Install Bitbucket Data Center
In this guide we'll run you through installing Bitbucket Data Center, which is a clustered solution, in a Linux environment.
This guide covers installing for the first time, with no existing data, or that you already have a production instance of Bitbucket Server, and that you are aiming to migrate that to a Bitbucket Data Center instance.
You can also install Bitbucket Data Center on Amazon Web Services (AWS) for a more streamlined deployment. See AWS Quick Start for details.
Bitbucket Data Center does not currently support Microsoft Azure deployments.
クラスタ化の要件および専門用語
To run Bitbucket in a cluster you must have a Bitbucket Data Center license, or, obtain an evaluation license.
On this page:
このガイドでは以下の用語について説明します:
- Installation directory - <Bitbucket install directory> is the directory where you installed Bitbucket on a node.
- Shared home directory – <Bitbucket shared home> The directory you created that is accessible to all nodes in the cluster via the same path.
Bitbucket Data Center component requirements
You can see a component diagram of a typical Bitbucket Data Center instance, and read about detailed requirements of each component on the page Bitbucket Data Center requirements and on the Supported platforms page.
A Bitbucket Data Center instance consists of a cluster of components, each running on a dedicated machine:
- A cluster of Bitbucket application nodes all running the same version of Bitbucket Data Center web application. These can be virtual or physical machines, have synchronized clocks (for example, using NTP) and be configured with the identical timezone, are allowed to connect to a Bitbucket cluster node's Hazelcast port, which by default is port 5701.
- A load balancer that supports both HTTP mode (for web traffic) and TCP mode (for SSH traffic), and support session affinity ("sticky sessions").
- A supported external database, shared and available to all all cluster nodes.
- A shared file system that is physically located in the same data center, available to all clusters nodes, and accessible by NFS as a single mount point.
- A remote Elasticsearch instance, with a only one remote connection to Bitbucket. The instance may be a standalone Elasticsearch installation, or a clustered installation behind a load balancer, but note that Bitbucket Data Center will only work with Elasticsearch 2.3.5.
Be sure to test your Bitbucket Data Center installation thoroughly before deploying to production
Regardless of the installation process you use, be sure to smoke test your Bitbucket Data Center instance every step of the way. Be sure to:
- Set up and test Bitbucket Data Center in your staging environment before deploying to a production environment.
- Test Bitbucket Data Center with identical data (repositories, users, add-ons) to your production instance.
Accessing a Bitbucket Data Center installation
At the end of the installation process, the URL of the Bitbucket Data Center instance will be the URL of the load balancer, so this is the machine that you will need to assign the name of your Bitbucket Data Center instance in the DNS. The remaining machines (Bitbucket cluster nodes, shared database, and shared file system) do not need to be publicly accessible to your users.
はじめる前に
Before you install Bitbucket Data Center, there are a few questions you need to answer.
Do you already have a production instance of Bitbucket Server running?
Install Bitbucket Data Center on the first application node
1. Download Bitbucket Data Center
Download the latest installer - www.atlassian.com/software/bitbucket/download.
2. インストーラーを実行する
インストーラーを実行可能にします。
Run the installer – we recommend using
sudo
to run the installer as this will create a dedicated account to run Bitbucket and allow you to run Bitbucket as a service.- Follow the prompts to install Bitbucket. You'll be asked for the following info:
- Type of Bitbucket instance - the type of installation, for these instructions select Data Center.
- Installation directory - where Bitbucket will be installed.
- Home directory - where Bitbucket application data will be stored.
- TCP ports - the HTTP connector port and control port Bitbucket will run on.
Provision the shared database, filesystem, and Elasticsearch nodes
Be sure you've familiarized yourself with the requirements for each beforehand by reading the page Bitbucket Data Center requirements.
Once you've installed the first Bitbucket application node, you now need to provision the share database and shared filesystem to use with Bitbucket Data Center.
3. Provision your shared database
Set up your shared database server.
- Connecting Bitbucket Server to PostgreSQL
- Connecting Bitbucket Server to SQL Server
- Connecting Bitbucket Server to Oracle
Ensure your database is configured to allow enough concurrent connections. Bitbucket Server by default uses up to 80 connections per cluster node, which can exceed the default connection limit of some databases. For example, in PostgreSQL the default limit is usually 100 connections. If you use PostgreSQL, you may need to edit your postgresql.conf
file, to increase the value of max_connection
s
, and restart Postgres.
See Connecting Bitbucket Server to an external database for more information, and note that clustered databases are not supported.
4. Provision your shared file system
Create a Bitbucket Server user account named
atlbitbucket
on the shared file system server using this command:
Do not run Bitbucket Server asroot
. Many NFS servers squash accesses byroot
to another user.sudo useradd -c "Atlassian Bitbucket" -u 1001 atlbitbucket
- This account will own everything in the Bitbucket Server shared home directory.
This user account must have the same UID on all cluster nodes and the shared file system server.
Ensure your shared file system server has the NFS lock service enabled.
Ensure the user running Bitbucket Server,
atlbitbucket
, is able to read and write everything in the Bitbucket shared home directory, both the node-local part and the shared part (in NFS). The easiest way to do this is to ensure that:atlbitbucket
owns all files and directories in the Bitbucket home directory,atlbitbucket
has the recommendedumask
of0027
, andatlbitbucket
has the same UID on all machines.
- If you're moving from Bitbucket Server to Bitbucket Data Center:
Restore the content of directory
<Bitbucket shared home directory>/shared
from the backup you have taken into the new shared database and shared home directory.Only the
shared
directory in the Bitbucket Server home directory needs to be restored into the shared home directory. The remaining directories (bin
,caches
,export
,lib
,log
,plugins
, andtmp
) contain only caches and temporary files, and do not need to be restored.
See Bitbucket Data Center FAQ for performance guidelines when using NFS.
5. Provision your Elasticsearch node
To set up your Elasticsearch server, you will
- Install Elasticsearch on a remote machine.
- Configure Elasticsearch's
elasticsearch.yml
file to work with Bitbucket Data Center. - Secure Elasticsearch with a username and password that Bitbucket will use to access Elasticsearch, with a minimum of HTTP restricted access.
- Connect Elasticsearch to Bitbucket.
There are detailed instructions on the page Install and configure a remote Elasticsearch instance to help you provision your remote Elasticsearch installation.
Provision application cluster nodes
6. Provision application cluster nodes
Provision cluster node infrastructure. You can automate this using a configuration management tool such as Chef, Puppet, or Vagrant, and/or by spinning up identical virtual machine snapshots.
On each cluster node, mount the shared home directory as
${BITBUCKET_HOME}/shared
. Note that only the${BITBUCKET_HOME}/shared
directory should be shared between cluster nodes. All other directories, including${BITBUCKET_HOME}
, should be node-local (that is, private to each node).For example, suppose your Bitbucket home directory is
/var/atlassian/application-data/bitbucket
, and your shared home directory is available as an NFS export calledbitbucket-san:/bitbucket-shared
. Add the following line to/etc/fstab
on each cluster node:/etc/fstabbitbucket-san:/bitbucket-shared /var/atlassian/application-data/bitbucket/shared nfs lookupcache=pos,noatime,intr,rsize=32768,wsize=32768 0 0
Then mount it:
mkdir -p /var/atlassian/application-data/bitbucket/shared sudo mount -a
Ensure all your cluster nodes have synchronized clocks and identical timezone configuration. Here are some examples for how to do this:
Repeat steps 1 and 2 to install Bitbucket Data Center on each of the provisioned application cluster nodes.
7. Start the first cluster node
Edit the file ${BITBUCKET_HOME}/shared/bitbucket.properties
, and add the following lines:
# Use multicast to discover cluster nodes (recommended).
hazelcast.network.multicast=true
# If your network does not support multicast, you may uncomment the following lines and substitute
# the IP addresses of some or all of your cluster nodes. (Not all of the cluster nodes have to be
# listed here but at least one of them has to be active when a new node joins.)
#hazelcast.network.tcpip=true
#hazelcast.network.tcpip.members=192.168.0.1:5701,192.168.0.2:5701,192.168.0.3:5701
# The following should uniquely identify your cluster on the LAN.
hazelcast.group.name=your-bitbucket-cluster
hazelcast.group.password=your-bitbucket-cluster
Using multicast to discover cluster nodes (hazelcast.network.multicast=true
) is recommended, but requires all your cluster nodes to be accessible to each other via a multicast-enabled network. If your network does not support multicast then you can set hazelcast.network.multicast=false
, hazelcast.network.tcpip=true
, and hazelcast.network.tcpip.members
to a comma-separated list of cluster nodes instead. Only enable one of hazelcast.network.tcpip
or hazelcast.network.multicast
, not both.
Choose a name for hazelcast.group.name
and hazelcast.group.password
that uniquely identifies the cluster on your LAN. If you have more than one cluster on the same LAN (for example, other Bitbucket Data Center instances or other products based on similar technology such as Confluence Data Center) then you must assign each cluster a distinct name, to prevent them from attempting to join together into a "super cluster".
Then start Bitbucket Server. See Starting and stopping Bitbucket Server.
Then go to http://<bitbucket>:7990/admin/license
, and install your Bitbucket Data Center license. Restart Bitbucket Server for the change to take effect. If you need a Bitbucket Data Center license, you can purchase one that fits your needs, or, get an evaluation license.
Install and configure your load balancer
8. Install your load balancer
You can use the load balancer of your choice, either hardware or software. Bitbucket Data Center does not bundle a load balancer.
Your load balancer must proxy three protocols:
プロトコル | Typical port on the load balancer | Typical port on the Bitbucket cluster nodes | 注意 |
---|---|---|---|
http | 80 | 7990 | HTTP mode. Session affinity ("sticky sessions") should be enabled using the 52-character BITBUCKETSESSIONID cookie. |
HTTPS | 443 | 7990 | HTTP mode. Terminating SSL at the load balancer and running plain HTTP to the Bitbucket cluster nodes is highly recommended. |
ssh | 7999 | 7999 | TCP mode. |
Your load balancer must support session affinity ("sticky sessions") using the BITBUCKETSESSIONID
cookie. Bitbucket Data Center assumes that your load balancer always directs each user's requests to the same cluster node. If it does not, users may be unexpectedly logged out or lose other information that may be stored in their HTTP session.
When choosing a load balancer, it must support the HTTP, HTTPS, and TCP protocols. Note that:
- Apache does not support TCP mode load balancing.
- HAProxy versions older than 1.5.0 do not support HTTPS.
If your load balancer supports health checks of the cluster nodes, configure it to perform a periodic HTTP GET of http:// <bitbucket>:7990/status
, where <bitbucket>
is the cluster node's name or IP address. This returns one of two HTTP status codes:
- 200 OK
- 500 Internal Server Error
If a cluster node does not return 200 OK within a reasonable amount of time, the load balancer should not direct any traffic to it.
You should then be able to navigate to http://<load-balancer>/
, where <load-balancer>
is your load balancer's name or IP address. This should take you to your Bitbucket Server front page.
Example: HAProxy load balancer
If you don't have a particular preference or policy for load balancers, you can use HAProxy which is a popular Open Source software load balancer.
If you choose HAProxy, you must use a minimum version of 1.5.0. Earlier versions of HAProxy do not support HTTPS.
To check which version of HAProxy you use, run the following command:
haproxy --version
Here is an example haproxy.cfg
configuration file (typically found in the location /etc/haproxy/haproxy.cfg
). This assumes:
- Your Bitbucket cluster node is at address 192.168.0.1, listening on the default ports 7990 (HTTP) and 7999 (SSH).
- You have a valid SSL certificate at
/etc/cert.pem
.
global
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
tune.ssl.default-dh-param 1024
defaults
log global
option dontlognull
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
errorfile 408 /dev/null # Workaround for Chrome 35-36 bug. See http://blog.haproxy.com/2014/05/26/haproxy-and-http-errors-408-in-chrome/
frontend bitbucket_http_frontend
bind *:80
bind *:443 ssl crt /etc/cert.pem ciphers RC4-SHA:AES128-SHA:AES256-SHA
default_backend bitbucket_http_backend
backend bitbucket_http_backend
mode http
option httplog
option httpchk GET /status
option forwardfor
option http-server-close
appsession BITBUCKETSESSIONID len 52 timeout 1h
balance roundrobin
cookie BITBUCKETSESSIONID prefix
stick-table type string len 52 size 5M expire 30m
stick store-response set-cookie(BITBUCKETSESSIONID)
stick on cookie(BITBUCKETSESSIONID)
server bitbucket01 192.168.0.1:7990 check inter 10000 rise 2 fall 5
#server bitbucket02 192.168.0.2:7990 check inter 10000 rise 2 fall 5
# The following "backup" servers are just here to show the startup page when all nodes are starting up
server backup01 192.168.0.1:7990 backup
#server backup02 192.168.0.2:7990 backup
frontend bitbucket_ssh_frontend
bind *:7999
default_backend bitbucket_ssh_backend
timeout client 15m
maxconn 50
backend bitbucket_ssh_backend
mode tcp
balance roundrobin
server bitbucket01 192.168.0.1:7999 check port 7999
#server bitbucket02 192.168.0.2:7999 check port 7999
timeout server 15m
listen admin
mode http
bind *:8090
stats enable
stats uri /
Review the contents of the haproxy.cfg
file carefully, and customize it for your environment. See http://www.haproxy.org/ for more information about installing and configuring haproxy
.
Once you have configured the haproxy.cfg
file, start the haproxy
service.
sudo service haproxy start
You can also monitor the health of your cluster by navigating to HAProxy's statistics page at http://<load-balancer>:8090/
. You should see a page similar to this:
9. Configure Bitbucket for HAProxy
Bitbucket needs to be configured to work with HAProxy. For example:
server.proxy-name=bitbucket.company.com
server.proxy-port=443
server.secure=true
server.require-ssl=true
Read Securing Bitbucket behind HAProxy using SSL for more details.
10. Add a new Bitbucket application node to the cluster
Go to a new cluster node, and start Bitbucket Server. See Starting and stopping Bitbucket Server.
Once Bitbucket Server has started, go to
https://<load-balancer>/admin/clustering
. You should see a page similar to this:
Verify that the new node you have started up has successfully joined the cluster. If it does not, please check your network configuration and the ${BITBUCKET_HOME}/log/atlassian-bitbucket.log
files on all nodes. If you are unable to find a reason for the node failing to join successfully, please contact Atlassian Support .
11. Connect the new Bitbucket cluster node to the load balancer
If you are using your own hardware or software load balancer, consult your vendor's documentation on how to add the new Bitbucket cluster node to the load balancer.
If you are using HAProxy, uncomment these lines
server bitbucket02 192.168.0.2:7990 check inter 10000 rise 2 fall 5
server bitbucket02 192.168.0.2:7999 check port 7999
in your haproxy.cfg
file and restart haproxy
:
sudo service haproxy restart
Verify that the new node is in the cluster and receiving requests by checking the logs on each node to ensure both are receiving traffic and also check that updates done on one node are visible on the other.
Add remaining applications nodes to the cluster
12. Repeat steps 10 and 11 for each additional cluster node
Congratulations!
That's it! Bitbucket Data Center is accessible from a URL like this: http://<load_balancer_IP_address>:<port>
次のステップ
When setting up Bitbucket in a production environment, we recommend that you configure these aspects next:
- Connect Bitbucket Server to a user directory - manage users/groups stored in an external directory.
- Run Bitbucket Server as a dedicated user - run Bitbucket Server from a user account with restricted privileges.
- Secure the Bitbucket home directory - secure the home directory against unauthorized access.
- Proxy and secure Bitbucket Server - run Bitbucket Server behind a reverse proxy and enable HTTPS access.
- Establish a data recovery plan - backup the home directory and database of your instance.
Read more about setting up Bitbucket Server for an enterprise here: Using Bitbucket Server in the enterprise.