Migrating Confluence instance to Kubernetes
プラットフォームについて: Data Center - この記事は、Data Center プラットフォームのアトラシアン製品に適用されます。
このナレッジベース記事は製品の Data Center バージョン用に作成されています。Data Center 固有ではない機能の Data Center ナレッジベースは、製品のサーバー バージョンでも動作する可能性はありますが、テストは行われていません。サーバー*製品のサポートは 2024 年 2 月 15 日に終了しました。サーバー製品を利用している場合は、アトラシアンのサーバー製品のサポート終了のお知らせページにて移行オプションをご確認ください。
*Fisheye および Crucible は除く
要約
This document has the purpose to provide instructions for migrating a Confluence Server or DC instance, running on physical hosts or virtual machines, to a Kubernetes cluster.
環境
- Confluence instance either DC or Server v7.19.x.
- Backend Postgres database installed on a separated host and accessible by the Kubernetes cluster.
ソリューション
Please follow the steps outlined below to complete this migration:
- Create a volume named connie-confluence-shared-home for hosting Confluence shared home in the Kubernetes cluster.
- Transfer to the volume created above:
- The content of the shared home folder if the migration is from a Confluence DC instance with clustering enabled.
The content of the folder named shared-home if the migration is from Server or Non Clustered instance.
Once the copy has been completed, the file confluence.cfg.xml will appear like the one below:<?xml version="1.0" encoding="UTF-8"?> <confluence-configuration> <setupStep>complete</setupStep> <setupType>custom</setupType> <buildNumber>8804</buildNumber> <properties> <property name="access.mode">READ_WRITE</property> <property name="atlassian.license.message">--- LICENSE KEY ----</property> <property name="hibernate.setup">true</property> <property name="jwt.private.key">--- JWT private key ---</property> <property name="jwt.public.key">--- JWT private key ---</property> <property name="lucene.index.dir">${localHome}/index</property> <property name="synchrony.service.authtoken">--- Synchrony auth Token ---</property> </properties> </confluence-configuration>confluence.cfg.xml needs to be modified to enable the clustering configuration, the section to be added is enclosed between the comments Enable clustering:
<?xml version="1.0" encoding="UTF-8"?> <confluence-configuration> <setupStep>complete</setupStep> <setupType>cluster</setupType> <buildNumber>8804</buildNumber> <properties> <property name="access.mode">READ_WRITE</property> <property name="atlassian.license.message">--- LICENSE KEY ----</property> <property name="hibernate.setup">true</property> <property name="jwt.private.key">--- JWT private key ---</property> <property name="jwt.public.key">--- JWT private key ---</property> <property name="lucene.index.dir">${localHome}/index</property> <property name="hibernate.setup">true</property> <property name="synchrony.service.authtoken">--- Synchrony auth Token ---</property> <!-- Enable clustering --> <property name="confluence.cluster">true</property> <property name="confluence.cluster.authentication.enabled">true</property> <property name="confluence.cluster.authentication.secret">73bf51061d2e1f3e73f643374a6d3f2ced8371f3</property> <!-- Enable clustering : in the line above it is advised to change the secret value --> </properties> </confluence-configuration>
Besides this file make sure to copy the attachments folder to this PV from the Confluence Server instance.
Make sure that the ownership of the files in the PV is assigned to user and group 2002, e.g. running the below command:
sudo chown -R 2002:2002 <SHARED_HOME_PATH>Create a secret for storing the Confluence DC License (replace
$CONNIELICENSEwith the appropriate value all in one line):kubectl create secret generic connielicense --from-literal=license-key="$CONNIELICENSE" -n confluenceCreate a secret to store the DB credentials (replace
$DBPASSWORDand$DBUSERwith the appropriate values):kubectl create secret generic conniedb --from-literal=username=$DBUSER --from-literal=password=$DBPASSWORD -n confluenceCreate the following
values.yaml(replacing the values starting with $ appropriately and any other value that doesn't fit your needs)replicaCount: 1 image: repository: atlassian/confluence pullPolicy: IfNotPresent tag: "7.19.18" serviceAccount: create: true name: imagePullSecrets: [] annotations: {} role: create: true clusterRole: create: true name: roleBinding: create: true clusterRoleBinding: create: true name: eksIrsa: roleArn: database: type: mysql url: jdbc:postgresql://POSTGRESQL_CONNECTION_STRING credentials: secretName: conniedb usernameSecretKey: username passwordSecretKey: password volumes: localHome: persistentVolumeClaim: create: true storageClassName: $STORAGE_CLASS resources: requests: storage: 100Gi customVolume: {} mountPath: "/var/atlassian/application-data/confluence" sharedHome: persistentVolumeClaim: create: false customVolume: persistentVolumeClaim: claimName: connie-confluence-shared-home mountPath: "/var/atlassian/application-data/shared-home" subPath: nfsPermissionFixer: enabled: true mountPath: "/shared-home" imageRepo: alpine imageTag: latest command: synchronyHome: persistentVolumeClaim: create: true storageClassName: $STORAGE_CLASS resources: requests: storage: 5Gi customVolume: { } mountPath: "/var/atlassian/application-data/confluence" additional: [] additionalSynchrony: [] defaultPermissionsMode: 484 ingress: create: false host: $FULLY_QUALIFIED_DOMAIN_NAME_CONFLUENCE_SITE confluence: service: port: 80 type: ClusterIP loadBalancerIP: annotations: {} securityContextEnabled: true securityContext: fsGroup: 2002 containerSecurityContext: {} umask: "0022" setPermissions: true ports: http: 8090 hazelcast: 5701 license: secretName: connielicense secretKey: license-key readinessProbe: initialDelaySeconds: 10 periodSeconds: 5 failureThreshold: 6 accessLog: enabled: true mountPath: "/opt/atlassian/confluence/logs" localHomeSubPath: "logs" clustering: enabled: true usePodNameAsClusterNodeName: true s3AttachmentsStorage: bucketName: bucketRegion: endpointOverride: resources: jvm: maxHeap: "1g" minHeap: "1g" reservedCodeCache: "256m" container: requests: cpu: "2" memory: "2G" shutdown: terminationGracePeriodSeconds: 25 command: "/shutdown-wait.sh" forceConfigUpdate: false additionalJvmArgs: [] additionalLibraries: [] additionalBundledPlugins: [] additionalVolumeMounts: [] additionalEnvironmentVariables: [] additionalPorts: [] additionalVolumeClaimTemplates: [] topologySpreadConstraints: [] jvmDebug: enabled: false synchrony: enabled: true replicaCount: 1 podAnnotations: {} service: port: 80 type: ClusterIP loadBalancerIP: annotations: {} securityContextEnabled: true securityContext: fsGroup: 2002 containerSecurityContext: {} setPermissions: true ports: http: 8091 hazelcast: 5701 readinessProbe: healthcheckPath: "/synchrony/heartbeat" initialDelaySeconds: 5 periodSeconds: 1 failureThreshold: 10 resources: jvm: minHeap: "1g" maxHeap: "2g" stackSize: "2048k" container: requests: cpu: "2" memory: "2.5G" additionalJvmArgs: [] shutdown: terminationGracePeriodSeconds: 25 additionalLibraries: [] additionalVolumeMounts: [] additionalPorts: [] topologySpreadConstraints: []Deploy using the above
values.yamlrunning:helm install connie atlassian-data-center/confluence --namespace confluence --values connie-values.yaml- Once the deployment is completed, check that the Confluence instance running on Kubernetes can be accessed correctly and the attachments are accessible.