Docker

1 Gentics CMS Docker Compose Stack

Please use the Gentics CMS Docker Compose Stack provided at https://github.com/gentics/cms-compose for running Gentics CMS.

2 Example usage

when not using the Gentics CMS Docker Compose Stack


docker network create genticscms
docker run -d --name db --net genticscms -e MYSQL_RANDOM_ROOT_PASSWORD=true -e MYSQL_DATABASE=node_utf8 -e MYSQL_USER=node -e MYSQL_PASSWORD=node mariadb:10.3 --sql-mode=""
docker run -d -p 8080:80 --net genticscms --name cms -e NODE_DB_HOST=db docker.gentics.com/gentics/cms:5.33

3 Configuration

3.1 Environment variables

Variable Default Description
CONFIG_ACCESS_SUBNET 127.0.0.0/8 The network allowed to fetch the config via /.Node/?do=24
ADD_JAVA_OPTS Additional java options
JAVA_XMS 1024m Initial JVM memory allocation pool
JAVA_XMX 1024m Maximum JVM memory allocation pool
JAVA_GC_OPTS -XX:PrintGC JVM GC settings
LICENSEKEY 1111-1111-1111-1111-1111-1111-1111-1111 GCMS License key
LICENSEKEY_PATH /cms/keys/license.key Path to license key file in the container
PRIVATEKEY_PATH /cms/keys/private-key.jwk Path to the private key of the CMS in the container
NODE_DB_HOST localhost MySQL host
NODE_DB_PORT 3306 MySQL port
NODE_DB_USER node MySQL user
NODE_DB_PASSWORD node MySQL password
NODE_DB_NAME node_utf8 MySQL database name
NODE_DB_CONNECT_TIMEOUT 60 Time in seconds to wait for the database to be reachable before exiting with an error
NODE_USER_PASSWORD Password to set for the node CMS user
APACHE_PORT 80 Port of the internal Apache Http server
APACHE_LOG_PREFIX Optional prefix for log lines of the internal Apache Http Server
CN_EXTERNAL_SERVER Optional base URL for accessing the CMS. Needed for correctly generating download URLs for form data exports (e.g. https://cms.domain.com)

3.2 Volumes

Volume path Description
/Node/node Binary database files and files that should be persisted, should be mount as named Docker volume

4 Kubernetes / Openshift

The CMS docker image can also be used with a Kubernetes or Openshift pod. Running the container with a random user ID and group ID 0 is supported (Openshift policies support). All folders that should be writable are owned by the group ID 0 and are group writable.

Note: It might be necessary to configure the port of the internal Apache Http Server to a non-privileged port (e.g. 8080) by using the environment variable APACHE_PORT when running the container in Openshift.

5 Updating

Updating to a newer version normally doesn't require any special actions besides changing the image tag.

5.1 From 5.35.x to 5.36.x

When updating from a version older than 5.36.x, you have to consider the following things:

  • The group for writable folders has changed to 0 (root) in order to support Openshift.
  • sudo has been removed. Please change any custom scripts or scheduler tasks to not use sudo anymore.
  • cron has been replaced by the more container friendly "supercronic"
  • All processes are running with the "node" user now. Apache 2 was previously executed with the "www-data" user.
  • The container can be run with any User ID for the "node" user now (Openshift support)

If the container runs with a different User ID after updating, please run the following commands:

<shell> chown -R 1000:0 /Node/node chmod -R urwX,g+rwX,o-w /Node/node

If you also have mounted other volumes than /Node/node (e.g.: /var/log/, …), the above also has to be done for these.