Bitbucket Data Center is a Git repository management solution by Atlassian, which provides source code collaboration capabilities with high availability and performance.
Running Bitbucket on Amazon Web Services (AWS) provides you with control over code hosting configurations, while providing scalable computing power without investing in hardware.
If you already have Bitbucket set up on another location, you can move the data by implementing a wide range of AWS migration techniques.
In this article, you will learn:
Bitbucket Data Center features include:
You can run Atlassian Bitbucket Server AMI directly from your AWS console or by using the EC2 launch wizard.
The Atlassian Bitbucket Server AMI provides a common Bitbucket deployment, including preconfigured, out-of-the-box components like reverse proxies, external databases, backup devices, data volumes, and temporary storage.
The Atlassian Bitbucket Server AMI can be used for one-step deployment of a Bitbucket server instance on AWS, or as a starting point for configuring more complex Bitbucket server deployments.
To find the Atlassian Bitbucket Server AMI, in the Amazon Console, select Community AMIs and search for Atlassian Bitbucket. Remember: to set this up you need the correct AMI ID for your region.
The following command can help you locate the latest AMI, through the Amazon CLI:
aws ec2 describe-images --owners 098706035825 --filters "Name=name,Values=Atlassian BitBucket*" --query 'sort_by(Images, CreationDate)[-1].{ID:ImageId, "AMI Name":Name}' --output table
Bitbucket AMI server components
A Bitbucket AMI server instance includes the following components:
How to launch Atlassian Bitbucket Server AMI
There are two ways to start the AMI:
The first time the Bitbucket AMI is loaded, Atlassian reads the /etc/atl file (if available). This allows you to override the variable that triggers the installed component. For example, if you enable a self-signed SSL certificate, you can provide the user credentials for the boot instance, as shown below.
#!/bin/bash
echo "ATL_SSL_SELF_CERT_ENABLED=true" >>/etc/atl
Related content: read our guide to AWS migration checklist.
It is important to estimate the hardware resources required for the Bitbucket to run efficiently on AWS. See the table below to estimate your sizing.
|
|
Repositories |
Active users |
Pull Requests |
| Small |
up to 6,200 |
up to 3,000 |
up to 118,000 |
| Medium |
6,200 to 21,000 |
3,000 to 10,000 |
118,000 to 350,000 |
| Large |
21,000 to 52,000 |
10,000 to 25,000 |
350,000 to 850,000 |
| XLarge |
above 52,000 |
above 25,000 |
above 850,000 |
A single site is suitable for most small to medium deployments, especially when high availability is not required.
If there are heavy loads, the infrastructure should be monitored regularly. If you have performance or stability issues in your environment, consider switching to a clustered infrastructure.
Bitbucket deployments can be sensitive in many organizations and require extra attention to security when deployed in the public cloud. Here are a few important considerations for securing Bitbucket instances on AWS.
Amazon VPC allows AWS resources to run on a specific virtual network. This virtual network is similar to a traditional network in your internal data center, only it uses scalable AWS infrastructure.
The subnet is the range of IP addresses for the VPC. You can run AWS resources on the selected subnet. Use public subnets for Internet-connected resources and private subnets for offline resources.
You can increase VPC security by enabling any of these options:
Related content: read our guide to AWS migration strategy.
Security groups act as virtual firewalls that control traffic to instances. The security group applied to each Bitbucket instance depends on how it was started. In general, a best practice is to use security groups to reduce traffic to your Bitbucket instance to the minimum necessary.
If you started an instance using AWS CloudFormation templates BitBucketServer.template or BitBucketDataCenter.template, CloudFormation creates security groups and grants access to ports 7999, 443, 80, and 22, as well as valid IP addresses for services used. Define a tight Permitted IP range within the template, and do not add unnecessary inbound access after startup.
To maximize security and minimize bugs and security vulnerabilities, it is very important that you have the latest patches and updates installed on your Bitbucket server instance. When you run Bitbucket Server for the first time, the AMI downloads the latest version of Bitbucket Server at that time. Going forward, you will need to manage patches and updates on each active instance.
NetApp Cloud Volumes ONTAP, the leading enterprise-grade storage management solution, delivers secure, proven storage management services on AWS, Azure and Google Cloud. Cloud Volumes ONTAP supports up to a capacity of 368TB, and supports various use cases such as file services, databases, DevOps or any other enterprise workload, with a strong set of features including high availability, data protection, storage efficiencies, Kubernetes integration, and more.
In particular, Cloud Volumes ONTAP helps in addressing database workloads challenges in the cloud, and filling the gap between your cloud-based database capabilities and the public cloud resources it runs on.
Cloud Volumes ONTAP also supports advanced features for managing SAN storage in the cloud, catering for NoSQL database systems, as well as NFS shares that can be accessed directly from cloud big data analytics clusters.