confluence部署-wiki
1.环境配置
(1)系统:centos7.8
(2)服务器配置:6H12G/500G
(3)IP地址:192.168.176.238
(4)confluence版本:6.14.3
2.系统初始化
(1)关闭selinux
cat /etc/selinux/config | grep -w SELINUX
SELINUX=disabled
(2)修改ssh端口号
grep -rw "Port 16384" /etc/ssh/sshd_config
Port 16384
(3)启动firewalld,放行端口
firewall-cmd --zone=public --add-port=8000/tcp
firewall-cmd --zone=public --add-port=8000/tcp --permanent
firewall-cmd --zone=public --add-port=8090/tcp
firewall-cmd --zone=public --add-port=8090/tcp --permanent
firewall-cmd --zone=public --add-port=16384/tcp
firewall-cmd --zone=public --add-port=16384/tcp --permanent
firewall-cmd --reload
(4)修改主机名
hostnamectl set-hostname gitlab
(5)磁盘格式化
parted /dev/sdb <<EOF #磁盘名称按实际安装填写 mklabel #创建分区表 gpt #修改分区表格式gpt mkpart #创建一个part-type类型的分区 primary #将整块磁盘设置为主分区 ext4 #设置文件系统类型 1 #从1开始 500G #此数值要根据客户提供磁盘大小更改 quit EOF #格式化磁盘 mkfs.xfs -f -n ftype=1 /dev/sdb mkdir -p /data/ # 创建逻辑分区(磁盘同上) yes|pvcreate /dev/sdb #此步骤需要y确认 vgcreate vgdata /dev/sdb # 此处将该卷组全部剩余空间划入本逻辑卷 lvcreate -l +100%FREE -n lvdata vgdata # 格式化逻辑卷 mkfs.xfs -f /dev/vgdata/lvdata # 设置开机自动挂载(手动) echo "/dev/vgdata/lvdata /data xfs defaults 0 0" >> /etc/fstab mount -a && df -Th
(6)内核优化
#修改/etc/security/limits.conf,完成系统性能优化的一些设置 cp /etc/security/limits.conf /etc/security/limits_conf_ori_bak echo "# /etc/security/limits.conf" > /etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#Each line describes a limit for a user in the form:">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#<domain> <type> <item> <value>">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#Where:">>/etc/security/limits.conf echo "#<domain> can be:">>/etc/security/limits.conf echo "# - an user name">>/etc/security/limits.conf echo "# - a group name, with @group syntax">>/etc/security/limits.conf echo "# - the wildcard *, for default entry">>/etc/security/limits.conf echo "# - the wildcard %, can be also used with %group syntax,">>/etc/security/limits.conf echo "# for maxlogin limit">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#<type> can have the two values:">>/etc/security/limits.conf echo "# - \"soft\" for enforcing the soft limits">>/etc/security/limits.conf echo "# - \"hard\" for enforcing hard limits">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#<item> can be one of the following:">>/etc/security/limits.conf echo "# - core - limits the core file size (KB)">>/etc/security/limits.conf echo "# - data - max data size (KB)">>/etc/security/limits.conf echo "# - fsize - maximum filesize (KB)">>/etc/security/limits.conf echo "# - memlock - max locked-in-memory address space (KB)">>/etc/security/limits.conf echo "# - nofile - max number of open files">>/etc/security/limits.conf echo "# - rss - max resident set size (KB)">>/etc/security/limits.conf echo "# - stack - max stack size (KB)">>/etc/security/limits.conf echo "# - cpu - max CPU time (MIN)">>/etc/security/limits.conf echo "# - nproc - max number of processes">>/etc/security/limits.conf echo "# - as - address space limit (KB)">>/etc/security/limits.conf echo "# - maxlogins - max number of logins for this user">>/etc/security/limits.conf echo "# - maxsyslogins - max number of logins on the system">>/etc/security/limits.conf echo "# - priority - the priority to run user process with">>/etc/security/limits.conf echo "# - locks - max number of file locks the user can hold">>/etc/security/limits.conf echo "# - sigpending - max number of pending signals">>/etc/security/limits.conf echo "# - msgqueue - max memory used by POSIX message queues (bytes)">>/etc/security/limits.conf echo "# - nice - max nice priority allowed to raise to values: [-20, 19]">>/etc/security/limits.conf echo "# - rtprio - max realtime priority">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo "#<domain> <type> <item> <value>">>/etc/security/limits.conf echo "#">>/etc/security/limits.conf echo >>/etc/security/limits.conf echo "#* soft core 0">>/etc/security/limits.conf echo "#* hard rss 10000">>/etc/security/limits.conf echo "#@student hard nproc 20">>/etc/security/limits.conf echo "#@faculty soft nproc 20">>/etc/security/limits.conf echo "#@faculty hard nproc 50">>/etc/security/limits.conf echo "#ftp hard nproc 0">>/etc/security/limits.conf echo "#@student - maxlogins 4">>/etc/security/limits.conf echo "* soft core unlimited">>/etc/security/limits.conf echo "* hard core unlimited">>/etc/security/limits.conf echo "* soft data unlimited">>/etc/security/limits.conf echo "* hard data unlimited">>/etc/security/limits.conf echo "* soft fsize unlimited">>/etc/security/limits.conf echo "* hard fsize unlimited">>/etc/security/limits.conf echo "* soft memlock unlimited">>/etc/security/limits.conf echo "* hard memlock unlimited">>/etc/security/limits.conf echo "* soft nofile 1024000">>/etc/security/limits.conf echo "* hard nofile 1024000">>/etc/security/limits.conf echo "* soft rss unlimited">>/etc/security/limits.conf echo "* hard rss unlimited">>/etc/security/limits.conf echo "* soft stack unlimited">>/etc/security/limits.conf echo "* hard stack unlimited">>/etc/security/limits.conf echo "$user soft nproc 102400">>/etc/security/limits.conf echo "$user hard nproc 102400">>/etc/security/limits.conf echo "* soft locks unlimited">>/etc/security/limits.conf echo "* hard locks unlimited">>/etc/security/limits.conf echo "* soft sigpending unlimited">>/etc/security/limits.conf echo "* hard sigpending unlimited">>/etc/security/limits.conf echo "* soft msgqueue unlimited">>/etc/security/limits.conf echo "* hard msgqueue unlimited">>/etc/security/limits.conf echo >>/etc/security/limits.conf echo "# End of file">>/etc/security/limits.conf find /etc/security/limits.d/ -name "*nproc*" | while read line;do sed -i 's/.*soft nproc.*/* soft nproc 102400/' $line;done #修改/etc/sysctl.conf cp /etc/sysctl.conf /etc/sysctl.conf_bak echo "kernel.sysrq = 0" >> /etc/sysctl.conf echo "kernel.core_uses_pid = 1" >> /etc/sysctl.conf echo "kernel.msgmnb = 65536" >> /etc/sysctl.conf echo "kernel.msgmax = 65536" >> /etc/sysctl.conf echo "kernel.shmmax = 68719476736" >> /etc/sysctl.conf echo "kernel.shmall = 4294967296" >> /etc/sysctl.conf echo "net.ipv4.ip_forward = 0" >> /etc/sysctl.conf echo "net.core.somaxconn = 65535" >> /etc/sysctl.conf echo "net.core.wmem_max=12582912" >> /etc/sysctl.conf echo "net.core.rmem_max=12582912" >> /etc/sysctl.conf echo "net.core.netdev_max_backlog = 655360" >> /etc/sysctl.conf echo "net.ipv4.conf.default.rp_filter = 1" >> /etc/sysctl.conf echo "net.ipv4.conf.default.accept_source_route = 0" >> /etc/sysctl.conf echo "net.ipv4.tcp_syncookies = 1" >> /etc/sysctl.conf echo "net.ipv4.tcp_tw_reuse = 0" >> /etc/sysctl.conf echo "net.ipv4.tcp_tw_recycle = 0" >> /etc/sysctl.conf echo "net.ipv4.ip_local_port_range = 1024 65000" >> /etc/sysctl.conf echo "net.ipv4.tcp_max_tw_buckets = 600000" >> /etc/sysctl.conf echo "net.ipv4.tcp_abort_on_overflow = 1" >> /etc/sysctl.conf echo "net.ipv4.tcp_rmem= 1024 102400 12582912" >> /etc/sysctl.conf echo "net.ipv4.tcp_wmem= 1024 102400 12582912" >> /etc/sysctl.conf echo "fs.file-max = 1200000" >> /etc/sysctl.conf echo "net.nf_conntrack_max=1200000" >> /etc/sysctl.conf echo "net.ipv4.tcp_max_syn_backlog = 655360" >> /etc/sysctl.conf #设置系统共享内存的最大值 sysctl -w kernel.shmmax=16000000000 #可以生产core文件,方便定位问题 ulimit -c unlimited #设置最大文件限制 ulimit -n 10000
(7)confluence部署
部署参考文档:
https://www.cnblogs.com/ministep/p/15900860.html
注意:默认端口8090、8000,我这边修改为8091、8000,需要在firewalld放行
[root@localhost package]# ./atlassian-confluence-6.14.3-x64.bin Unpacking JRE ... Starting Installer ... This will install Confluence 6.14.3 on your computer. OK [o, Enter], Cancel [c] o Click Next to continue, or Cancel to exit Setup. Choose the appropriate installation or upgrade option. Please choose one of the following: Express Install (uses default settings) [1], Custom Install (recommended for advanced users) [2, Enter], Upgrade an existing Confluence installation [3] 2 Select the folder where you would like Confluence 6.14.3 to be installed, then click Next. Where should Confluence 6.14.3 be installed? [/opt/atlassian/confluence] /data/atlassian/confluence Default location for Confluence data [/var/atlassian/application-data/confluence] /data/atlassian/application-data/confluence Configure which ports Confluence will use. Confluence requires two TCP ports that are not being used by any other applications on this machine. The HTTP port is where you will access Confluence through your browser. The Control port is used to Startup and Shutdown Confluence. Use default ports (HTTP: 8090, Control: 8000) - Recommended [1, Enter], Set custom value for HTTP and Control ports [2] 2 HTTP Port Number [8090] 8091 Control Port Number [8000] 8000 Confluence can be run in the background. You may choose to run Confluence as a service, which means it will start automatically whenever the computer restarts. Install Confluence as Service? Yes [y, Enter], No [n] y Extracting files ... Please wait a few moments while we configure Confluence. Installation of Confluence 6.14.3 is complete Start Confluence now? Yes [y, Enter], No [n] y Please wait a few moments while Confluence starts up. Launching Confluence ... Installation of Confluence 6.14.3 is complete Your installation of Confluence 6.14.3 is now ready and can be accessed via your browser. Confluence 6.14.3 can be accessed at http://localhost:8091 Finishing installation ...
#服务器部署完成,接下来就是页面登陆设置
(8)web页面配置与激活
1.登陆方式:http://172.16.4.60:8091
2.选择安装插件:
3.下载破解工具
我们使用注册机破解对confluence进行破解,因为confluence不是免费开源的,需要授权码
破解工具下载链接:https://pan.baidu.com/s/1AJ5BgwA5itJjnFeUh1xHMg 密码:yqzd
4.解压破解工具
5.从刚刚安装的目录重导出jar包进行破解:
sz /data/atlassian/confluence/confluence/WEB-INF/lib/atlassian-extras-decoder-v2-3.4.1.jar
并改名为:atlassian-extras-2.4.jar
#需要注意:windows电脑需要提前安装好JDK环境
#需要注意:Name不能低于6位,所以后边修改了
此时先别不要着急将生成的授权码粘贴到刚刚的web页面中,还有后续操作:
1.接下来我们把刚刚导出来改名并使用注册机注册的jar包导回到Centos7中,并把名字改为原来的名字
mv atlassian-extras-2.4.jar atlassian-extras-decoder-v2-3.4.1.jar mv atlassian-extras-decoder-v2-3.4.1.jar /data/atlassian/confluence/confluence/WEB-INF/lib/
2.并重启confluence:
sh /data/atlassian/confluence/bin/stop-confluence.sh sh /data/atlassian/confluence/bin/start-confluence.sh
3.回到我们web页面:http://172.16.4.60:8091
4.复制授权码并粘贴:
5.设置数据库连接
5.1 说明:后面的我们可以选择内嵌数据库,也可以选择外部数据库,测试的话直接使用内嵌就行,但是生产环境建议大家使用外部数据库
此处需要注意的是,需要自己单独下载安装MySQL驱动:
https://www.w3resource.com/mysql/mysql-java-connection.php
下载驱动:
https://dev.mysql.com/downloads/connector/j/
5.2 设置连接mysql驱动
ls /data/atlassian/confluence/confluence/WEB-INF/lib/mysql-connector-java* cd /data/package/mysql-connector-java-5.1.48 cp -f mysql-connector-java-5.1.48.jar /data/atlassian/confluence/confluence/WEB-INF/lib/ ls /data/atlassian/confluence/confluence/WEB-INF/lib/mysql-connector-java*
此外Confluence对数据库配置参数有一定的要求,具体详情请看:https://confluence.atlassian.com/doc/database-setup-for-mysql-128747.html
5.3 创建Confluence专用的数据库,配置时会自动进行初始化。
create database confluence default character set utf8 collate utf8_bin ;
grant all on confluence.* to 'confluenceuser'@'%' identified by 'keshen@1234' ;
flush privileges;
5.4 按照上面的要求配置完毕后,重启mysql
5.5 重启confluence:
# sh /data/atlassian/confluence/bin/stop-confluence.sh
# sh /data/atlassian/confluence/bin/start-confluence.sh
5.6 数据库测试通过后,进行下一步:
5.7 遇到问题
5.8 登陆mysql数据库,执行如下操作:
mysql -uroot -P23306 -h127.0.0.1 -p
set global transaction isolation level read committed;
flush privileges;
5.9 数据库连接通过
5.10 设置站点
5.11 在Confluence中管理用户和组
5.12 配置系统管理员账号
5.13 设置完成
5.12 发现问题
问题1:暂时不解决
问题2:
[mysqld]
innodb_log_file_size=512M
问题3:
[mysqld]
max_allowed_packet=64M
5.13 协同编辑报错,需要Confluence 关闭ssl
第一处关闭:
vim /data/atlassian/application-data/confluence/confluence.cfg.xml
第二处关闭:
vim /data/atlassian/confluence/confluence/setup/includes/js/setup-select-database-type.js
5.14 重启mysql、confluence服务
5.15 最后展示
(8)部署mysql5.7
参考文档:https://blog.csdn.net/li1325169021/article/details/121515102
(9)邮箱配置
参考文档:https://blog.csdn.net/m0_38039437/article/details/114528955
(10)解决OutOfMemoryError问题
参考文档:https://blog.csdn.net/wawa8899/article/details/125624906
(11)服务启动
#mysql5.7启动
docker restart mysql
#wiki启动
cd /data/atlassian/confluence/bin
start-confluence.sh
