Using Bitbucket DIY Backup in AWS

Still need help?

The Atlassian Community is here for you.

Ask the community

The AWS Quick Start template as a method of deployment is no longer supported by Atlassian. You can still use the template, but we won't maintain or update it.

We recommend deploying your Data Center products on a Kubernetes cluster using our Helm charts for a more efficient and robust infrastructure and operational setup. Learn more about deploying on Kubernetes.

AWS now recommends switching launch configurations, which our AWS Quick Start template uses, to launch templates. We won’t do this switch, however, as we’ve ended our support for the AWS Quick Start template. This means you're no longer able to create launch configurations using this template.

This page describes considerations for DIY Backup and Restore of Bitbucket instances deployed in an Amazon Web Services (AWS) environment.

About Bitbucket Server DIY Backup for AWS

The Bitbucket Server DIY Backup tools fully support backup and restore of Bitbucket instances deployed on Amazon Elastic Block Store (EBS) volumes and/or Amazon Relational Database Service (RDS) instances.

The tools work by taking EBS and/or RDS snapshots of Bitbucket's database and shared home directory volume. These snapshots can later be launched as new EBS volumes and/or RDS instances, and attached to your running instance, thus restoring Bitbucket to a specific point in time.

The benefits of using native Amazon EBS and RDS support in Bitbucket Server DIY Backup are:

  • taking AWS native snapshots are faster than filesystem level copying
  • backup-associated downtimes can be eliminated
  • the snapshots are stored with the redundancy and durability of S3
  • it makes it easy to relocate an instance to a different Region or Availability Zone in the future

The scripts use the AWS CLI toolset, which is included in all instances launched from the AMI, regardless of the method you used to launch it.

If you launched your Bitbucket instance via BitbucketServer.template or BitbucketDataCenter.template, your EC2 node(s) should already belong to an IAM role with a policy granting the permissions required to backup and restore the EBS volume and/or RDS instance. If you did not launch your Bitbucket instance in AWS via one of these CloudFormation templates, then see the Setting up the instance role section below for an example policy with similar permissions.

Configuring the Bitbucket Server DIY Backup in AWS

If you launched your Bitbucket instance via BitbucketServer.template or BitbucketDataCenter.template, there is already a copy of the Bitbucket Server DIY Backup tools pre-installed and pre-configured on your instance. Just SSH to your instance (the shared file server node in the case of Bitbucket Data Center), and run:

cd /opt/atlassian/bitbucket-diy-backup
git pull
./bitbucket.diy-backup.sh 

If you launched your Bitbucket instance in AWS manually, you need to clone the Bitbucket Server DIY Backup repository and configure the variables manually.

git clone git@bitbucket.org:atlassianlabs/atlassian-bitbucket-diy-backup.git
cd atlassian-bitbucket-diy-backup
cp -i bitbucket.diy-backup.vars.sh.example-aws bitbucket.diy-backup.vars.sh

Then edit bitbucket.diy-backup.vars.sh appropriately for your environment.

Once you have configured bitbucket.diy-backup.vars.sh correctly, you can then run your backups by typing:

./bitbucket.diy-backup.sh

See Bitbucket zero downtime backup for more information.

Setting up the instance role

The DIY backup and restore scripts use the AWS CLI toolset to do their job. These tools need to authenticate with AWS in order to gain access to your resources (EBS volumes, snapshots, etc). The recommended way of providing credentials to the instance is by launching it with an instance role that has a suitable policy attached. If you are using the Bitbucket Server CloudFormation template, it'll take care of creating a policy for you and attach it to the instance at launch time.

If you need to create your own policy, you can use this JSON object as an example of the minimum permissions required for an instance:

{
    "Statement": [
        {
            "Resource": [
                "*"
            ],
            "Action": [
                "ec2:AttachVolume",
                "ec2:CreateSnapshot",
                "ec2:CreateTags",
                "ec2:CreateVolume",
                "ec2:DescribeSnapshots",
                "ec2:DescribeVolumes",
				"ec2:DetachVolume"
            ],
            "Effect": "Allow"
        }
    ],
    "Version": "2012-10-17"
}

For other ways of configuring the AWS CLI toolset, please refer to the documentation.

Last modified on Jan 24, 2022

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.