System overview for GitHub Insights
GitHub Insights is a standalone application, hosted on two or more appliances, which interfaces with GitHub Enterprise.
GitHub Insights 可用于 GitHub One。 更多信息请参阅“GitHub 的产品”。
本文内容
- Requirements for running GitHub Insights
- Security and authentication for GitHub Insights
- Architecture of GitHub Insights
Requirements for running GitHub Insights
GitHub Insights requires a supported version of GitHub Enterprise Server.
GitHub Insights requires a minimum of two machines hosted either in the cloud or locally. Standard type machines with a base OS of Ubuntu or Debian are supported. Each machine should meet the following minimum specifications.
| Application server | Import server(s) | |
|---|---|---|
| vCPU | 16 | 8 |
| RAM | 64GB | 30GB |
To provision GitHub Insights, the application and import servers must be able to run Docker. 安装脚本将安装 Docker(如果能安装)。 如果脚本无法安装 Docker,脚本将尝试使用 Docker 的现有安装。 如果主机上没有安装 Docker,安装将失败。
The machine may require the Docker daemon to be run as sudo. Kubernetes is not currently supported.
Security and authentication for GitHub Insights
GitHub Insights is a virtual appliance that runs on your infrastructure and is governed by your existing information security controls. GitHub Insights uses existing user accounts in GitHub Enterprise for authentication and access permissions.
Network Security
GitHub Insights 的内部防火墙限制对设备服务的网络访问。 网络上仅提供设备正常运行所需的服务。
GitHub Insights requires the following ports to be open for inbound and outbound traffic.
| 端口 | 服务 | Server |
|---|---|---|
| 22 | SSH USER | Application, import |
| 80 | HTTP USER | Application |
| 443 | HTTPS USER | Application, import |
| 5672 | Rabbit Admin | Application |
| 7070 | Analyzer | Application |
| 7071 | Vixen | Application |
| 8080 | Arango | Application, import |
| 8529 | Arango | Application |
| 15672 | Rabbit | Application |
Authentication and access permissions
Authentication for GitHub Insights is handled through GitHub Enterprise. During installation, you will create a GitHub 应用程序, which allows GitHub Insights to authorize users. The GitHub 应用程序 is also used to interact with GitHub Enterprise within the scope of the user and app’s permissions.
GitHub Insights 有两种权限级别。
-
管理员权限对应 GitHub Enterprise 的站点管理员角色。 有管理员权限的人可以访问 GitHub Insights 的所有设置。
-
GitHub Enterprise 中的所有其他用户在 GitHub Insights 中都有用户帐户。 用户可以查看所有指标,但对设置的访问有限。
Data access in GitHub Insights is restricted according to each user's data access in GitHub Enterprise. A user will never see data in GitHub Insights for repositories the user does not have access to in GitHub Enterprise.
Architecture of GitHub Insights
GitHub Insights consists of one application server and one or more import servers. The application server hosts the core services, such as the database and client. The import server processes imports and can be scaled according to load.
