Installing GitHub Enterprise Server on Google Cloud Platform

Prerequisites

You must have a GitHub Enterprise license file. For more information, see "Setting up a trial of GitHub Enterprise Server" and "About licenses for GitHub Enterprise."
You must have a Google Cloud Platform account capable of launching Google Compute Engine (GCE) virtual machine (VM) instances. For more information, see the Google Cloud Platform website and the Google Cloud Platform Documentation.
Most actions needed to launch your instance may also be performed using the Google Cloud Platform Console. However, we recommend installing the gcloud compute command-line tool for initial setup. Examples using the gcloud compute command-line tool are included below. For more information, see the "gcloud compute" installation and setup guide in the Google documentation.

Minimum requirements

We recommend different hardware configurations depending on the number of user licenses for your GitHub Enterprise Server instance. If you provision more resources than the minimum requirements, your instance will perform and scale better.

User licenses	vCPUs	Memory	Root storage	Attached (data) storage
Trial, demo, or 10 light users	4	32 GB	200 GB	150 GB
10 to 3,000	8	48 GB	200 GB	300 GB
3,000 to 5000	12	64 GB	200 GB	500 GB
5,000 to 8000	16	96 GB	200 GB	750 GB
8,000 to 10,000+	20	160 GB	200 GB	1000 GB

If you plan to enable GitHub Actions for the users of your instance, more resources are required.

vCPUs	Memory	Maximum Concurrency
8	64 GB	300 jobs
16	128 GB	700 jobs
32	160 GB	1300 jobs
64	256 GB	2000 jobs
96	384 GB	4000 jobs

For more information about these requirements, see "Getting started with GitHub Actions for GitHub Enterprise Server."

For more information about adjusting resources for an existing instance, see "Increasing storage capacity" and "Increasing CPU or memory resources."

Storage

We recommend a high-performance SSD with high input/output operations per second (IOPS) and low latency for GitHub Enterprise Server. Workloads are I/O intensive. If you use a bare metal hypervisor, we recommend directly attaching the disk or using a disk from a storage area network (SAN).

Your instance requires a persistent data disk separate from the root disk. For more information, see "System overview."

To configure GitHub Actions, you must provide external blob storage. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."

The available space on the root filesystem will be 50% of the total disk size. You can resize your instance's root disk by building a new instance or using an existing instance. For more information, see "System overview" and "Increasing storage capacity."

CPU and memory

The CPU and memory resources that GitHub Enterprise Server requires depend on the levels of activity for users, automations, and integrations.

If you plan to enable GitHub Actions for the users of your GitHub Enterprise Server instance, you may need to provision additional CPU and memory resources for your instance. For more information, see "Getting started with GitHub Actions for GitHub Enterprise Server."

When you increase CPU resources, we recommend adding at least 6.5 GB of memory for each vCPU (up to 16 vCPUs) that you provision for the instance. When you use more than 16 vCPUs, you don't need to add 6.5 GB of memory for each vCPU, but you should monitor your instance to ensure it has enough memory.

Warning: We recommend that users configure webhook events to notify external systems of activity on GitHub Enterprise Server. Automated checks for changes, or polling, will negatively impact the performance and scalability of your instance. For more information, see "About webhooks."

For more information about monitoring the capacity and performance of GitHub Enterprise Server, see "Monitoring your appliance."

You can increase your instance's CPU or memory resources. For more information, see "Increasing CPU or memory resources."

Determining the machine type

Before launching your GitHub Enterprise Server instance on Google Cloud Platform, you'll need to determine the machine type that best fits the needs of your organization. To review the minimum requirements for GitHub Enterprise Server, see "Minimum requirements."

Note: You can always scale up your CPU or memory by resizing your instance. However, because resizing your CPU or memory requires downtime for your users, we recommend over-provisioning resources to account for scale.

GitHub recommends a general-purpose, high-memory machine for GitHub Enterprise Server. For more information, see "Machine types" in the Google Compute Engine documentation.

Selecting the GitHub Enterprise Server image

Using the gcloud compute command-line tool, list the public GitHub Enterprise Server images:
```
$ gcloud compute images list --project github-enterprise-public --no-standard-images
```
Take note of the image name for the latest GCE image of GitHub Enterprise Server.

Configuring the firewall

GCE virtual machines are created as a member of a network, which has a firewall. For the network associated with the GitHub Enterprise Server VM, you'll need to configure the firewall to allow the required ports listed in the table below. For more information about firewall rules on Google Cloud Platform, see the Google guide "Firewall Rules Overview."

Using the gcloud compute command-line tool, create the network. For more information, see "gcloud compute networks create" in the Google documentation.
```
$ gcloud compute networks create NETWORK-NAME --subnet-mode auto
```

Create a firewall rule for each of the ports in the table below. For more information, see "gcloud compute firewall-rules" in the Google documentation.

$ gcloud compute firewall-rules create RULE-NAME \
   --network NETWORK-NAME \
   --allow tcp:22,tcp:25,tcp:80,tcp:122,udp:161,tcp:443,udp:1194,tcp:8080,tcp:8443,tcp:9418,icmp

This table identifies the required ports and what each port is used for.

Port	Service	Description
22	SSH	Git over SSH access. Clone, fetch, and push operations to public/private repositories supported.
25	SMTP	SMTP with encryption (STARTTLS) support.
80	HTTP	Web application access. All requests are redirected to the HTTPS port when SSL is enabled.
122	SSH	Instance shell access. The default SSH port (22) is dedicated to application git+ssh network traffic.
161/UDP	SNMP	Required for network monitoring protocol operation.
443	HTTPS	Web application and Git over HTTPS access.
1194/UDP	VPN	Secure replication network tunnel in high availability configuration.
8080	HTTP	Plain-text web based Management Console. Not required unless SSL is disabled manually.
8443	HTTPS	Secure web based Management Console. Required for basic installation and configuration.
9418	Git	Simple Git protocol port. Clone and fetch operations to public repositories only. Unencrypted network communication. If you have enabled private mode on your instance, then opening this port is only required if you also enabled anonymous Git read access. For more information, see "Enforcing repository management policies in your enterprise."

Allocating a static IP and assigning it to the VM

If this is a production appliance, we strongly recommend reserving a static external IP address and assigning it to the GitHub Enterprise Server VM. Otherwise, the public IP address of the VM will not be retained after restarts. For more information, see the Google guide "Reserving a Static External IP Address."

In production High Availability configurations, both primary and replica appliances should be assigned separate static IP addresses.

Creating the GitHub Enterprise Server instance

To create the GitHub Enterprise Server instance, you'll need to create a GCE instance with your GitHub Enterprise Server image and attach an additional storage volume for your instance data. For more information, see "Hardware considerations."

Using the gcloud compute command-line tool, create a data disk to use as an attached storage volume for your instance data, and configure the size based on your user license count. For more information, see "gcloud compute disks create" in the Google documentation.
```
$ gcloud compute disks create DATA-DISK-NAME --size DATA-DISK-SIZE --type DATA-DISK-TYPE --zone ZONE
```

Then create an instance using the name of the GitHub Enterprise Server image you selected, and attach the data disk. For more information, see "gcloud compute instances create" in the Google documentation.

$ gcloud compute instances create INSTANCE-NAME \
--machine-type n1-standard-8 \
--image GITHUB-ENTERPRISE-IMAGE-NAME \
--disk name=DATA-DISK-NAME \
--metadata serial-port-enable=1 \
--zone ZONE \
--network NETWORK-NAME \
--image-project github-enterprise-public

Configuring the instance

Copy the virtual machine's public DNS name, and paste it into a web browser.
At the prompt, upload your license file and set a management console password. For more information, see "Managing your license for GitHub Enterprise."
In the Management Console, configure and save your desired settings. For more information, see "Configuring the GitHub Enterprise Server appliance."
The instance will restart automatically.
Click Visit your instance.