Prerequisites
- Você deve ter um GitHub Enterprise arquivo de licença. Para obter mais informações, confira "Como configurar uma avaliação do GitHub Enterprise Server" e "Sobre as licenças do GitHub Enterprise".
- You must have an AWS account capable of launching EC2 instances and creating EBS volumes. For more information, see the Amazon Web Services website.
- Most actions needed to launch your GitHub Enterprise Server instance may also be performed using the AWS management console. However, we recommend installing the AWS command line interface (CLI) for initial setup. Examples using the AWS CLI are included below. For more information, see Amazon's guides "Working with the AWS Management Console" and "What is the AWS Command Line Interface."
Note: At this time GitHub Enterprise Server does not support the use of the Amazon IDMSv2 Metadata API.
This guide assumes you are familiar with the following AWS concepts:
- Launching EC2 Instances
- Managing EBS Volumes
- Using Security Groups (For managing network access to your instance)
- Elastic IP Addresses (EIP) (Strongly recommended for production environments)
- EC2 and Virtual Private Cloud (If you plan to launch into a Virtual Private Cloud)
- AWS Pricing (For calculating and managing costs)
For an architectural overview, see the "AWS Architecture Diagram for Deploying GitHub Enterprise Server".
This guide recommends the principle of least privilege when setting up your GitHub Enterprise Server instance on AWS. For more information, refer to the AWS Identity and Access Management (IAM) documentation.
Hardware considerations
Minimum requirements
We recommend different hardware configurations depending on the number of user licenses for your GitHub Enterprise Server instance. If you provision more resources than the minimum requirements, your instance will perform and scale better.
Licenças de usuário | vCPUs | Memória | Armazenamento anexado | Armazenamento raiz |
---|---|---|---|---|
Teste, demonstração ou 10 usuários leves | 4 | 32 GB | 150 GB | 200 GB |
10-3000 | 8 | 48 GB | 300 GB | 200 GB |
3000-5000 | 12 | 64 GB | 500 GB | 200 GB |
5000-8000 | 16 | 96 GB | 750 GB | 200 GB |
8000-10000+ | 20 | 160 GB | 1000 GB | 200 GB |
Se você pretende habilitar o GitHub Actions para os usuários da sua instância, mais recursos são necessários.
vCPUs | Memória | Simultaneidade máxima |
---|---|---|
32 | 128 GB | 1.000 trabalhos |
64 | 256 GB | 1.300 trabalhos |
96 | 384 GB | 2.200 trabalhos |
Para obter mais informações sobre esses requisitos, confira "Introdução ao GitHub Actions para GitHub Enterprise Server".
Para obter mais informações sobre como ajustar os recursos de uma instância existente, confira "Como aumentar a capacidade de armazenamento" e "Como aumentar os recursos de CPU ou de memória".
Storage
We recommend a high-performance SSD with high input/output operations per second (IOPS) and low latency for GitHub Enterprise Server. Workloads are I/O intensive. If you use a bare metal hypervisor, we recommend directly attaching the disk or using a disk from a storage area network (SAN).
Your instance requires a persistent data disk separate from the root disk. For more information, see "System overview."
To configure GitHub Actions, you must provide external blob storage. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."
The available space on the root filesystem will be 50% of the total disk size. You can resize your instance's root disk by building a new instance or using an existing instance. For more information, see "System overview" and "Increasing storage capacity."
CPU and memory
The CPU and memory resources that GitHub Enterprise Server requires depend on the levels of activity for users, automations, and integrations.
If you plan to enable GitHub Actions for the users of your GitHub Enterprise Server instance, you may need to provision additional CPU and memory resources for your instance. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."
Quando você aumenta os recursos da CPU, recomendamos adicionar pelo menos 6.5 GB de memória para cada vCPU (até 16 vCPUs) que você fornecer para a instância. Ao usar mais de 16 vCPUs, você não precisa adicionar 6.5 GB de memória para cada vCPU, mas você deve monitorar sua instância para garantir que ela tenha memória suficiente.
Warning: We recommend that users configure webhook events to notify external systems of activity on GitHub Enterprise Server. Automated checks for changes, or polling, will negatively impact the performance and scalability of your instance. For more information, see "About webhooks."
For more information about monitoring the capacity and performance of GitHub Enterprise Server, see "Monitoring your appliance."
You can increase your instance's CPU or memory resources. For more information, see "Increasing CPU or memory resources."
Determining the instance type
Before launching your GitHub Enterprise Server instance on AWS, you'll need to determine the machine type that best fits the needs of your organization. To review the minimum requirements for GitHub Enterprise Server, see "Minimum requirements."
Observação: você pode sempre ajustar sua CPU ou memória redimensionando sua instância. No entanto, como o redimensionamento da sua CPU ou memória requer tempo de inatividade para os usuários, recomendamos o fornecimento excessivo de recursos para contas em escala.
GitHub recomenda uma instância otimizada para a memória para GitHub Enterprise Server. Para obter mais informações, confira Tipos de Instância do Amazon EC2 no site do Amazon EC2.
Selecting the GitHub Enterprise Server AMI
You can select an Amazon Machine Image (AMI) for GitHub Enterprise Server using the GitHub Enterprise Server portal or the AWS CLI.
AMIs for GitHub Enterprise Server are available in the AWS GovCloud (US-East and US-West) region. This allows US customers with specific regulatory requirements to run GitHub Enterprise Server in a federally compliant cloud environment. For more information on AWS's compliance with federal and other standards, see AWS's GovCloud (US) page and AWS's compliance page.
Using the GitHub Enterprise Server portal to select an AMI
-
Navegue até a imagem que você deseja usar em sua nova instância.
- Navegue até Notas sobre a versão.
- Na barra lateral � direita, clique na versão que você deseja baixar.
- Clique em Baixar GitHub Enterprise Server X.X.X.
-
Under "GitHub in the Cloud", select the "Select your platform" dropdown menu, and click Amazon Web Services.
-
Select the "Select your AWS region" drop-down menu, and click your desired region.
-
Take note of the AMI ID that is displayed.
Using the AWS CLI to select an AMI
- Using the AWS CLI, get a list of GitHub Enterprise Server images published by GitHub's AWS owner IDs (
025577942450
for GovCloud, and895557238572
for other regions). For more information, see "describe-images" in the AWS documentation.aws ec2 describe-images \ --owners OWNER_ID \ --query 'sort_by(Images,&Name)[*].{Name:Name,ImageID:ImageId}' \ --output=text
- Take note of the AMI ID for the latest GitHub Enterprise Server image.
Creating a security group
If you're setting up your AMI for the first time, you will need to create a security group and add a new security group rule for each port in the table below. For more information, see the AWS guide "Using Security Groups."
-
Using the AWS CLI, create a new security group. For more information, see "create-security-group" in the AWS documentation.
$ aws ec2 create-security-group --group-name SECURITY_GROUP_NAME --description "SECURITY GROUP DESCRIPTION"
-
Take note of the security group ID (
sg-xxxxxxxx
) of your newly created security group. -
Create a security group rule for each of the ports in the table below. For more information, see "authorize-security-group-ingress" in the AWS documentation.
$ aws ec2 authorize-security-group-ingress --group-id SECURITY_GROUP_ID --protocol PROTOCOL --port PORT_NUMBER --cidr SOURCE IP RANGE
This table identifies what each port is used for.
Porta Serviço Descrição 22 SSH Git sobre acesso via SSH. Clone, buscar e fazer push de operações para repositórios público/privado suportados. 25 SMTP Suporte a SMTP com criptografia (STARTTLS). 80 HTTP Acesso ao aplicativo web. Todas as solicitações são redirecionadas para a porta HTTPS quando o SSL está habilitado. 122 SSH Exemplo de acesso a shell. A porta SSH padrão (22) é dedicada ao tráfego de rede entre o Git e o SSH do aplicativo. 161/UDP SNMP Obrigatória para operações de protocolo de monitoramento de rede. 443 HTTPS Aplicativo web e Git sobre acesso HTTPS. 1194/UDP VPN Túnel de rede de réplica segura na configuração de alta disponibilidade. 8080 HTTP Baseado em web de texto simples Console de Gerenciamento. Não obrigatória, a menos que o SSL seja desabilitado manualmente. 8443 HTTPS Base segura na web Console de Gerenciamento. Obrigatória para instalação e configuração básicas. 9418 Git Porta de protocolo Simples Git. Clonar e buscar somente as operações para repositórios públicos. Comunicação de rede não criptografada. Se você habilitou o modo privado na sua instância, abrir esta porta só é necessário se você também habilitou o acesso de leitura anônimo do Git. Para obter mais informações, confira "Como impor políticas de gerenciamento de repositório na sua empresa".
Creating the GitHub Enterprise Server instance
To create the instance, you'll need to launch an EC2 instance with your GitHub Enterprise Server AMI and attach an additional storage volume for your instance data. For more information, see "Hardware considerations."
Note: You can encrypt the data disk to gain an extra level of security and ensure that any data you write to your instance is protected. There is a slight performance impact when using encrypted disks. If you decide to encrypt your volume, we strongly recommend doing so before starting your instance for the first time. For more information, see the Amazon guide on EBS encryption.
Warning: If you decide to enable encryption after you've configured your instance, you will need to migrate your data to the encrypted volume, which will incur some downtime for your users.
Launching an EC2 instance
In the AWS CLI, launch an EC2 instance using your AMI and the security group you created. Attach a new block device to use as a storage volume for your instance data, and configure the size based on your user license count. For more information, see "run-instances" in the AWS documentation.
aws ec2 run-instances \
--security-group-ids SECURITY_GROUP_ID \
--instance-type INSTANCE_TYPE \
--image-id AMI_ID \
--block-device-mappings '[{"DeviceName":"/dev/xvdf","Ebs":{"VolumeSize":SIZE,"VolumeType":"TYPE"}}]' \
--region REGION \
--ebs-optimized
Allocating an Elastic IP and associating it with the instance
If this is a production instance, we strongly recommend allocating an Elastic IP (EIP) and associating it with the instance before proceeding to GitHub Enterprise Server configuration. Otherwise, the public IP address of the instance will not be retained after instance restarts. For more information, see "Allocating an Elastic IP Address" and "Associating an Elastic IP Address with a Running Instance" in the Amazon documentation.
Both primary and replica instances should be assigned separate EIPs in production High Availability configurations. For more information, see "Configuring GitHub Enterprise Server for High Availability."
Configuring the GitHub Enterprise Server instance
- Copie o nome DNS público da máquina virtual e cole-o em um navegador.
- No prompt, carregue seu arquivo de licença e defina uma senha de gerenciamento do console. Para obter mais informações, confira "Como gerenciar sua licença do GitHub Enterprise".
- No Console de Gerenciamento, defina e salve as configurações desejadas. For more information, see "Configuring the GitHub Enterprise Server appliance."
- A instância será reiniciada automaticamente.
- Clique em Acessar sua instância.