简介
容器的自定义操作参考自行创建 Docker 镜像
Confluence 的安装配置操作步骤繁琐,有很多需要注意的地方。不同版本间的配置都存在差异。利用 Docker 的功能实现配置项目的整合
创建新镜像
生成合适的版本
cat > opt/wiki/Dockfile << EOF FROM atlassian/confluence-server RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt RUN keytool -import -trustcacerts -alias proxy_root -file /tmp/marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt COPY --chown=confluence:confluence ./deps/mysql-connector-java-5.1.49.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/ COPY --chown=confluence:confluence ./deps/mysql-connector-java-8.0.28.jar /opt/atlassian/confluence/confluence/WEB-INF/lib/ COPY ./deps/atlassian-agent.jar /var/atlassian/ RUN chmod +x /var/atlassian/atlassian-agent.jar COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc RUN mv /opt/atlassian/confluence/bin/setenv.sh /tmp COPY ./deps/setenv.sh /opt/atlassian/confluence/bin/ EOF docker build -t confluence:7.7 .
FROM atlassian/confluence:latest
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt
RUN openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt
RUN openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt
RUN keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt
RUN keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt
RUN keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
ENV JAVA_OPTS="-javaagent:/var/atlassian/atlassian-agent.jar ${JAVA_OPTS}"
USER root
COPY ./deps/atlassian-agent.jar /var/atlassian/
RUN chmod 755 /var/atlassian/atlassian-agent.jar
COPY ./deps/simsun.ttc /usr/local/share/fonts/simsun.ttc
解决时间戳不正确
默认 Confluence 使用的是东一区(零时区)的时间制式,想解决时区问题,需要先在 environment 字段内指定 CATALINA_OPTS 参数内容。也可以把对应的参数整合到 setenv.sh 文件中
environment: - 'CATALINA_OPTS= -Duser.timezone=GMT+08'
另外,为了避免容器和宿主机时间不一致,可以将本机的 localtime 挂载到容器中。
volumes: - /etc/localtime:/etc/localtime:ro
解决应用卡顿
之前的完整配置将会使用 Confluence 默认资源运行服务,程序最大使用内存是 1GB,当团队人数和内容多了之后,由于资源不足,会让服务运行变慢,最简单的解决方案就是增加资源。只需要在 environment 字段内声明下面内容即可。
environment: - 'JVM_MINIMUM_MEMORY=4096m' - 'JVM_MAXIMUM_MEMORY=8192m'
解决中文文档不能预览
由于默认容器镜像不包含中文字体,当我们想预览一个中文文档的时候,得到的结果会是一堆“口口口”方块。
解决这个问题的第一步是为镜像系统安装中文字体,下载一些中文字体 ( ttf/ttc ),比如宋体、楷体,将文件命名为:simsun.ttf、simkai.ttc,然后保存在 fonts 文件夹中,然后挂载到容器系统中。
environment: - 'CATALINA_OPTS= -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/usr/local/share/fonts/ '
解决应用市场不能访问
keytool -import -trustcacerts -alias proxy_root -file marketplace.atlassian.com.crt -keystore $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt
全新创建 confluence 容器镜像
通过上面方式创建的容器镜像有几个问题:
- 直接引用官网文件,容器体积较大
- 只能使用官网自定义的路径
- 构建文件不够灵活,不同的版本需要调整的内容比较多
- 需要完成 confluence 后才能使用 docker-compose 配置文件的模式
全新创建的方式更具灵活性,考虑互联网的因素,这里采取先将对应的文件下载好在复制到容器镜像里的方式。同时数据库采用 MySQL 架构
Dockerfile
FROM openjdk:11-bullseye
LABEL maintainer="waringid <waringid@gmail.com>" version="8.8.1"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=8.8.1
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]
├── deps
│ ├── atlassian-agent.jar
│ ├── atlassian-confluence-8.8.1.tar.gz
│ ├── mysql-connector-java-8.0.28.jar
│ └── simsun.ttc
└── Dockerfile
Dockerfile-9.0.3
FROM openjdk:17-bullseye
LABEL maintainer="waringid <waringid@gmail.com>" version="9.0.3"
ARG ATLASSIAN_PRODUCTION=confluence
ARG APP_NAME=confluence
ARG APP_VERSION=9.0.3
ARG AGENT_VERSION=1.3.3
ARG MYSQL_DRIVER_VERSION=8.0.28
ENV CONFLUENCE_HOME=/var/confluence \
CONFLUENCE_INSTALL=/opt/confluence \
JVM_MINIMUM_MEMORY=1g \
JVM_MAXIMUM_MEMORY=3g \
JVM_CODE_CACHE_ARGS='-XX:InitialCodeCacheSize=1g -XX:ReservedCodeCacheSize=2g' \
AGENT_PATH=/var/agent \
AGENT_FILENAME=atlassian-agent.jar \
LIB_PATH=/confluence/WEB-INF/lib
ENV JAVA_OPTS="-javaagent:${AGENT_PATH}/${AGENT_FILENAME} ${JAVA_OPTS}"
COPY ./deps/${AGENT_FILENAME} ${AGENT_PATH}/
COPY ./deps/atlassian-${ATLASSIAN_PRODUCTION}-${APP_VERSION}.tar.gz /tmp
COPY ./deps/mysql-connector-java-${MYSQL_DRIVER_VERSION}.jar ${CONFLUENCE_INSTALL}/lib/
RUN openssl s_client -connect marketplace.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace.atlassian.com.crt \
&& openssl s_client -connect marketplace-cdn.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/marketplace-cdn.atlassian.com.crt \
&& openssl s_client -connect api.media.atlassian.com:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/api.atlassian.com.crt \
&& keytool -importcert -alias marketplace.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace.atlassian.com.crt \
&& keytool -importcert -alias marketplace-cdn.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/marketplace-cdn.atlassian.com.crt \
&& keytool -importcert -alias api.media.atlassian.com -cacerts -storepass changeit -noprompt -file /tmp/api.atlassian.com.crt
RUN mkdir -p ${CONFLUENCE_INSTALL} ${CONFLUENCE_HOME} ${AGENT_PATH} ${CONFLUENCE_INSTALL}${LIB_PATH} \
&& tar zxf /tmp/atlassian-${APP_NAME}-${APP_VERSION}.tar.gz -C /opt/confluence/ --strip-components 1 \
&& rm -rf /tmp/* \
&& echo "confluence.home = ${CONFLUENCE_HOME}" > ${CONFLUENCE_INSTALL}/${ATLASSIAN_PRODUCTION}/WEB-INF/classes/confluence-init.properties
WORKDIR $CONFLUENCE_INSTALL
EXPOSE 8090
ENTRYPOINT ["/opt/confluence/bin/start-confluence.sh", "-fg"]
wiki-9.0.3.yml
version: '3'
services:
db:
image: chaitin/safeline-postgres:15.2
# image: postgres:14.2-alpine
container_name: postgres
restart:
always
environment:
- 'POSTGRES_USER=confluence'
- 'POSTGRES_PASSWORD=passwordcom'
- 'POSTGRES_DB=confluence'
- 'POSTGRES_ENCODING=UTF8'
- 'POSTGRES_COLLATE=C'
- 'POSTGRES_COLLATE_TYPE=C'
volumes:
- /data/wiki/pgsql:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
wiki:
image: wiki:9.0.3
container_name: wiki1
restart:
always
ports:
- 8090:8090
- 8091:8091
environment:
- 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
- 'CATALINA_OPTS= -XX:ReservedCodeCacheSize=512m -Xms2048m -Xmx4096m -javaagent:/var/agent/atlassian-agent.jar -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/var/confluence/fonts/'
- 'CATALINA_CONNECTOR_PROXYPORT=443'
- 'CATALINA_CONNECTOR_SCHEME=https'
volumes:
- /data/wiki/data:/var/confluence
- /etc/localtime:/etc/localtime:ro
- /data/wiki/deps/server_8.8.1.xml:/opt/confluence/conf/server.xml:rw
depends_on:
- db
wiki-8.8.0.yml
version: '3'
services:
db:
image: postgres:14.2-alpine
container_name: postgres
restart:
always
environment:
- 'POSTGRES_USER=confluence'
- 'POSTGRES_PASSWORD='password'
- 'POSTGRES_DB=confluence'
- 'POSTGRES_ENCODING=UTF8'
- 'POSTGRES_COLLATE=C'
- 'POSTGRES_COLLATE_TYPE=C'
volumes:
- /data/wiki/pgsql:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
wiki:
image: wiki:8.8.0
container_name: wiki1
restart:
always
ports:
- 8090:8090
- 8091:8091
environment:
- 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
- 'JVM_MINIMUM_MEMORY=2048m'
- 'JVM_MAXIMUM_MEMORY=2048m'
- 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
- 'CATALINA_OPTS= -javaagent:/var/agent/atlassian-agent.jar -Duser.timezone=GMT+08'
- 'CATALINA_CONNECTOR_PROXYPORT=443'
- 'CATALINA_CONNECTOR_SCHEME=https'
volumes:
- /data/wiki/data:/var/confluence
- /etc/localtime:/etc/localtime:ro
- /data/wiki/deps/server.xml:/opt/confluence/conf/server.xml
depends_on:
- db
docker-compose-confluence-8.8.1
version: '3'
services:
db:
image: mysql:8.0.22
container_name: mysql-confluence
command: ['mysqld', '--character-set-server=utf8mb4', '--collation-server=utf8mb4_bin', '--transaction-isolation=READ-COMMITTED', '--innodb_log_file_size=256M', '--max_allowed_packet=256M','--log_bin_trust_function_creators=1']
ports:
- "3306:3306"
security_opt:
- seccomp:unconfined
environment:
- MYSQL_ROOT_PASSWORD=password
- TZ=Asia/Shanghai
- MYSQL_DATABASE=confluence
- MYSQL_USER=confluence
- MYSQL_PASSWORD=password
volumes:
- /data/confluence/mysql:/var/lib/mysql
networks:
confluence-net:
confluence:
image: confluence:8.8.1
container_name: confluence
ports:
- "8090:8090"
environment:
- 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
- TZ=Asia/Shanghai
volumes:
- /data/confluence/data:/var/confluence
- /etc/localtime:/etc/localtime:ro
networks:
confluence-net:
depends_on:
- db
networks:
confluence-net:
docker-compose 文件
version: '3' services: db: image: mysql:8.0.27 container_name: mysql command: --default-authentication-plugin=mysql_native_password ports: - "3306:3306" security_opt: - seccomp:unconfined environment: MYSQL_ROOT_PASSWORD: password volumes: - /opt/confluence/mysql/backup:/backups - /opt/confluence/mysql/mysql-files:/var/lib/mysql-files - /opt/confluence/mysql/data:/var/lib/mysql - /opt/confluence/mysql/conf/my.cnf:/etc/mysql/my.cnf networks: lnmp-net: ipv4_address: 172.18.0.3 wiki: image: confluence:7.7 container_name: confluence ports: - "80:8090" - "8091:8091" environment: - 'JVM_RESERVED_CODE_CACHE_SIZE=512m' volumes: - /opt/confluence/data:/var/atlassian/application-data/confluence - /etc/localtime:/etc/localtime:ro networks: lnmp-net: ipv4_address: 172.18.0.2 depends_on: - db networks: lnmp-net: ipam: config: - subnet: "172.18.0.0/24"
docker-compose-pgsql
version: '3'
services:
db:
image: postgres:14.2-alpine
container_name: postgres
restart:
always
environment:
- 'POSTGRES_USER=confluence'
- 'POSTGRES_PASSWORD=password'
- 'POSTGRES_DB=confluence'
- 'POSTGRES_ENCODING=UTF8'
- 'POSTGRES_COLLATE=C'
- 'POSTGRES_COLLATE_TYPE=C'
volumes:
- /data/wiki/pgsql:/var/lib/postgresql/data
- /etc/localtime:/etc/localtime:ro
wiki:
image: wiki:8.7.2.2
container_name: wiki1
restart:
always
ports:
- 8090:8090
- 8091:8091
environment:
- 'JVM_RESERVED_CODE_CACHE_SIZE=512m'
- 'JVM_MINIMUM_MEMORY=2048m'
- 'JVM_MAXIMUM_MEMORY=2048m'
- 'CATALINA_CONNECTOR_PROXYNAME=wiki.waringid.me'
- 'CATALINA_OPTS= -javaagent:/var/atlassian/atlassian-agent.jar -Duser.timezone=GMT+08 -Dconfluence.document.conversion.fontpath=/usr/local/share/fonts/'
- 'CATALINA_CONNECTOR_PROXYPORT=443'
- 'CATALINA_CONNECTOR_SCHEME=https'
volumes:
- /data/wiki/data:/var/atlassian/application-data/confluence
- /etc/localtime:/etc/localtime:ro
- /data/wiki/deps/server.xml:/opt/atlassian/confluence/conf/server.xml
depends_on:
- db
生成序列号
docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \ -p conf -d \ -m a@b.com \ -n name \ -o http://127.0.0.1:8090 \ -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id docker exec wiki1 java -jar /opt/atlassian/confluence/atlassian-agent.jar \ -p com.mxgraph.confluence.plugins.diagramly \ -d -m a@b.com \ -n name \ -o http://127.0.0.1:8090 \ -s BBPJ-TRXY-8MVX-2LDO # 替换为页面上显示的server id docker exec wiki1 java -jar /var/agent/atlassian-agent.jar -p com.tensixtwo.conf.latexmath \ -d -m a@b.com -n name -o http://127.0.0.1:8090 -s BOOR-9D2Y-X97Z-GG1L
备份数据库
pg_dump -U confluence -d confluence -f db_confluence_backup_2024_01_30.sql
添加评论