正在查看旧版本。 查看 当前版本.

与当前比较 查看页面历史记录

« 前一个 版本 9 当前 »

简介

容器的自定义操作参考自行创建 Docker 镜像

Confluence 的安装配置操作步骤繁琐,有很多需要注意的地方。不同版本间的配置都存在差异。利用 Docker 的功能实现配置项目的整合

创建新镜像

生成合适的版本

cat > opt/wiki/Dockfile << EOF
FROM atlassian/confluence-server
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt
RUN keytool -import -trustcacerts -alias proxy_root -file /tmp/marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
COPY --chown=confluence:confluence ./deps/mysql-connector-java-5.1.49.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/
COPY --chown=confluence:confluence ./deps/mysql-connector-java-8.0.28.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/
COPY ./deps/atlassian-agent.jar /var/atlassian/
RUN chmod +x /var/atlassian/atlassian-agent.jar
COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc
RUN mv /opt/atlassian/confluence/bin/setenv.sh  /tmp
COPY ./deps/setenv.sh /opt/atlassian/confluence/bin/
EOF
docker build -t confluence:7.7 .
FROM atlassian/confluence:latest
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt
RUN openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt
RUN openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt
RUN keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt
RUN keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt
RUN keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
ENV JAVA_OPTS="-javaagent:/var/atlassian/atlassian-agent.jar ${JAVA_OPTS}"
USER root
COPY ./deps/atlassian-agent.jar /var/atlassian/
RUN chmod 755 /var/atlassian/atlassian-agent.jar
COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc

解决时间戳不正确

默认 Confluence 使用的是东一区(零时区)的时间制式,想解决时区问题,需要先在 environment 字段内指定 CATALINA_OPTS 参数内容。也可以把对应的参数整合到 setenv.sh 文件中

environment:
    - 'CATALINA_OPTS= -Duser.timezone=GMT+08'

另外,为了避免容器和宿主机时间不一致,可以将本机的 localtime 挂载到容器中。

volumes:
  - /etc/localtime:/etc/localtime:ro

解决应用卡顿

之前的完整配置将会使用 Confluence 默认资源运行服务,程序最大使用内存是 1GB,当团队人数和内容多了之后,由于资源不足,会让服务运行变慢,最简单的解决方案就是增加资源。只需要在 environment 字段内声明下面内容即可。

environment:
    - 'JVM_MINIMUM_MEMORY=4096m'
    - 'JVM_MAXIMUM_MEMORY=8192m'

解决中文文档不能预览

由于默认容器镜像不包含中文字体,当我们想预览一个中文文档的时候,得到的结果会是一堆“口口口”方块。

解决这个问题的第一步是为镜像系统安装中文字体,下载一些中文字体 ( ttf/ttc ),比如宋体、楷体,将文件命名为:simsun.ttf、simkai.ttc,然后保存在 fonts 文件夹中,然后挂载到容器系统中。

environment:
  - 'CATALINA_OPTS= -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/usr/local/share/fonts/ '

解决应用市场不能访问

keytool -import -trustcacerts -alias proxy_root -file marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt

全新创建 confluence 容器镜像

通过上面方式创建的容器镜像有几个问题:

  • 直接引用官网文件,容器体积较大
  • 只能使用官网自定义的路径
  • 构建文件不够灵活,不同的版本需要调整的内容比较多
  • 需要完成 confluence 后才能使用 docker-compose 配置文件的模式

全新创建的方式更具灵活性,考虑互联网的因素,这里采取先将对应的文件下载好在复制到容器镜像里的方式。同时数据库采用 MySQL 架构

Dockerfile

FROM openjdk:11-bullseye
  
LABEL maintainer="waringid <waringid@gmail.com>" version="8.8.1"

ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=8.8.1
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28

ENV CONFLUENCE_HOME=/var/confluence \
    CONFLUENCE_INSTALL=/opt/confluence \
    JVM_MINIMUM_MEMORY=1g \
    JVM_MAXIMUM_MEMORY=3g \
    JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
    AGENT_PATH=/var/agent \
    AGENT_FILENAME=atlassian-agent.jar \
    LIB_PATH=/confluence/WEB-INF/lib

ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"

COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar  ${CONFLUENCE_INSTALL}/lib/

RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt

RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&&  tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz  -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties

WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090

ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]

├── deps
│   ├── atlassian-agent.jar
│   ├── atlassian-confluence-8.8.1.tar.gz
│   ├── mysql-connector-java-8.0.28.jar
│   └── simsun.ttc
└── Dockerfile

Dockerfile-9.0.3

FROM openjdk:17-bullseye
  
LABEL maintainer="waringid <waringid@gmail.com>" version="9.0.3"
  
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=9.0.3
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
  
ENV CONFLUENCE_HOME=/var/confluence \
    CONFLUENCE_INSTALL=/opt/confluence \
    JVM_MINIMUM_MEMORY=1g \
    JVM_MAXIMUM_MEMORY=3g \
    JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
    AGENT_PATH=/var/agent \
    AGENT_FILENAME=atlassian-agent.jar \
    LIB_PATH=/confluence/WEB-INF/lib
  
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
 
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar  ${CONFLUENCE_INSTALL}/lib/
 
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
  
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&&  tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz  -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
  
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
  
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]

wiki-8.8.0.yml

version: '3'
services:

  db:
    image: postgres:14.2-alpine
    container_name: postgres
    restart:
      always
    environment:
      - 'POSTGRES_USER=confluence'
      - 'POSTGRES_PASSWORD='password'
      - 'POSTGRES_DB=confluence'
      - 'POSTGRES_ENCODING=UTF8'
      - 'POSTGRES_COLLATE=C'
      - 'POSTGRES_COLLATE_TYPE=C'
    volumes:
      - /data/wiki/pgsql:/var/lib/postgresql/data
      - /etc/localtime:/etc/localtime:ro

  wiki:
    image: wiki:8.8.0
    container_name: wiki1
    restart:
      always
    ports:
      - 8090:8090
      - 8091:8091
    environment:
      - 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
      - 'JVM_MINIMUM_MEMORY=2048m'
      - 'JVM_MAXIMUM_MEMORY=2048m'
      - 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
      - 'CATALINA_OPTS= -javaagent:/var/agent/atlassian-agent.jar -Duser.timezone=GMT+08'
      - 'CATALINA_CONNECTOR_PROXYPORT=443'
      - 'CATALINA_CONNECTOR_SCHEME=https'
    volumes:
      - /data/wiki/data:/var/confluence
      - /etc/localtime:/etc/localtime:ro
      - /data/wiki/deps/server.xml:/opt/confluence/conf/server.xml
    depends_on:
      - db

docker-compose-confluence-8.8.1

version: '3'
services:
  
  db:
    image: mysql:8.0.22
    container_name: mysql-confluence
    command: ['mysqld', '--character-set-server=utf8mb4', '--collation-server=utf8mb4_bin', '--transaction-isolation=READ-COMMITTED', '--innodb_log_file_size=256M', '--max_allowed_packet=256M','--log_bin_trust_function_creators=1']
    ports:
      - "3306:3306"
    security_opt:
      - seccomp:unconfined
    environment:
      - MYSQL_ROOT_PASSWORD=password
      - TZ=Asia/Shanghai
      - MYSQL_DATABASE=confluence
      - MYSQL_USER=confluence
      - MYSQL_PASSWORD=password
    volumes:
      - /data/confluence/mysql:/var/lib/mysql
    networks:
      confluence-net:

  confluence:
    image: confluence:8.8.1
    container_name: confluence
    ports:
      - "8090:8090"
    environment:
      - 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
      - TZ=Asia/Shanghai
    volumes:
      - /data/confluence/data:/var/confluence
      - /etc/localtime:/etc/localtime:ro
    networks:
      confluence-net:
    depends_on:
      - db
 
networks:
  confluence-net:

docker-compose 文件

version: '3'
services:

  db:
    image: mysql:8.0.27
    container_name: mysql
    command: --default-authentication-plugin=mysql_native_password
    ports:
      - "3306:3306"
    security_opt:
      - seccomp:unconfined
    environment:
      MYSQL_ROOT_PASSWORD: password
    volumes:
      - /opt/confluence/mysql/backup:/backups
      - /opt/confluence/mysql/mysql-files:/var/lib/mysql-files
      - /opt/confluence/mysql/data:/var/lib/mysql
      - /opt/confluence/mysql/conf/my.cnf:/etc/mysql/my.cnf
    networks:
      lnmp-net:
        ipv4_address: 172.18.0.3


  wiki:
    image: confluence:7.7
    container_name: confluence
    ports:
      - "80:8090"
      - "8091:8091"
    environment:
      - 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
    volumes:
      - /opt/confluence/data:/var/atlassian/application-data/confluence
      - /etc/localtime:/etc/localtime:ro

    networks:
      lnmp-net:
        ipv4_address: 172.18.0.2
    depends_on:
      - db

networks:
  lnmp-net:
    ipam:
      config:
        - subnet: "172.18.0.0/24"

docker-compose-pgsql

version: '3'
services:

  db:
    image: postgres:14.2-alpine
    container_name: postgres
    restart:
      always
    environment:
      - 'POSTGRES_USER=confluence'
      - 'POSTGRES_PASSWORD=password'
      - 'POSTGRES_DB=confluence'
      - 'POSTGRES_ENCODING=UTF8'
      - 'POSTGRES_COLLATE=C'
      - 'POSTGRES_COLLATE_TYPE=C'
    volumes:
      - /data/wiki/pgsql:/var/lib/postgresql/data
      - /etc/localtime:/etc/localtime:ro
 
  wiki:
    image: wiki:8.7.2.2
    container_name: wiki1
    restart:
      always
    ports:
      - 8090:8090
      - 8091:8091
    environment:
      - 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
      - 'JVM_MINIMUM_MEMORY=2048m'
      - 'JVM_MAXIMUM_MEMORY=2048m'
      - 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
      - 'CATALINA_OPTS= -javaagent:/var/atlassian/atlassian-agent.jar -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/usr/local/share/fonts/'
      - 'CATALINA_CONNECTOR_PROXYPORT=443'
      - 'CATALINA_CONNECTOR_SCHEME=https'
    volumes:
      - /data/wiki/data:/var/atlassian/application-data/confluence
      - /etc/localtime:/etc/localtime:ro
      - /data/wiki/deps/server.xml:/opt/atlassian/confluence/conf/server.xml
    depends_on:
      - db


生成序列号

docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \
    -p conf  -d \
    -m a@b.com \
    -n name \
    -o http://127.0.0.1:8090 \
    -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id

docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \
    -p com.mxgraph.confluence.plugins.diagramly \
    -d -m a@b.com \
    -n name \
    -o http://127.0.0.1:8090 \
    -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id

docker exec wiki1 java -jar /var/agent/atlassian-agent.jar     -p com.tensixtwo.conf.latexmath \
 -d     -m a@b.com     -n name     -o http://127.0.0.1:8090     -s BOOR-9D2Y-X97Z-GG1L

备份数据库

pg_dump -U confluence -d confluence -f db_confluence_backup_2024_01_30.sql

  • 无标签