System overview for GitHub Insights
GitHub Insights is a standalone application, hosted on two or more appliances, which interfaces with GitHub Enterprise.
GitHub InsightsはGitHub Oneで利用できます。 詳細は「GitHub の製品」を参照してください。
ここには以下の内容があります:
- Requirements for running GitHub Insights
- Security and authentication for GitHub Insights
- Architecture of GitHub Insights
Requirements for running GitHub Insights
GitHub Insights requires a supported version of GitHub Enterprise Server.
GitHub Insights requires a minimum of two machines hosted either in the cloud or locally. Standard type machines with a base OS of Ubuntu or Debian are supported. Each machine should meet the following minimum specifications.
| Application server | Import server(s) | |
|---|---|---|
| vCPUs | 16 | 8 |
| RAM | 64GB | 30GB |
To provision GitHub Insights, the application and import servers must be able to run Docker. The installation script will install Docker if able. If the script is not able to install Docker, the script will attempt to use an existing installation of Docker. If there is no existing installation of Docker on the host machines, the installation will fail.
The machine may require the Docker daemon to be run as sudo. Kubernetes is not currently supported.
Security and authentication for GitHub Insights
GitHub Insights is a virtual appliance that runs on your infrastructure and is governed by your existing information security controls. GitHub Insights uses existing user accounts in GitHub Enterprise for authentication and access permissions.
Network Security
GitHub Insights の内部ファイアウォールは、アプライアンスのサービスへのネットワークアクセスを制限します。 アプライアンスが機能するために必要なサービスだけが、ネットワークを通じて利用できます。
GitHub Insights requires the following ports to be open for inbound and outbound traffic.
| ポート | サービス | Server |
|---|---|---|
| 22 | SSH USER | Application, import |
| 80 | HTTP USER | Application |
| 443 | HTTPS USER | Application, import |
| 5672 | Rabbit Admin | Application |
| 7070 | Analyzer | Application |
| 7071 | Vixen | Application |
| 8080 | Arango | Application, import |
| 8529 | Arango | Application |
| 15672 | Rabbit | Application |
Authentication and access permissions
Authentication for GitHub Insights is handled through GitHub Enterprise. During installation, you will create a GitHub App, which allows GitHub Insights to authorize users. The GitHub App is also used to interact with GitHub Enterprise within the scope of the user and app’s permissions.
GitHub Insights has two permission levels.
-
Admin permissions correspond to the role of site administrator on GitHub Enterprise. People with admin permissions have access to all settings for GitHub Insights.
-
All other users in GitHub Enterprise have user accounts in GitHub Insights. Users can view all metrics but have limited access to settings.
Data access in GitHub Insights is restricted according to each user's data access in GitHub Enterprise. A user will never see data in GitHub Insights for repositories the user does not have access to in GitHub Enterprise.
Architecture of GitHub Insights
GitHub Insights consists of one application server and one or more import servers. The application server hosts the core services, such as the database and client. The import server processes imports and can be scaled according to load.
