumeMounts:
- mountPath: /var/lib/mysql/data
name: volume-uiwfa
volumes:
- name: volume-uiwfa
persistentVolumeClaim:
claimName: mysql-data
triggers:
- type: ConfigChange
- apiVersion: v1
kind: Service
metadata:
labels:
run: confluence
name: confluence
spec:
ports:
- port: 8090
protocol: TCP
targetPort: 8090
selector:
run: confluence
type: ClusterIP
- apiVersion: v1
kind: Service
metadata:
labels:
run: mysql
name: mysql
spec:
ports:
- port: 3306
protocol: TCP
targetPort: 3306
selector:
run: mysql
type: ClusterIP
- apiVersion: v1
kind: Route
metadata:
annotations:
haproxy.router.openshift.io/timeout: 3000s
labels:
run: confluence
name: confluence
spec:
port:
targetPort: 8090
to:
kind: Service
name: confluence
weight: 100
wildcardPolicy: None
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.beta.kubernetes.io/storage-class: ceph-rbd-sc
volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd
name: confluence
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.beta.kubernetes.io/storage-class: ceph-rbd-sc
volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd
name: log
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
annotations:
volume.beta.kubernetes.io/storage-class: ceph-rbd-sc
volume.beta.kubernetes.io/storage-provisioner: kubernetes.io/rbd
name: mysql-data
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
网友评论