From eedd1cb308ab8b14332de606b1fb79ab1b3b56a1 Mon Sep 17 00:00:00 2001 From: Baptiste Mesta Date: Thu, 31 Mar 2022 15:23:51 +0200 Subject: [PATCH 1/8] Update doc for bonita 2022.1 --- bonita/content.md | 456 +++++++++++++++++----------------------------- bonita/stack.yml | 14 +- 2 files changed, 177 insertions(+), 293 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index e96867525e29..7ac113d15fbf 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -1,6 +1,6 @@ # What is Bonita? -Bonita (called Bonita BPM till 7.5) is an open-source business process management and workflow suite created in 2001. It was started in France National Institute for Research in Computer Science, and then had incubated several years inside the French computer science company Groupe Bull. Since 2009, the development of Bonita is supported by a company dedicated to this activity: Bonitasoft. +Bonita is an open-source business process management and workflow suite created in 2001. It was started in France National Institute for Research in Computer Science, and then had incubated several years inside the French computer science company Groupe Bull. Since 2009, the development of Bonita is supported by a company dedicated to this activity: Bonitasoft. > [wikipedia.org/wiki/Bonita_BPM](http://en.wikipedia.org/wiki/Bonita_BPM) @@ -14,258 +14,190 @@ Bonita (called Bonita BPM till 7.5) is an open-source business process managemen $ docker run --name bonita -d -p 8080:8080 %%IMAGE%% ``` -This will start a container running [Bonita runtime](https://documentation.bonitasoft.com/bonita/2021.2/tomcat-bundle): a Tomcat bundle with Bonita Engine + Bonita Portal. With no environment variables specified, it's as if you have launched the bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). Bonita uses a H2 database here. +This will start a container running [Bonita runtime](https://documentation.bonitasoft.com/bonita/2022.1/tomcat-bundle): a Tomcat bundle with Bonita Engine + Bonita Portal. With no environment variables specified, it's as if you have launched the bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). Bonita uses a H2 database here. You can access the Bonita Portal on http://localhost:8080/bonita and login using the default credentials: install / install ## Link Bonita to a database -### PostgreSQL +The H2 database allows the Bonita container to work out of the box, but it is not recommended outside a development environment. -PostgreSQL is the recommended database. +As PostgreSQL is the recommended database for qualification and production environments, follow one of these next sections to configure your Bonita container to run on PostgreSQL database. +You can work with either a PostgreSQL Container, or PostgreSQL as an installed service. -[Set max_prepared_transactions to 100](https://documentation.bonitasoft.com/bonita/2021.2/database-configuration#_postgresql): +### PostgreSQL Container -```console -$ mkdir -p custom_postgres -$ echo '#!/bin/bash' > custom_postgres/bonita.sh -$ echo 'sed -i "s/^.*max_prepared_transactions\s*=\s*\(.*\)$/max_prepared_transactions = 100/" "$PGDATA"/postgresql.conf' >> custom_postgres/bonita.sh -$ chmod +x custom_postgres/bonita.sh -``` -Mount that directory location as /docker-entrypoint-initdb.d inside the PostgreSQL container: +From Bonita 2022.1 onwards, the Bonita docker image does not include configuration scripts for Postgres -```console -$ docker run --name mydbpostgres -v "$PWD"/custom_postgres/:/docker-entrypoint-initdb.d -e POSTGRES_PASSWORD=mysecretpassword -d postgres:11 -``` -See the [official PostgreSQL documentation](https://hub.docker.com/_/postgres/) for more details. +Therefore the PostgreSQL container needs to be configured to work with Bonita before starting the Bonita container. +The configuration of a PostgreSQL database to work with Bonita is described in detail in the xref:database-configuration.adoc[database configuration page]. + +Alternatively, Bonita provides a preconfigured [PostgreSQL image](https://hub.docker.com/r/bonitasoft/bonita-postgres) on docker-hub. + +You can run the image with the following command: -```console -$ docker run --name bonita_postgres --link mydbpostgres:postgres -d -p 8080:8080 %%IMAGE%% ``` - -### MySQL - -There are known issues with the management of XA transactions by MySQL engine and driver: see MySQL bug [17343](http://bugs.mysql.com/bug.php?id=17343) - -[Increase the packet size](https://documentation.bonitasoft.com/bonita/2021.2/database-configuration#_maximum_packet_size) which is set by default to 1M: - -```console -$ mkdir -p custom_mysql -$ echo "[mysqld]" > custom_mysql/bonita.cnf -$ echo "max_allowed_packet=16M" >> custom_mysql/bonita.cnf +docker run --name mydbpostgres -h -v :/opt/bonita_lic/ -d bonitasoft/bonita-postgres:12.6 ``` -Mount that directory location as /etc/mysql/conf.d inside the MySQL container: +This image is built from the following [GitHub repository](https://github.com/Bonitasoft-Community/bonita-database-docker/tree/main/postgres/12), which can be further adapted/customized to suit your needs. -```console -$ docker run --name mydbmysql -v "$PWD"/custom_mysql/:/etc/mysql/conf.d -e MYSQL_ROOT_PASSWORD=mysecretpassword -d mysql:8.0 -``` -See the [official MySQL documentation](https://hub.docker.com/_/mysql/) for more details. +## %%STACK%% -Start your application container to link it to the MySQL container: +Run `docker stack deploy -c stack.yml %%REPO%%` (or `docker-compose -f stack.yml up`), wait for it to initialize completely, and visit `http://swarm-ip:8080`, `http://localhost:8080`, or `http://host-ip:8080` (as appropriate). -```console -$ docker run --name bonita_mysql --link mydbmysql:mysql -d -p 8080:8080 %%IMAGE%% -``` -## Modify default credentials +* Replace `` with the one used in the licence generation command +* leave double `$$` untouched -```console -$ docker run --name=bonita -e "TENANT_LOGIN=tech_user" -e "TENANT_PASSWORD=secret" -e "PLATFORM_LOGIN=pfadmin" -e "PLATFORM_PASSWORD=pfsecret" -d -p 8080:8080 %%IMAGE%% -``` +Run `docker-compose up`, wait for it to initialize completely, and visit `+http://localhost:8080+`, or `+http://host-ip:8080+` (as appropriate). -Now you can access the Bonita Portal on localhost:8080/bonita and login using: `tech_user` / `secret` +### PostgreSQL as an installed service -## %%STACK%% +If you don't want to run your database in a docker container, the following file `env.txt` needs to be configured and provided to the docker run command: -Run `docker stack deploy -c stack.yml %%REPO%%` (or `docker-compose -f stack.yml up`), wait for it to initialize completely, and visit `http://swarm-ip:8080`, `http://localhost:8080`, or `http://host-ip:8080` (as appropriate). +``` +DB_VENDOR=postgres +DB_HOST=172.17.0.2 +DB_PORT=5432 +DB_NAME=custombonitadb +DB_USER=custombonitauser +DB_PASS=custombonitapass +BIZ_DB_NAME=custombusinessdb +BIZ_DB_USER=custombusinessuser +BIZ_DB_PASS=custombusinesspass +``` -## Where to store data +``` +docker run --name=bonita -h --env-file=env.txt -d -p 8080:8080 %%IMAGE%% +``` -Most of the data are stored in a database and can be stored outside the Bonita container as described above using the PostgreSQL or MySQL container. However, some data remains inside the Bonita bundle. Bonita Home is a folder, called `bonita`, which contains configuration, working, and temporary folders and files. There are also log files inside the `logs` folder till Bonita 7.8. +## Start Bonita with custom security credentials -Important note: There are several ways to store data used by applications that run in Docker containers. We encourage users of the `%%REPO%%` images to familiarize themselves with the options available, including: +``` +docker run --name=bonita -h -e "TENANT_LOGIN=tech_user" -e "TENANT_PASSWORD=secret" -e "PLATFORM_LOGIN=pfadmin" -e "PLATFORM_PASSWORD=pfsecret" -d -p 8080:8080 %%IMAGE%% +``` -- Let Docker manage the storage of your data [by writing the files to disk on the host system using its own internal volume management](https://docs.docker.com/engine/tutorials/dockervolumes/#adding-a-data-volume). This is the default and is easy and fairly transparent to the user. The downside is that the files may be hard to locate for tools and applications that run directly on the host system, i.e. outside containers. -- Create a data directory on the host system (outside the container) and [mount this to a directory visible from inside the container](https://docs.docker.com/engine/tutorials/dockervolumes/#mount-a-host-directory-as-a-data-volume). This places the database files in a known location on the host system, and makes it easy for tools and applications on the host system to access the files. The downside is that the user needs to make sure that the directory exists, and that directory permissions and other security mechanisms on the host system are set up correctly. +Now you can access the Bonita Runtime on localhost:8080/bonita and login using: tech_user / secret -The Docker documentation is a good starting point for understanding the different storage options and variations, and there are multiple blogs and forum postings that discuss and give advice in this area. We will simply show the basic procedure here for the latter option above: +## Where data is stored -1. Create a data directory on a suitable volume on your host system, e.g. `/my/own/datadir`. -2. Start your `%%REPO%%` container like this: +Bonita uses tomcat that writes file to a working directory and a temp directory. - docker run --name some-%%REPO%% -v /my/own/datadir:/opt/bonita -d -p 8080:8080 %%IMAGE%%:tag +It can be a good practice to mount the following folders into volumes -The `-v /my/own/datadir:/opt/bonita` part of the command mounts the `/my/own/datadir` directory from the underlying host system as `/opt/bonita` inside the container, where Bonita will deploy the bundle and write data files by default. +* `/opt/bonita/server/temp` +* `/opt/bonita/server/work` -## Migrate from an earlier version of Bonita +## Environment variables -- Stop the container to perform a backup +When you start the bonita image, you can adjust the configuration of the Bonita instance by passing one or more environment variables on the docker run command line. - ```console - $ docker stop bonita_7.9.5_postgres - ``` +### PLATFORM_PASSWORD -- For containers < 7.3.0 : +This environment variable is recommended for you to use the Bonita image. It sets the platform administrator password for Bonita. If it is not specified, the default password `platform` will be used. - - Check where your data are stored +### PLATFORM_LOGIN - ```console - $ docker inspect bonita_7.2.3_postgres - [...] - "Mounts": [ - { - "Source": "/home/user/Documents/Docker/Volumes/bonita_7.2.3_postgres", - "Destination": "/opt/bonita", - "Mode": "", - "RW": true - } - ], - [...] - ``` +This optional environment variable is used in conjunction with PLATFORM_PASSWORD to define the username for the platform administrator. If it is not specified, the default username `platformAdmin` will be used. - - Copy data from the filesystem +### TENANT_PASSWORD - ```console - $ cp -r bonita_7.2.3_postgres bonita_migration - ``` +This environment variable is recommended for you to use the Bonita image. It sets the tenant administrator password for Bonita. If it is not specified, the default password `install` will be used. -- Retrieve the DB container IP +### TENANT_LOGIN - ```console - $ docker inspect --format '{{ .NetworkSettings.IPAddress }}' mydbpostgres - 172.17.0.26 - ``` +This optional environment variable is used in conjunction with TENANT_PASSWORD to define the username for the tenant administrator. If it is not specified, the default username `install` will be used. -- Dump the database - - ```console - $ export PGPASSWORD=mysecretpassword - $ pg_dump -O -x -h 172.17.0.26 -U postgres bonitadb > /tmp/bonitadb.sql - ``` +### MONITORING_USERNAME - Note that businessdb won't be updated with the migration tool but you may want to also backup/move it. +This optional environment variable is used in conjunction with `MONITORING_PASSWORD` to define the access to endpoints protected with [BASIC Auth access](https://en.wikipedia.org/wiki/Basic_access_authentication): it is used for the JMX remote access. If it is not specified, the default monitoring username `monitoring` will be used. -- Load the dump +### MONITORING_PASSWORD - ```console - $ export PGPASSWORD=mysecretpassword - $ psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE USER newbonitauser WITH PASSWORD 'newbonitapass';" - $ psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE DATABASE newbonitadb OWNER newbonitauser;" - $ export PGPASSWORD=newbonitapass - $ cat /tmp/bonitadb.sql | psql -U newbonitauser -h 172.17.0.26 newbonitadb - ``` +This optional environment variable is used in conjunction with `MONITORING_USERNAME` to define the access to endpoints protected with [BASIC Auth access](https://en.wikipedia.org/wiki/Basic_access_authentication): it is used for the JMX remote access. If it is not specified, the default monitoring password `mon1tor1ng_adm1n` will be used. -- Retrieve the last migration tool +### HTTP_API +This optional environment variable is used to enable/disable the Bonita HTTP API. The default value is false, which will deactivate the HTTP API. +From Bonita 2022.1, HTTP API is protected with https://en.wikipedia.org/wiki/Basic_access_authentication[Basic access authentication]. See the following 2 parameters to configure Basic access authentication. - - If you migrate to a version < 7.3.0 +### HTTP_API_USERNAME +This optional environment variable is used to configure the HTTP API Basic access authentication username. The default value is *http-api*. - - get also the target version of the Bonita bundle +### HTTP_API_PASSWORD +This optional environment variable is used to configure the HTTP API Basic access authentication password. There is no default value, and providing a value is mandatory if `HTTP_API=true`. - ```console - cd bonita_migration - wget https://github.com/bonitasoft/bonita-platform-releases/releases/download/2021.2-u0/bonita-migration-distrib-2.55.0.zip - wget https://download.forge.ow2.org/bonita/BonitaBPMCommunity-7.2.4-Tomcat-7.0.67.zip - unzip bonita-migration-distrib-2.55.0.zip - unzip BonitaBPMCommunity-7.2.4-Tomcat-7.0.67.zip - ``` +### JMX_REMOTE_ACCESS +This optional environment variable is used to enable/disable the access to the https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html[JMX console] from a remote machine. + +Default value is *false*. + +The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + +The credentials to connect are the environment variables xref:#MONITORING_USERNAME[MONITORING_USERNAME], xref:#MONITORING_PASSWORD[MONITORING_PASSWORD]. - - Move the previous Home into the new bundle +### REMOTE_IP_VALVE_ENABLED +This optional environment variable allows to activate/deactivate xref:runtime:reverse-proxy-configuration.adoc[reverse proxy redirection]. Default value is *false*. - ```console - mv BonitaBPMCommunity-7.2.4-Tomcat-7.0.67/bonita/ BonitaBPMCommunity-7.2.4-Tomcat-7.0.67/bonita.orig - cp -r BonitaBPMCommunity-7.2.3-Tomcat-7.0.67/bonita/ BonitaBPMCommunity-7.2.4-Tomcat-7.0.67/bonita/ - ``` +### ACCESSLOGS_STDOUT_ENABLED +This optional environment variable allows to activate/deactivate writing Tomcat access logs to standard output. Default value is *false*. - - If you migrate to a version >= 7.3.0 +### ACCESSLOGS_FILES_ENABLED +This optional environment variable allows to activate/deactivate writing Tomcat access logs to a specific file. When activated, will write those logs to `/opt/bonita/logs/` *inside* the docker container. +In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is *false*. - ```console - cd bonita_migration - wget https://github.com/bonitasoft/bonita-platform-releases/releases/download/2021.2-u0/bonita-migration-distrib-2.55.0.zip - unzip bonita-migration-distrib-2.55.0.zip - ``` +### ACCESSLOGS_PATH +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to of the access log file. +Default value is */opt/bonita/logs*. -- Configure the migration tool +### ACCESSLOGS_PATH_APPEND_HOSTNAME +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to append a subdirectory with the *hostname* to the full path of the directory to put access log files into. +Default value is *false*. - ```console - $ cd bonita-migration-distrib-2.55.0 - ``` +### ACCESSLOGS_MAX_DAYS +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*. - edit the migration tool config to point towards the copy of bonita home and db +### HTTP_MAX_THREADS +This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. +More information on the usefulness of this parameter can be found https://tomcat.apache.org/tomcat-9.0-doc/config/http.html[here]. Default value is *20*. - ```console - $ vim Config.properties - ``` +### JAVA_OPTS +This optional environment variable is used to customize JAVA_OPTS. The default value is -Xms1024m -Xmx1024m -XX:MaxPermSize=256m. +The syntax to use is `-e JAVA_OPTS="-Xms2048m -Xmx2048m -XX:MaxPermSize=1024m"` - For example : +### DB_VENDOR +This environment variable is automatically set to postgres or mysql if the Bonita container is linked to a PostgreSQL or MySQL database using --link. The default value is h2. It can be overridden if you don't use the --link capability. - db.vendor=postgres - db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb - db.driverClass=org.postgresql.Driver - db.user=newbonitauser - db.password=newbonitapass - # location of the bonita home (only useful when migration from version before 7.3.0) - bonita.home=/home/user/Documents/Docker/Volumes/bonita_migration/BonitaBPMCommunity-7.2.3-Tomcat-7.0.67/bonita +### DB_HOST, DB_PORT +These variables are optional, used in conjunction to configure the bonita image to reach the database instance. There are automatically set if --link is used to run the container. -- Launch the migration +### DB_NAME, DB_USER, DB_PASS - ```console - $ cd bin - $ ./bonita-migration-distrib - ``` +These variables are used in conjunction to create a new user, set that user's password, and create the bonita database. -- Launch the new container pointing towards the copy of DB and filesystem +`DB_NAME` default value is bonitadb. - - If < 7.3.0 +`DB_USER` default value is bonitauser. - ```console - $ docker run --name=bonita_postgres --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -v "$PWD"/bonita_migration:/opt/bonita/ -d -p 8081:8080 %%IMAGE%%:7.2.4 - ``` +`DB_PASS` default value is bonitapass. - - If >= 7.3.0 +### BIZ_DB_NAME, BIZ_DB_USER, BIZ_DB_PASS - ```console - $ docker run --name=bonita_postgres --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -d -p 8081:8080 %%IMAGE%%:2021.2-u0 - ``` +These variables are used in conjunction to create a new user, set that user's password and create the bonita business database. -- Reapply specific configuration if needed, for example with a version >= 7.3.0 : +`BIZ_DB_NAME` default value is businessdb. - ```console - $ docker exec -ti bonita_postgres /bin/bash - ``` +`BIZ_DB_USER` default value is businessuser. - ```console - $ cd /opt/bonita/BonitaCommunity-2021.2-u0/setup - $ ./setup.sh pull - $ TENANT_LOGIN=tech_user - $ TENANT_PASSWORD=secret - $ PLATFORM_LOGIN=pfadmin - $ PLATFORM_PASSWORD=pfsecret - $ sed -e 's/^#userName\s*=.*/'"userName=${TENANT_LOGIN}"'/' \ - -e 's/^#userPassword\s*=.*/'"userPassword=${TENANT_PASSWORD}"'/' \ - -i platform_conf/current/tenants/1/tenant_engine/bonita-tenant-community-custom.properties - $ sed -e 's/^platform.tenant.default.username\s*=.*/'"platform.tenant.default.username=${TENANT_LOGIN}"'/' \ - -e 's/^platform.tenant.default.password\s*=.*/'"platform.tenant.default.password=${TENANT_PASSWORD}"'/' \ - -i platform_conf/current/platform_portal/platform-tenant-config.properties - $ sed -e 's/^#platformAdminUsername\s*=.*/'"platformAdminUsername=${PLATFORM_LOGIN}"'/' \ - -e 's/^#platformAdminPassword\s*=.*/'"platformAdminPassword=${PLATFORM_PASSWORD}"'/' \ - -i platform_conf/current/platform_engine/bonita-platform-community-custom.properties - $ sed -i -e 's/^#GET|/GET|/' -e 's/^#POST|/POST|/' -e 's/^#PUT|/PUT|/' -e 's/^#DELETE|/DELETE|/' -i platform_conf/current/tenants/1/tenant_portal/dynamic-permissions-checks.properties - $ ./setup.sh push - ``` +`BIZ_DB_PASS` default value is businesspass. - ```console - $ docker restart bonita_postgres - ``` -- Specific consideration regarding migration to Java 11 in Bonita 7.9 +## Logger configuration - Bonita 7.9 docker image runs with Java 11. If you are migrating from an earlier version which runs Java 8, you should validate on a test environment that your custom code is compatible. Aside from just code incompatibility, special attention has to be given to the dependencies of the custom code, as they might not work in Java 11. +The logger can be configured by mounting a volume on folder `/opt/bonita/conf/logs` containing the configuration files. -For more details regarding Bonita migration, see the [documentation](https://documentation.bonitasoft.com/bonita/2021.2/migrate-from-an-earlier-version-of-bonita-bpm). +the volume must contain the 2 files +[log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) +and +[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) ## Security @@ -273,138 +205,90 @@ This Docker image activates both static and dynamic authorization checks by defa - REST API authorization - - [Static authorization checking](https://documentation.bonitasoft.com/bonita/2021.2/rest-api-authorization#static_authorization) + - [Static authorization checking](https://documentation.bonitasoft.com/bonita/2022.1/rest-api-authorization#static_authorization) - - [Dynamic authorization checking](https://documentation.bonitasoft.com/bonita/2021.2/rest-api-authorization#dynamic_authorization) +- [HTTP API](https://documentation.bonitasoft.com/bonita/2022.1/rest-api-authorization#_activating_and_deactivating_authorization) -- [HTTP API](https://documentation.bonitasoft.com/bonita/2021.2/rest-api-authorization#_activating_and_deactivating_authorization) - -For specific needs you can override this behavior by setting HTTP_API to true and REST_API_DYN_AUTH_CHECKS to false: +For specific needs you can override this behavior by setting HTTP_API to true: ```console -$ docker run -e HTTP_API=true -e REST_API_DYN_AUTH_CHECKS=false --name bonita -d -p 8080:8080 %%IMAGE%% +$ docker run -e HTTP_API=true --name bonita -d -p 8080:8080 %%IMAGE%% ``` -## Environment variables - -When you start the `bonita` image, you can adjust the configuration of the Bonita instance by passing one or more environment variables on the `docker run` command line. - -### `PLATFORM_PASSWORD` +## Update from an earlier version of -This environment variable [is recommended](https://documentation.bonitasoft.com/bonita/2021.2/tomcat-bundle#_platform_administrator) for you to use the Bonita image. It sets the platform administrator password for Bonita. If it is not specified, the default password `platform` will be used. +For updating from a version before 7.10.0, please refere to the documention -### `PLATFORM_LOGIN` - -This optional environment variable is used in conjunction with `PLATFORM_PASSWORD` to define the username for the platform administrator. If it is not specified, the default user `platformAdmin` will be used. - -### `TENANT_PASSWORD` - -This environment variable [is recommended](https://documentation.bonitasoft.com/bonita/2021.2/tomcat-bundle#_tenant_administrator) for you to use the Bonita image. It sets the tenant administrator password for Bonita. If it is not specified, the default password `install` will be used. - -### `TENANT_LOGIN` - -This optional environment variable is used in conjunction with `TENANT_PASSWORD` to define the username for the tenant administrator. If it is not specified, the default user of `install` will be used. - -### `REST_API_DYN_AUTH_CHECKS` - -This optional environment variable is used to enable/disable [dynamic authorization checking](https://documentation.bonitasoft.com/bonita/2021.2/rest-api-authorization#dynamic_authorization) on Bonita REST API. The default value is `true`, which will activate dynamic authorization checking. - -### `HTTP_API` - -This optional environment variable is used to enable/disable the Bonita HTTP API. The default value is `false`, which will deactivate the HTTP API. - -### `JAVA_OPTS` - -This optional environment variable is used to customize JAVA_OPTS. The default value is `-Xms1024m -Xmx1024m`. - -### `ENSURE_DB_CHECK_AND_CREATION` - -This optional environment variable is used to allow/disallow the SQL queries to automatically check and create the databases using the database administrator credentials. The default value is `true`. - -### `DB_VENDOR` - -This environment variable is automatically set to `postgres` or `mysql` if the Bonita container is linked to a PostgreSQL or MySQL database using `--link`. The default value is `h2`. It can be overridden if you don't use the `--link` capability. - -### `DB_HOST`, `DB_PORT` - -These variables are optional, used in conjunction to configure the `bonita` image to reach the database instance. There are automatically set if `--link` is used to run the container. - -### `DB_NAME`, `DB_USER`, `DB_PASS` - -These variables are used in conjunction to create a new user, set that user's password, and create the `bonita` database. - -`DB_NAME` default value is `bonitadb`. - -`DB_USER` default value is `bonitauser`. - -`DB_PASS` default value is `bonitapass`. - -### `BIZ_DB_NAME`, `BIZ_DB_USER`, `BIZ_DB_PASS` - -These variables are used in conjunction to create a new user, set that user's password and create the `bonita` [business database](https://documentation.bonitasoft.com/bonita/2021.2/define-and-deploy-the-bdm#_business_data_model_bdm). - -`BIZ_DB_NAME` default value is `businessdb`. - -`BIZ_DB_USER` default value is `businessuser`. - -`BIZ_DB_PASS` default value is `businesspass`. - -### `DB_ADMIN_USER`, `DB_ADMIN_PASS` - -These variables are optional, and used in conjunction to create users and databases through the administrator account used on the database instance. - -`DB_ADMIN_USER` if no value is provided, this is automatically set to `root` with MySQL or `postgres` with PostgreSQL. +- Stop the container to perform a backup -`DB_ADMIN_PASS` if no value is provided, this is automatically set using the value from the linked container: `MYSQL_ENV_MYSQL_ROOT_PASSWORD` or `POSTGRES_ENV_POSTGRES_PASSWORD`. + ```console + $ docker stop bonita + ``` -### `DB_DROP_EXISTING`, `BIZ_DB_DROP_EXISTING` +- Retrieve the DB container IP -`DB_DROP_EXISTING` and `BIZ_DB_DROP_EXISTING` can be used to drop existing databases in order to reuse an existing database instance. + ```console + $ docker inspect --format '{{ .NetworkSettings.IPAddress }}' mydbpostgres + 172.17.0.26 + ``` -`DB_DROP_EXISTING` default value is `N`. +- Dump the database -`BIZ_DB_DROP_EXISTING` default value is `N`. + ```console + $ export PGPASSWORD=mysecretpassword + $ pg_dump -O -x -h 172.17.0.26 -U postgres bonitadb > /tmp/bonitadb.sql + ``` -### `BONITA_SERVER_LOGGING_FILE`, `BONITA_SETUP_LOGGING_FILE` + Note that businessdb won't be updated with the update tool but you may want to also backup/move it. -Since Bonita 7.9 `BONITA_SERVER_LOGGING_FILE` and `BONITA_SETUP_LOGGING_FILE` can be used to update logging configuration. +- Load the dump -`BONITA_SERVER_LOGGING_FILE` default value is `/opt/bonita/BonitaSubscription-${BONITA_VERSION}/server/conf/logging.properties`. + ```console + $ export PGPASSWORD=mysecretpassword + $ psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE USER newbonitauser WITH PASSWORD 'newbonitapass';" + $ psql -U postgres -h 172.17.0.26 -d postgres -c "CREATE DATABASE newbonitadb OWNER newbonitauser;" + $ export PGPASSWORD=newbonitapass + $ cat /tmp/bonitadb.sql | psql -U newbonitauser -h 172.17.0.26 newbonitadb + ``` -`BONITA_SETUP_LOGGING_FILE` default value is `/opt/bonita/BonitaSubscription-${BONITA_VERSION}/setup/logback.xml`. +- Retrieve the last update tool -# How to extend this image + ```console + wget https://github.com/bonitasoft/bonita-platform-releases/releases/download/2022.1-u0/bonita-update-tool-3.0.0.zip + unzip bonita-update-tool-3.0.0.zip + ``` -If you would like to do additional initialization, you can add a `*.sh` script under `/opt/custom-init.d`. The `startup.sh` file will source any `*.sh` script found in this directory to do further initialization before starting the service. +- Configure the update tool -For example, you can increase the log level : + ```console + $ cd bonita-update-tool-3.0.0 + ``` -```console -$ mkdir -p custom_bonita -$ echo '#!/bin/bash' > custom_bonita/bonita.sh -$ echo 'sed -i "s/^org.bonitasoft.level = WARNING$/org.bonitasoft.level = FINEST/" /opt/bonita/BonitaCommunity-2021.2-u0/server/conf/logging.properties' >> custom_bonita/bonita.sh -$ chmod +x custom_bonita/bonita.sh + edit the update tool config to point towards the copy of bonita home and db -$ docker run --name bonita_custom -v "$PWD"/custom_bonita/:/opt/custom-init.d -d -p 8080:8080 %%IMAGE%% -``` + ```console + $ vim Config.properties + ``` -Since Bonita 7.9 you can also apply a custom `logging.properties` file like this : + For example : -```console -docker run --name bonita \ - -v /path/to/logging.properties:/etc/logging.properties -e BONITA_SERVER_LOGGING_FILE=/etc/logging.properties \ - -d -p 8080:8080 %%IMAGE%% -``` + db.vendor=postgres + db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb + db.driverClass=org.postgresql.Driver + db.user=newbonitauser + db.password=newbonitapass -Note: There are several ways to check the `bonita` logs. Till Bonita 7.8, one of them is +- Launch the update tool -```console -$ docker exec -ti bonita_custom /bin/bash -tail -f /opt/bonita/BonitaCommunity-2021.2-u0/server/logs/bonita.`date +%Y-%m-%d`.log -``` + ```console + $ cd bin + $ ./bonita-update-tool + ``` -Since Bonita 7.9 bonita logs are redirected towards standard output and directly accessible using +- Launch the new container pointing towards the copy of DB and filesystem + + ```console + $ docker run --name=bonita --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -d -p 8081:8080 %%IMAGE%%:2022.1-u0 + ``` -```console -$ docker logs -f bonita -``` +For more details regarding Bonita update and for version before 7.10.0, see the [documentation](https://documentation.bonitasoft.com/bonita/2022.1/version-update/migrate-from-an-earlier-version-of-bonita). \ No newline at end of file diff --git a/bonita/stack.yml b/bonita/stack.yml index 9a502717fff7..2e13bac65702 100644 --- a/bonita/stack.yml +++ b/bonita/stack.yml @@ -3,7 +3,7 @@ version: '3' services: db: - image: postgres:11 + image: postgres:12.6 environment: POSTGRES_PASSWORD: example restart: always @@ -11,7 +11,8 @@ services: - -c - max_prepared_transactions=100 bonita: - image: bonita + image: %%IMAGE%% + hostname: ports: - 8080:8080 environment: @@ -31,15 +32,14 @@ services: - | set -e echo 'Waiting for Postgres to be available' - export PGPASSWORD="$$POSTGRES_ENV_POSTGRES_PASSWORD" + export PGPASSWORD=\$${POSTGRES_ENV_POSTGRES_PASSWORD} maxTries=10 - while [ "$$maxTries" -gt 0 ] && ! psql -h "$$DB_HOST" -U 'postgres' -c '\l'; do + while [[ "$$maxTries" -gt 0 ]] && ! psql -h \$${DB_HOST} -U 'postgres' -c '\l'; do let maxTries-- sleep 1 done - echo - if [ "$$maxTries" -le 0 ]; then + if [[ "$$maxTries" -le 0 ]]; then echo >&2 'error: unable to contact Postgres after 10 tries' exit 1 fi - exec /opt/files/startup.sh + exec /opt/files/startup.sh \ No newline at end of file From cefde36251ca2d4a8c21e018a0c2190e70e38bcf Mon Sep 17 00:00:00 2001 From: Emmanuel Duchastenier Date: Fri, 1 Apr 2022 15:42:59 +0200 Subject: [PATCH 2/8] Cannot use %%IMAGE%% in stack.yml --- bonita/stack.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bonita/stack.yml b/bonita/stack.yml index 2e13bac65702..84bdf7a28b37 100644 --- a/bonita/stack.yml +++ b/bonita/stack.yml @@ -11,7 +11,7 @@ services: - -c - max_prepared_transactions=100 bonita: - image: %%IMAGE%% + image: bonita hostname: ports: - 8080:8080 From 57f62b719f7131a943dbdfc192622b1b70b876f6 Mon Sep 17 00:00:00 2001 From: Emmanuel Duchastenier Date: Fri, 1 Apr 2022 17:21:12 +0200 Subject: [PATCH 3/8] Apply suggestions from code review --- bonita/content.md | 44 ++++++++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index 7ac113d15fbf..3f510cc058af 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -14,7 +14,7 @@ Bonita is an open-source business process management and workflow suite created $ docker run --name bonita -d -p 8080:8080 %%IMAGE%% ``` -This will start a container running [Bonita runtime](https://documentation.bonitasoft.com/bonita/2022.1/tomcat-bundle): a Tomcat bundle with Bonita Engine + Bonita Portal. With no environment variables specified, it's as if you have launched the bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). Bonita uses a H2 database here. +This will start a container running [Bonita runtime](https://documentation.bonitasoft.com/bonita/latest/tomcat-bundle): a Tomcat bundle with Bonita Engine + Bonita Portal. With no environment variables specified, it's as if you have launched the bundle on your host using startup.{sh|bat} (with security hardening on REST and HTTP APIs, cf Security part). Bonita uses a H2 database here. You can access the Bonita Portal on http://localhost:8080/bonita and login using the default credentials: install / install @@ -28,16 +28,16 @@ You can work with either a PostgreSQL Container, or PostgreSQL as an installed s ### PostgreSQL Container -From Bonita 2022.1 onwards, the Bonita docker image does not include configuration scripts for Postgres +From Bonita 2022.1 onwards, the Bonita docker image does not include configuration scripts to automatically create databases and users anymore. Therefore the PostgreSQL container needs to be configured to work with Bonita before starting the Bonita container. -The configuration of a PostgreSQL database to work with Bonita is described in detail in the xref:database-configuration.adoc[database configuration page]. + +The configuration of a PostgreSQL database to work with Bonita is described in details in the [database configuration page](https://documentation.bonitasoft.com/bonita/latest/runtime/database-configuration#postgres_setup). + Alternatively, Bonita provides a preconfigured [PostgreSQL image](https://hub.docker.com/r/bonitasoft/bonita-postgres) on docker-hub. + You can run the image with the following command: ``` -docker run --name mydbpostgres -h -v :/opt/bonita_lic/ -d bonitasoft/bonita-postgres:12.6 +docker run --name mydbpostgres -h -d bonitasoft/bonita-postgres:12.6 ``` This image is built from the following [GitHub repository](https://github.com/Bonitasoft-Community/bonita-database-docker/tree/main/postgres/12), which can be further adapted/customized to suit your needs. @@ -51,11 +51,10 @@ Run `docker stack deploy -c stack.yml %%REPO%%` (or `docker-compose -f stack.yml * Replace `` with the one used in the licence generation command * leave double `$$` untouched -Run `docker-compose up`, wait for it to initialize completely, and visit `+http://localhost:8080+`, or `+http://host-ip:8080+` (as appropriate). ### PostgreSQL as an installed service -If you don't want to run your database in a docker container, the following file `env.txt` needs to be configured and provided to the docker run command: +If you don't want to run your database in a docker container, the following `env.txt` file needs to be configured and provided to the docker run command: ``` DB_VENDOR=postgres @@ -81,7 +80,7 @@ docker run --name=bonita -h -e "TENANT_LOGIN=tech_user" -e "TENANT_PA Now you can access the Bonita Runtime on localhost:8080/bonita and login using: tech_user / secret -## Where data is stored +## Where data are stored Bonita uses tomcat that writes file to a working directory and a temp directory. @@ -145,7 +144,7 @@ This optional environment variable allows to activate/deactivate writing Tomcat In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is *false*. ### ACCESSLOGS_PATH -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to of the access log file. +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to the access log files. Default value is */opt/bonita/logs*. ### ACCESSLOGS_PATH_APPEND_HOSTNAME @@ -157,7 +156,7 @@ If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to ### HTTP_MAX_THREADS This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. -More information on the usefulness of this parameter can be found https://tomcat.apache.org/tomcat-9.0-doc/config/http.html[here]. Default value is *20*. +More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*. ### JAVA_OPTS This optional environment variable is used to customize JAVA_OPTS. The default value is -Xms1024m -Xmx1024m -XX:MaxPermSize=256m. @@ -171,7 +170,7 @@ These variables are optional, used in conjunction to configure the bonita image ### DB_NAME, DB_USER, DB_PASS -These variables are used in conjunction to create a new user, set that user's password, and create the bonita database. +These variables are used in conjunction to define how Bonita should access its database for internal functioning. `DB_NAME` default value is bonitadb. @@ -181,7 +180,8 @@ These variables are used in conjunction to create a new user, set that user's pa ### BIZ_DB_NAME, BIZ_DB_USER, BIZ_DB_PASS -These variables are used in conjunction to create a new user, set that user's password and create the bonita business database. + +These variables are used in conjunction to define how Bonita should access the [Business Data](https://documentation.bonitasoft.com/bonita/latest/data/define-and-deploy-the-bdm) database. `BIZ_DB_NAME` default value is businessdb. @@ -192,12 +192,16 @@ These variables are used in conjunction to create a new user, set that user's pa ## Logger configuration +**Since 2022.1** + The logger can be configured by mounting a volume on folder `/opt/bonita/conf/logs` containing the configuration files. the volume must contain the 2 files [log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) and -[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) +[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml). + +Any change made to one of this 2 files is automatically hot-reloaded and taken into account immediately. ## Security @@ -205,21 +209,21 @@ This Docker image activates both static and dynamic authorization checks by defa - REST API authorization - - [Static authorization checking](https://documentation.bonitasoft.com/bonita/2022.1/rest-api-authorization#static_authorization) + - [Static authorization checking](https://documentation.bonitasoft.com/bonita/latest/rest-api-authorization#static_authorization) - [HTTP API](https://documentation.bonitasoft.com/bonita/2022.1/rest-api-authorization#_activating_and_deactivating_authorization) For specific needs you can override this behavior by setting HTTP_API to true: ```console -$ docker run -e HTTP_API=true --name bonita -d -p 8080:8080 %%IMAGE%% +$ docker run -e HTTP_API=true -e HTTP_API_PASSWORD="My-Cust0m_S3cR3T" --name bonita -d -p 8080:8080 %%IMAGE%% ``` -## Update from an earlier version of +## Update from an earlier version of Bonita -For updating from a version before 7.10.0, please refere to the documention +For updating from a version before 7.10.0, please refer to the [documentation](https://documentation.bonitasoft.com/bonita/latest/version-update/migrate-from-an-earlier-version-of-bonita) -- Stop the container to perform a backup +- Stop the container to perform a database backup ```console $ docker stop bonita @@ -239,7 +243,7 @@ For updating from a version before 7.10.0, please refere to the documention $ pg_dump -O -x -h 172.17.0.26 -U postgres bonitadb > /tmp/bonitadb.sql ``` - Note that businessdb won't be updated with the update tool but you may want to also backup/move it. + Note that businessdb won't be updated by the update tool but you may want to also backup/move it. - Load the dump @@ -264,7 +268,7 @@ For updating from a version before 7.10.0, please refere to the documention $ cd bonita-update-tool-3.0.0 ``` - edit the update tool config to point towards the copy of bonita home and db + edit the update tool configuration file `Config.properties` to point towards the database. ```console $ vim Config.properties @@ -285,7 +289,7 @@ For updating from a version before 7.10.0, please refere to the documention $ ./bonita-update-tool ``` -- Launch the new container pointing towards the copy of DB and filesystem +- Launch the new container pointing towards the copy of the database. ```console $ docker run --name=bonita --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -d -p 8081:8080 %%IMAGE%%:2022.1-u0 From 52edc152e390a68f54e00a35354e2c30c22ee575 Mon Sep 17 00:00:00 2001 From: Emmanuel Duchastenier Date: Fri, 1 Apr 2022 17:34:07 +0200 Subject: [PATCH 4/8] fix(formatting): fix markdown + latest links to doc --- bonita/content.md | 26 +++++++++++++------------- bonita/stack.yml | 8 ++++---- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index 3f510cc058af..daf6253ad8d3 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -93,22 +93,22 @@ It can be a good practice to mount the following folders into volumes When you start the bonita image, you can adjust the configuration of the Bonita instance by passing one or more environment variables on the docker run command line. -### PLATFORM_PASSWORD - -This environment variable is recommended for you to use the Bonita image. It sets the platform administrator password for Bonita. If it is not specified, the default password `platform` will be used. - ### PLATFORM_LOGIN This optional environment variable is used in conjunction with PLATFORM_PASSWORD to define the username for the platform administrator. If it is not specified, the default username `platformAdmin` will be used. -### TENANT_PASSWORD +### PLATFORM_PASSWORD -This environment variable is recommended for you to use the Bonita image. It sets the tenant administrator password for Bonita. If it is not specified, the default password `install` will be used. +This environment variable is recommended for you to use the Bonita image. It sets the platform administrator password for Bonita. If it is not specified, the default password `platform` will be used. ### TENANT_LOGIN This optional environment variable is used in conjunction with TENANT_PASSWORD to define the username for the tenant administrator. If it is not specified, the default username `install` will be used. +### TENANT_PASSWORD + +This environment variable is recommended for you to use the Bonita image. It sets the tenant administrator password for Bonita. If it is not specified, the default password `install` will be used. + ### MONITORING_USERNAME This optional environment variable is used in conjunction with `MONITORING_PASSWORD` to define the access to endpoints protected with [BASIC Auth access](https://en.wikipedia.org/wiki/Basic_access_authentication): it is used for the JMX remote access. If it is not specified, the default monitoring username `monitoring` will be used. @@ -119,7 +119,7 @@ This optional environment variable is used in conjunction with `MONITORING_USERN ### HTTP_API This optional environment variable is used to enable/disable the Bonita HTTP API. The default value is false, which will deactivate the HTTP API. -From Bonita 2022.1, HTTP API is protected with https://en.wikipedia.org/wiki/Basic_access_authentication[Basic access authentication]. See the following 2 parameters to configure Basic access authentication. +From Bonita 2022.1, HTTP API is protected with [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). See the following 2 parameters to configure Basic access authentication. ### HTTP_API_USERNAME This optional environment variable is used to configure the HTTP API Basic access authentication username. The default value is *http-api*. @@ -128,13 +128,13 @@ This optional environment variable is used to configure the HTTP API Basic acces This optional environment variable is used to configure the HTTP API Basic access authentication password. There is no default value, and providing a value is mandatory if `HTTP_API=true`. ### JMX_REMOTE_ACCESS -This optional environment variable is used to enable/disable the access to the https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html[JMX console] from a remote machine. + +This optional environment variable is used to enable/disable the access to the [JMX console](https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html) from a remote machine. + Default value is *false*. + The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + -The credentials to connect are the environment variables xref:#MONITORING_USERNAME[MONITORING_USERNAME], xref:#MONITORING_PASSWORD[MONITORING_PASSWORD]. +The credentials to connect are the environment variables [MONITORING_USERNAME](#MONITORING_USERNAME), [MONITORING_PASSWORD](#MONITORING_PASSWORD). ### REMOTE_IP_VALVE_ENABLED -This optional environment variable allows to activate/deactivate xref:runtime:reverse-proxy-configuration.adoc[reverse proxy redirection]. Default value is *false*. +This optional environment variable allows to activate/deactivate [reverse proxy redirection](https://documentation.bonitasoft.com/bonita/latest/runtime/reverse-proxy-configuration). Default value is *false*. ### ACCESSLOGS_STDOUT_ENABLED This optional environment variable allows to activate/deactivate writing Tomcat access logs to standard output. Default value is *false*. @@ -199,7 +199,7 @@ The logger can be configured by mounting a volume on folder `/opt/bonita/conf/lo the volume must contain the 2 files [log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) and -[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml). +[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) Any change made to one of this 2 files is automatically hot-reloaded and taken into account immediately. @@ -211,7 +211,7 @@ This Docker image activates both static and dynamic authorization checks by defa - [Static authorization checking](https://documentation.bonitasoft.com/bonita/latest/rest-api-authorization#static_authorization) -- [HTTP API](https://documentation.bonitasoft.com/bonita/2022.1/rest-api-authorization#_activating_and_deactivating_authorization) +- [HTTP API](https://documentation.bonitasoft.com/bonita/latest/rest-api-authorization#_activating_and_deactivating_authorization) For specific needs you can override this behavior by setting HTTP_API to true: @@ -295,4 +295,4 @@ For updating from a version before 7.10.0, please refer to the [documentation](h $ docker run --name=bonita --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -d -p 8081:8080 %%IMAGE%%:2022.1-u0 ``` -For more details regarding Bonita update and for version before 7.10.0, see the [documentation](https://documentation.bonitasoft.com/bonita/2022.1/version-update/migrate-from-an-earlier-version-of-bonita). \ No newline at end of file +For more details regarding Bonita update and for version before 7.10.0, see the [documentation](https://documentation.bonitasoft.com/bonita/latest/version-update/migrate-from-an-earlier-version-of-bonita). diff --git a/bonita/stack.yml b/bonita/stack.yml index 84bdf7a28b37..da76a1ec5a01 100644 --- a/bonita/stack.yml +++ b/bonita/stack.yml @@ -32,14 +32,14 @@ services: - | set -e echo 'Waiting for Postgres to be available' - export PGPASSWORD=\$${POSTGRES_ENV_POSTGRES_PASSWORD} + export PGPASSWORD="$$POSTGRES_ENV_POSTGRES_PASSWORD" maxTries=10 - while [[ "$$maxTries" -gt 0 ]] && ! psql -h \$${DB_HOST} -U 'postgres' -c '\l'; do + while [ "$$maxTries" -gt 0 ] && ! psql -h "$$DB_HOST" -U 'postgres' -c '\l'; do let maxTries-- sleep 1 done - if [[ "$$maxTries" -le 0 ]]; then + if [ "$$maxTries" -le 0 ]; then echo >&2 'error: unable to contact Postgres after 10 tries' exit 1 fi - exec /opt/files/startup.sh \ No newline at end of file + exec /opt/files/startup.sh From 6accc9e9777a77d0e890c3fa3f996675bc210e37 Mon Sep 17 00:00:00 2001 From: Emmanuel Duchastenier Date: Mon, 4 Apr 2022 10:16:21 +0200 Subject: [PATCH 5/8] Integrate code review feedbacks --- bonita/content.md | 67 ++++++++++++++++++++++------------------------- 1 file changed, 32 insertions(+), 35 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index daf6253ad8d3..d78584ba6b1c 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -27,36 +27,31 @@ You can work with either a PostgreSQL Container, or PostgreSQL as an installed s ### PostgreSQL Container - From Bonita 2022.1 onwards, the Bonita docker image does not include configuration scripts to automatically create databases and users anymore. - Therefore the PostgreSQL container needs to be configured to work with Bonita before starting the Bonita container. The configuration of a PostgreSQL database to work with Bonita is described in details in the [database configuration page](https://documentation.bonitasoft.com/bonita/latest/runtime/database-configuration#postgres_setup). + Alternatively, Bonita provides a preconfigured [PostgreSQL image](https://hub.docker.com/r/bonitasoft/bonita-postgres) on docker-hub. + You can run the image with the following command: -``` +```bash docker run --name mydbpostgres -h -d bonitasoft/bonita-postgres:12.6 ``` This image is built from the following [GitHub repository](https://github.com/Bonitasoft-Community/bonita-database-docker/tree/main/postgres/12), which can be further adapted/customized to suit your needs. - ## %%STACK%% Run `docker stack deploy -c stack.yml %%REPO%%` (or `docker-compose -f stack.yml up`), wait for it to initialize completely, and visit `http://swarm-ip:8080`, `http://localhost:8080`, or `http://host-ip:8080` (as appropriate). - -* Replace `` with the one used in the licence generation command -* leave double `$$` untouched - +- Replace `` with the one used in the licence generation command +- leave double `$$` untouched ### PostgreSQL as an installed service If you don't want to run your database in a docker container, the following `env.txt` file needs to be configured and provided to the docker run command: -``` +```properties DB_VENDOR=postgres DB_HOST=172.17.0.2 DB_PORT=5432 @@ -68,13 +63,13 @@ BIZ_DB_USER=custombusinessuser BIZ_DB_PASS=custombusinesspass ``` -``` +```bash docker run --name=bonita -h --env-file=env.txt -d -p 8080:8080 %%IMAGE%% ``` ## Start Bonita with custom security credentials -``` +```bash docker run --name=bonita -h -e "TENANT_LOGIN=tech_user" -e "TENANT_PASSWORD=secret" -e "PLATFORM_LOGIN=pfadmin" -e "PLATFORM_PASSWORD=pfsecret" -d -p 8080:8080 %%IMAGE%% ``` @@ -86,8 +81,8 @@ Bonita uses tomcat that writes file to a working directory and a temp directory. It can be a good practice to mount the following folders into volumes -* `/opt/bonita/server/temp` -* `/opt/bonita/server/work` +- `/opt/bonita/server/temp` +- `/opt/bonita/server/work` ## Environment variables @@ -118,54 +113,59 @@ This optional environment variable is used in conjunction with `MONITORING_PASSW This optional environment variable is used in conjunction with `MONITORING_USERNAME` to define the access to endpoints protected with [BASIC Auth access](https://en.wikipedia.org/wiki/Basic_access_authentication): it is used for the JMX remote access. If it is not specified, the default monitoring password `mon1tor1ng_adm1n` will be used. ### HTTP_API -This optional environment variable is used to enable/disable the Bonita HTTP API. The default value is false, which will deactivate the HTTP API. -From Bonita 2022.1, HTTP API is protected with [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). See the following 2 parameters to configure Basic access authentication. + +This optional environment variable is used to enable/disable the Bonita HTTP API. The default value is false, which will deactivate the HTTP API. From Bonita 2022.1, HTTP API is protected with [Basic access authentication](https://en.wikipedia.org/wiki/Basic_access_authentication). See the following 2 parameters to configure Basic access authentication. ### HTTP_API_USERNAME + This optional environment variable is used to configure the HTTP API Basic access authentication username. The default value is *http-api*. ### HTTP_API_PASSWORD + This optional environment variable is used to configure the HTTP API Basic access authentication password. There is no default value, and providing a value is mandatory if `HTTP_API=true`. ### JMX_REMOTE_ACCESS -This optional environment variable is used to enable/disable the access to the [JMX console](https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html) from a remote machine. + -Default value is *false*. + -The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + -The credentials to connect are the environment variables [MONITORING_USERNAME](#MONITORING_USERNAME), [MONITORING_PASSWORD](#MONITORING_PASSWORD). + +This optional environment variable is used to enable/disable the access to the [JMX console](https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html) from a remote machine. + Default value is *false*. + The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + The credentials to connect are the environment variables [MONITORING_USERNAME](#MONITORING_USERNAME), [MONITORING_PASSWORD](#MONITORING_PASSWORD). ### REMOTE_IP_VALVE_ENABLED + This optional environment variable allows to activate/deactivate [reverse proxy redirection](https://documentation.bonitasoft.com/bonita/latest/runtime/reverse-proxy-configuration). Default value is *false*. ### ACCESSLOGS_STDOUT_ENABLED + This optional environment variable allows to activate/deactivate writing Tomcat access logs to standard output. Default value is *false*. ### ACCESSLOGS_FILES_ENABLED -This optional environment variable allows to activate/deactivate writing Tomcat access logs to a specific file. When activated, will write those logs to `/opt/bonita/logs/` *inside* the docker container. -In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is *false*. + +This optional environment variable allows to activate/deactivate writing Tomcat access logs to a specific file. When activated, will write those logs to `/opt/bonita/logs/` *inside* the docker container. In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is *false*. ### ACCESSLOGS_PATH -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to the access log files. -Default value is */opt/bonita/logs*. + +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to the access log files. Default value is */opt/bonita/logs*. ### ACCESSLOGS_PATH_APPEND_HOSTNAME -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to append a subdirectory with the *hostname* to the full path of the directory to put access log files into. -Default value is *false*. + +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to append a subdirectory with the *hostname* to the full path of the directory to put access log files into. Default value is *false*. ### ACCESSLOGS_MAX_DAYS -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*. + +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*\. ### HTTP_MAX_THREADS -This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. -More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*. + +This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*\. ### JAVA_OPTS -This optional environment variable is used to customize JAVA_OPTS. The default value is -Xms1024m -Xmx1024m -XX:MaxPermSize=256m. -The syntax to use is `-e JAVA_OPTS="-Xms2048m -Xmx2048m -XX:MaxPermSize=1024m"` + +This optional environment variable is used to customize JAVA_OPTS. The default value is -Xms1024m -Xmx1024m -XX:MaxPermSize=256m. The syntax to use is `-e JAVA_OPTS="-Xms2048m -Xmx2048m -XX:MaxPermSize=1024m"` ### DB_VENDOR + This environment variable is automatically set to postgres or mysql if the Bonita container is linked to a PostgreSQL or MySQL database using --link. The default value is h2. It can be overridden if you don't use the --link capability. ### DB_HOST, DB_PORT + These variables are optional, used in conjunction to configure the bonita image to reach the database instance. There are automatically set if --link is used to run the container. ### DB_NAME, DB_USER, DB_PASS @@ -180,7 +180,6 @@ These variables are used in conjunction to define how Bonita should access its d ### BIZ_DB_NAME, BIZ_DB_USER, BIZ_DB_PASS - These variables are used in conjunction to define how Bonita should access the [Business Data](https://documentation.bonitasoft.com/bonita/latest/data/define-and-deploy-the-bdm) database. `BIZ_DB_NAME` default value is businessdb. @@ -189,7 +188,6 @@ These variables are used in conjunction to define how Bonita should access the [ `BIZ_DB_PASS` default value is businesspass. - ## Logger configuration **Since 2022.1** @@ -198,8 +196,7 @@ The logger can be configured by mounting a volume on folder `/opt/bonita/conf/lo the volume must contain the 2 files [log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) -and -[log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) +and [log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) Any change made to one of this 2 files is automatically hot-reloaded and taken into account immediately. @@ -290,7 +287,7 @@ For updating from a version before 7.10.0, please refer to the [documentation](h ``` - Launch the new container pointing towards the copy of the database. - + ```console $ docker run --name=bonita --link mydbpostgres:postgres -e "DB_NAME=newbonitadb" -e "DB_USER=newbonitauser" -e "DB_PASS=newbonitapass" -d -p 8081:8080 %%IMAGE%%:2022.1-u0 ``` From 17d006e1545f7c8e129b93e2f16c491c5a9fcafc Mon Sep 17 00:00:00 2001 From: Emmanuel Duchastenier Date: Mon, 4 Apr 2022 11:09:26 +0200 Subject: [PATCH 6/8] Integrate code review feedbacks --- bonita/content.md | 13 +++++++------ bonita/stack.yml | 24 ++++++++++++++---------- 2 files changed, 21 insertions(+), 16 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index d78584ba6b1c..088bdb82f0fb 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -272,12 +272,13 @@ For updating from a version before 7.10.0, please refer to the [documentation](h ``` For example : - - db.vendor=postgres - db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb - db.driverClass=org.postgresql.Driver - db.user=newbonitauser - db.password=newbonitapass + ```ini + db.vendor=postgres + db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb + db.driverClass=org.postgresql.Driver + db.user=newbonitauser + db.password=newbonitapass + ``` - Launch the update tool diff --git a/bonita/stack.yml b/bonita/stack.yml index da76a1ec5a01..97994e559a26 100644 --- a/bonita/stack.yml +++ b/bonita/stack.yml @@ -1,9 +1,8 @@ -# Use tech_user/secret as user/password credentials version: '3' services: db: - image: postgres:12.6 + image: bonitasoft/bonita-postgres:12.6 environment: POSTGRES_PASSWORD: example restart: always @@ -11,14 +10,20 @@ services: - -c - max_prepared_transactions=100 bonita: - image: bonita - hostname: + image: bonita:7.14.0 + hostname: custom-hostname.example.com ports: - 8080:8080 environment: - - POSTGRES_ENV_POSTGRES_PASSWORD=example - DB_VENDOR=postgres - DB_HOST=db + - DB_PORT=5432 + - DB_NAME=bonita + - DB_USER=bonita + - DB_PASS=bpm + - BIZ_DB_NAME=business_data + - BIZ_DB_USER=business_data + - BIZ_DB_PASS=bpm - TENANT_LOGIN=tech_user - TENANT_PASSWORD=secret - PLATFORM_LOGIN=pfadmin @@ -31,15 +36,14 @@ services: - -c - | set -e - echo 'Waiting for Postgres to be available' - export PGPASSWORD="$$POSTGRES_ENV_POSTGRES_PASSWORD" + echo 'Waiting for PostgreSQL to be available' maxTries=10 - while [ "$$maxTries" -gt 0 ] && ! psql -h "$$DB_HOST" -U 'postgres' -c '\l'; do - let maxTries-- + while [ "$$maxTries" -gt 0 ] && [ $$(echo 'QUIT' | nc -w 1 "$$DB_HOST" 5432; echo "$$?") -gt 0 ]; do sleep 1 + let maxTries-- done if [ "$$maxTries" -le 0 ]; then echo >&2 'error: unable to contact Postgres after 10 tries' exit 1 fi - exec /opt/files/startup.sh + exec /opt/files/startup.sh /opt/bonita/server/bin/catalina.sh run From cbe1e53c4d2a6157c1b2edc9df9a0b4484749d12 Mon Sep 17 00:00:00 2001 From: Baptiste Mesta Date: Mon, 4 Apr 2022 11:54:32 +0200 Subject: [PATCH 7/8] fix markdown formatting --- bonita/content.md | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index 088bdb82f0fb..7a7d83e554b0 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -22,17 +22,13 @@ You can access the Bonita Portal on http://localhost:8080/bonita and login using The H2 database allows the Bonita container to work out of the box, but it is not recommended outside a development environment. -As PostgreSQL is the recommended database for qualification and production environments, follow one of these next sections to configure your Bonita container to run on PostgreSQL database. -You can work with either a PostgreSQL Container, or PostgreSQL as an installed service. +As PostgreSQL is the recommended database for qualification and production environments, follow one of these next sections to configure your Bonita container to run on PostgreSQL database. You can work with either a PostgreSQL Container, or PostgreSQL as an installed service. ### PostgreSQL Container From Bonita 2022.1 onwards, the Bonita docker image does not include configuration scripts to automatically create databases and users anymore. -Therefore the PostgreSQL container needs to be configured to work with Bonita before starting the Bonita container. -The configuration of a PostgreSQL database to work with Bonita is described in details in the [database configuration page](https://documentation.bonitasoft.com/bonita/latest/runtime/database-configuration#postgres_setup). + -Alternatively, Bonita provides a preconfigured [PostgreSQL image](https://hub.docker.com/r/bonitasoft/bonita-postgres) on docker-hub. + -You can run the image with the following command: +Therefore the PostgreSQL container needs to be configured to work with Bonita before starting the Bonita container. The configuration of a PostgreSQL database to work with Bonita is described in details in the [database configuration page](https://documentation.bonitasoft.com/bonita/latest/runtime/database-configuration#postgres_setup). + Alternatively, Bonita provides a preconfigured [PostgreSQL image](https://hub.docker.com/r/bonitasoft/bonita-postgres) on docker-hub. + You can run the image with the following command: ```bash docker run --name mydbpostgres -h -d bonitasoft/bonita-postgres:12.6 @@ -150,11 +146,11 @@ If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to ### ACCESSLOGS_MAX_DAYS -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*\. +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*. ### HTTP_MAX_THREADS -This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*\. +This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*. ### JAVA_OPTS @@ -194,9 +190,7 @@ These variables are used in conjunction to define how Bonita should access the [ The logger can be configured by mounting a volume on folder `/opt/bonita/conf/logs` containing the configuration files. -the volume must contain the 2 files -[log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) -and [log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) +the volume must contain the 2 files [log4j2-loggers.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/tomcat-resources/tomcat-distrib-for-bonita/src/main/resources/tomcat/server/conf/log4j2-loggers.xml) and [log4j2-appenders.xml](https://raw.githubusercontent.com/bonitasoft/bonita-distrib/7.14.0/docker/files/log4j2/log4j2-appenders.xml) Any change made to one of this 2 files is automatically hot-reloaded and taken into account immediately. @@ -272,13 +266,14 @@ For updating from a version before 7.10.0, please refer to the [documentation](h ``` For example : - ```ini - db.vendor=postgres - db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb - db.driverClass=org.postgresql.Driver - db.user=newbonitauser - db.password=newbonitapass - ``` + + ```properties + db.vendor=postgres + db.url=jdbc:postgresql://172.17.0.26:5432/newbonitadb + db.driverClass=org.postgresql.Driver + db.user=newbonitauser + db.password=newbonitapass + ``` - Launch the update tool From 84b4e4552feda04ac0ba2e2fdbd9bd0600218bdb Mon Sep 17 00:00:00 2001 From: Baptiste Mesta Date: Mon, 4 Apr 2022 12:06:28 +0200 Subject: [PATCH 8/8] replace italic by code in default value to fix formatting --- bonita/content.md | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/bonita/content.md b/bonita/content.md index 7a7d83e554b0..1d7e33c73849 100644 --- a/bonita/content.md +++ b/bonita/content.md @@ -114,7 +114,7 @@ This optional environment variable is used to enable/disable the Bonita HTTP API ### HTTP_API_USERNAME -This optional environment variable is used to configure the HTTP API Basic access authentication username. The default value is *http-api*. +This optional environment variable is used to configure the HTTP API Basic access authentication username. The default value is `http-api`. ### HTTP_API_PASSWORD @@ -122,35 +122,35 @@ This optional environment variable is used to configure the HTTP API Basic acces ### JMX_REMOTE_ACCESS -This optional environment variable is used to enable/disable the access to the [JMX console](https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html) from a remote machine. + Default value is *false*. + The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + The credentials to connect are the environment variables [MONITORING_USERNAME](#MONITORING_USERNAME), [MONITORING_PASSWORD](#MONITORING_PASSWORD). +This optional environment variable is used to enable/disable the access to the [JMX console](https://docs.oracle.com/en/java/javase/11/management/using-jconsole.html) from a remote machine. + Default value is `false`. + The host to connect to is the name / IP address of the bonita server, the port to connect to is 9000. + The credentials to connect are the environment variables [MONITORING_USERNAME](#MONITORING_USERNAME), [MONITORING_PASSWORD](#MONITORING_PASSWORD). ### REMOTE_IP_VALVE_ENABLED -This optional environment variable allows to activate/deactivate [reverse proxy redirection](https://documentation.bonitasoft.com/bonita/latest/runtime/reverse-proxy-configuration). Default value is *false*. +This optional environment variable allows to activate/deactivate [reverse proxy redirection](https://documentation.bonitasoft.com/bonita/latest/runtime/reverse-proxy-configuration). Default value is `false`. ### ACCESSLOGS_STDOUT_ENABLED -This optional environment variable allows to activate/deactivate writing Tomcat access logs to standard output. Default value is *false*. +This optional environment variable allows to activate/deactivate writing Tomcat access logs to standard output. Default value is `false`. ### ACCESSLOGS_FILES_ENABLED -This optional environment variable allows to activate/deactivate writing Tomcat access logs to a specific file. When activated, will write those logs to `/opt/bonita/logs/` *inside* the docker container. In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is *false*. +This optional environment variable allows to activate/deactivate writing Tomcat access logs to a specific file. When activated, will write those logs to `/opt/bonita/logs/` *inside* the docker container. In practice, it is only useful when mounting a volume to the aforementioned directory. Default value is `false`. ### ACCESSLOGS_PATH -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to the access log files. Default value is */opt/bonita/logs*. +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable overrides the default path to the access log files. Default value is `/opt/bonita/logs`. ### ACCESSLOGS_PATH_APPEND_HOSTNAME -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to append a subdirectory with the *hostname* to the full path of the directory to put access log files into. Default value is *false*. +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to append a subdirectory with the *hostname* to the full path of the directory to put access log files into. Default value is `false`. ### ACCESSLOGS_MAX_DAYS -If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is *30*. +If `ACCESSLOGS_FILES_ENABLED=true`, this optional environment variable allows to automatically delete access log files after a certain number of days. Default value is `30`. ### HTTP_MAX_THREADS -This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is *20*. +This optional environment variable allows to specify the maximum Http thread number Tomcat will use to serve HTTP/1.1 requests. Directly modifies the *maxThreads* parameter in the *server.xml* file of the Tomcat inside the docker container. More information on the usefulness of this parameter can be found [here](https://tomcat.apache.org/tomcat-9.0-doc/config/http.html). Default value is `20`. ### JAVA_OPTS