Bitbucket SmartMirror Automation
This is simply a short and sweet method to provision an AWS EC2 instance as an Atlassian Bitbucket Data Center SmartMirror server with no ssh login interaction required, utilizing an EC2 user_data script.
I realize this could be automated even further using tools such as Ansible, Terraform or CloudFormation….but due to the limitless variations in your computing environment, this script focuses purely on the EC2 instance itself.
UPDATE: I have further automated this process using AWS CloudFormation. If interested, please reference this article.
Assumptions:
This post assumes that you have a fairly advanced knowledge of AWS including EC2, Load Balancers, AWS Certificate Manager, Security Groups, etc.. Please reference the AWS documentation for additional info on those topics.
Prerequisites:
- Create an AWS Classic internal Load Balancer with listeners: (22 -> 7999, 7999 -> 7999, 443 -> 7990) # Attach an AWS cert for SSL termination on 443. (‘Classic’ is the only LB which allows a mix of both HTTPS & TCP ports. After Aug 15, 2022, AWS will discontinue the Classic LB, and you’ll need to use some other reverse proxy such as HaProxy or Nginx.)
- Your LB Security Group should allow access to ports 22, 7999 and 443 from your internal network CIDR’s or specific IP’s.
- Your EC2 instance Security Group should allow access to ports 22, 7999 and 7990 from your LB Security Group above.
- Register an internal DNS CNAME which points to your LB’s DNS address. Add this to <YOUR_REVERSE_PROXY> below.
- Below you will be spinning up an EC2 instance with at least 2-CPU, 8Gb-RAM, and enough disk storage to hold the repos you intend to mirror.
- Modify <YOUR_REVERSE_PROXY>, <YOUR_MIRROR_NAME> and <YOUR_BITBUCKET> below, then paste everything into the “user_data” text field during EC2 launch.
#!/bin/bash
yum update -y
yum install -y git
mkdir -p /var/atlassian/application-data/bitbucket /opt/atlassian
cd /opt/atlassian
wget https://www.atlassian.com/software/stash/downloads/binary/atlassian-bitbucket-7.15.1-x64.bin
chmod 750 atlassian-bitbucket-7.15.1-x64.bincat <<EOF > response.varfile
app.bitbucketHome=/var/atlassian/application-data/bitbucket
app.defaultInstallDir=/opt/atlassian/bitbucket/7.15.1
app.install.service$Boolean=true
httpPort=7990
installation.type=MIRROR_INSTALL
sys.adminRights$Boolean=true
sys.languageId=en
launch.application$Boolean=false
EOF./atlassian-bitbucket-7.15.1-x64.bin -q -varfile response.varfilecat <<EOF >> /var/atlassian/application-data/bitbucket/shared/bitbucket.properties
server.proxy-name=<YOUR_REVERSE_PROXY>.example.com
setup.baseUrl=https://<YOUR_REVERSE_PROXY>.example.com
setup.displayName=<YOUR_MIRROR_NAME_ie_Mumbai-Mirror1>
plugin.mirroring.upstream.url=https://<YOUR_BITBUCKET>.example.com
plugin.mirroring.upstream.type=server
server.secure=true
server.require-ssl=true
server.scheme=https
server.proxy-port=443
EOFsed -i.orig 's/# umask 0027/umask 0027/; s/JVM_MINIMUM_MEMORY=512m/JVM_MINIMUM_MEMORY=2g/; s/JVM_MAXIMUM_MEMORY=1g/JVM_MAXIMUM_MEMORY=2g/' /opt/atlassian/bitbucket/7.15.1/bin/_start-webapp.shservice atlbitbucket start
After setup, add your new instance to your Load Balancer (instances tab).
That’s it!
Now login to your Bitbucket Data Center cluster as a user with Admin privileges and click on the “Administration” cog:
…then click on the “Mirrors” link on the left:
If all went well, you should see a Mirror Request from your new EC2 instance waiting to be accepted. Once accepted, you can choose which projects to mirror, or mirror ALL projects (hopefully you’ve allocated enough storage on your mirror for this).
I hope this post makes creating additional Bitbucket SmartMirrors a little quicker and simpler as it did for me. After configuring my DNS and AWS Load Balancer, I’m able to provision a new mirror in just a couple of minutes.