Use Bitbucket in the enterprise
This page describes best practices for using Bitbucket Data Center and Server in enterprise environments. If you're evaluating Bitbucket, we suggest that you begin with Install a Bitbucket Data Center trial, instead of this page.
Bitbucket is the Git code management solution for enterprise teams. It allows everyone in your organization to easily collaborate on your Git repositories, while providing enterprise-grade support for:
- user authentication
- repository security
- integration with existing databases and dev environment.
Atlassian offers two deployment options for Bitbucket.
For most organizations, a single instance of Bitbucket Server provides good performance. Continue reading this page for guidance on best practices in setting up a Bitbucket Server instance in a production environment.
Bitbucket Data Center
For larger enterprises that require high availability and greater performance at scale, Bitbucket Data Center resources uses a cluster of Bitbucket Server nodes to provide Active/Active failover, and is the deployment option of choice.
Bitbucket 8.14.x is the last version that supports Server licenses. Learn what this means for you
Your Bitbucket license determines which features and infrastructure choices are available.
We want all teams to get the most out of Bitbucket, so all the core features are available for everyone - including projects, repositories, pull requests and workflows.
Here's a summary of what you get with each license.
|Code and collaboration||Server license||Data Center license|
Define code owners who will be added as a reviewer to a pull request to review changes in specific files and directories.
Review and discuss your code with your team before merging changes. Learn more about collaboration via pull requests
Draft multiple comments on files and code during a review process. Learn more about the new code review workflow
Control what users can do on a single branch, branch type, or branch pattern within a repository or project. Learn more about branch permissions
Use centralized, forking, gitflow or forking workflows. Learn more about flexible workflows
Reviewer groups help quickly add the right reviewers in bulk for code reviews. Learn more about reviewer groups
Create consistent requirements when pull requests are opened with default tasks. Learn more about default tasks
Jira Software Server and Data Center integration
Connect Jira Server and Data Center and Bitbucket to automatically link issues and track progress simultaneously across both platforms. Learn more about integrating with Jira Software
Jira Software Cloud integration
Connect Jira Cloud and Bitbucket to automatically link issues and track progress simultaneously across both platforms. Learn more about integrating with Jira Software
Seamlessly integrate Bitbucket with the world’s leading CI/CD vendors to streamline the path to production. Learn more about our CI/CD integrations
Get reports, annotations, and metrics to help you and your team improve code quality in pull requests throughout the code review process. Learn more about code insights
APIs and 3rd party integrations
Use the Bitbucket API and 3rd party integrations to automate simple tasks, embed data into your own site, and customize your workflow. Learn more about APIs and 3rd party integrations
Create webhooks at the project level instead of creating webhooks for each repository. Learn more about webhooks
|High availability and performance at scale|
Run Bitbucket on multiple nodes for high availability. Learn more about clustering
Improve Git clone speeds for distributed teams working with large repositories. Learn more about Smart Mirroring
Distributed Git storage
Increase performance and high availability of repositories. Learn more about Bitbucket Mesh
Git LFS (Large File Storage)
Store large files without the need for an external object store. Learn more about Git LFS
Keep your teams online and source code data available in the event that your primary system becomes unavailable. Learn more about disaster recovery
Connect Bitbucket to a remote search server for improved scalability (required for Data Center sites). Learn more about using a remote search server
Content Delivery Network (CDN) support
Improve geo-performance for distributed teams. Learn more about CDN
|Security and compliance|
(Enforced) merge checks
Stop pull requests from being merged until they meet the requirements that you’ve set. Learn more about merge checks
Get more insight into what is happening in your Bitbucket instance. Advanced auditing gives you the ability to track and log actions in your instance developing a security-relevant chronological record that can be exported and stored in third-party monitoring tools. Learn more about advanced auditing
HTTP access tokens
Create access tokens that aren't fixed to individual user accounts, for teams working on specific projects and repositories. Learn more about HTTP access tokens
Configure Bitbucket as an OAuth 2.0 provider, allowing external applications to access Bitbucket. Learn more about incoming links
Get notified of secrets added in new commits and revoke secrets to prevent exposure. Learn more about secret scanning
Stricter control on repository settings
Tighter control on repository settings to help you meet your security and compliance needs and create consistent settings across all repositories in your project. Learn more about how to restrict repository-level changes
External user directories
Store users in Active Directory, Crowd, Jira or another LDAP directory. Learn more about external user directories
|Multiple identity providers|
Use more than one IdP, and disable login methods you don't want to use (such as basic authentication). Learn more about using multiple IdPs
Use a SAML or OpenID Connect identity provider for authentication and single sign-on. Learn more about SSO
Just-in-time user provisioning (JIT provisioning) allows users to be created and updated automatically when they log in through SAML SSO or OpenID Connect (OIDC) SSO to Atlassian Data Center applications such as Jira, Confluence, or Bitbucket. Learn more about just-in-time provisioning
|Infrastructure and Control|
Control how many external REST API requests users and automations can make. Learn more about rate limiting
Advanced repository management
Manage all of your repositories from global repositories page. Find repositories that are active, and identify which inactive ones are taking up space. Learn more about Advanced repository management
Archive unused repositories to declutter your Bitbucket instance. Learn more about archiving and unarchiving repositories
Upgrade to the latest bug fix update of the same feature release with no downtime. Learn more about rolling upgrades
Integrity tests for zero-downtime backup
Find and resolve any inconsistencies between the database and home directory, for example after restoring a backup. Learn more about Integrity tests for zero-downtime backup
Get an overview of the health of your site, including potential performance issues relating to third-party apps. Learn more about app diagnostics
|Business intelligence and monitoring|
Export all Bitbucket data for analysis in your preferred business intelligence platform. Learn more about the data pipeline
Your own hardware
Run Bitbucket on your own physical servers, virtualized servers, or in the data center of your choice.
Run Bitbucket in Kubernetes cluster on Amazon EKS, Azure Kubernetes Service, Google Kubernetes Engine or on-premises. Learn more about Kubernetes support
AWS Quick Start and Cloud Formation Templates
Use our Cloud Formation Templates to deploy Bitbucket on AWS. Learn more about AWS Quick Start and Cloud Formation Templates
Although Bitbucket can be run on Windows, Linux and Mac systems, for enterprise use we only recommend, and support using Linux. This recommendation is based on our own testing and experience with using Bitbucket.
See the Supported platforms page for details of the supported versions of Java, external databases, web browsers and Git.
See Installing Bitbucket Data Center for detailed information about Bitbucket Data Center requirements.
In general, Bitbucket is very stable and has low memory consumption. There are no scalability limits other than for Git hosting operations (clone in particular). We know this is the scalability limit of the product; the limit is proportional to the number of cores on the system.
As an example, data collected from an internal Bitbucket instance indicate that for a team of approximately 50 developers, with associated continuous integration infrastructure, we see a peak concurrency of 30 simultaneous clone operations and a mean of 2 simultaneous clone operations. We conservatively expect that a customer with similar usage patterns would be capable of supporting 1000 users on a machine with 40 cores and a supporting amount of RAM. While we expect a peak concurrency larger than 40, Bitbucket is designed to queue incoming requests so as to avoid overwhelming the server.
Bitbucket Server – see Bitbucket Server production server data for data from the Bitbucket Server production instance we run internally at Atlassian.
Bitbucket Data Center – see Bitbucket Data Center Performance for the results of our performance testing for clusters of different sizes.
If Bitbucket is a critical part of your development workflow, maximizing Bitbucket availability becomes an important consideration.
Bitbucket – see High availability for Bitbucket for the background information you need to set up Bitbucket in a highly available configuration.
Bitbucket Data Center – see Failover for Bitbucket Data Center for information about how Bitbucket Data Center provides HA and almost instant failover.
Bitbucket is built with enterprise scaling and infrastructure flexibility in mind, giving administrators control over how Bitbucket fits into their environment:
- For most organizations, a single instance of Bitbucket provides good performance. Continue reading this page for guidance on best practice in setting up a Bitbucket instance in a production environment.
- For larger enterprises that require HA and greater performance at scale, Bitbucket Data Center uses a cluster of Bitbucket nodes and is the deployment option of choice.
Your single instance of Bitbucket can be easily upgraded to Bitbucket Data Center when the time comes.
Bitbucket – see Scaling Bitbucket Server for information about how you can tune your Bitbucket instance to grow with your organization's needs. See also Scaling Bitbucket Server for Continuous Integration performance for information specific to Bitbucket performance when CI tools poll Bitbucket for changes.
Bitbucket Data Center – see Adding and removing Data Center nodes for information about how you can rapidly provision extra capacity without downtime.
Some possible approaches to provisioning Bitbucket include:
- Run the Bitbucket installer in either console or unattended mode
- Bitbucket Data Center resources - clustered Bitbucket
- Docker container image for Bitbucket Server
Setting up a production environment
When setting up Bitbucket for a production or enterprise environment, we highly recommend that you configure the following aspects:
Run Bitbucket as a dedicated user
- For production environments Bitbucket should be run from a dedicated user account with restricted privileges. See Running Bitbucket Server with a dedicated user.
Install Bitbucket as a service
Use an external database
- For production environments Bitbucket should use an external database, rather than the embedded database. Set up your external DBMS (for example MySQL) before starting Bitbucket for the first time. This allows you to connect Bitbucket to that DBMS using the Setup Wizard that launches when you first run Bitbucket. See Connect Bitbucket to an external database.
Connect to your existing user directory
- Connect Bitbucket to your existing user directory (for example Active Directory). See External user directories.
Secure the Bitbucket home directory
- For production environments the Bitbucket Set the home directory. should be secured against unauthorized access. See
Secure Bitbucket with HTTPS
- Access to Bitbucket should be secured using HTTP over SSL, especially if your data is sensitive and Bitbucket is exposed to the internet. See Securing Bitbucket Server with HTTPS.
Enable SSH access to Git repositories
- Enable SSH access for your Bitbucket users to Git repositories in Bitbucket so that they can add their own SSH keys to Bitbucket, and then use those SSH keys to secure Git operations between their computer and the Bitbucket instance. See Enable SSH access to Git repositories.
Change the context path for Bitbucket
- If you are running Bitbucket behind a proxy, or you have another Atlassian application (or any Java web application), available at the same hostname and context path as Bitbucket, then you should set a unique context path for Bitbucket. See Change Bitbucket's context path.
Administering a production environment
- For production environments we recommend that you test the Bitbucket upgrade on a QA server before deploying to production. See the Bitbucket Server upgrade guide.
Backups and recovery
- We highly recommend that you establish a data recovery plan that is aligned with your company's policies. See Data recovery and backups for information about tools and backup strategies for Bitbucket.
- Bitbucket instance logs can be found in
<Bitbucket home directory>/log
<Bitbucket Server installation directory>/log
- Bitbucket displays recent audit events for each repository and project (only visible to Bitbucket admins and system admins), and also creates full audit log files that can be found in the
<Bitbucket home directory
>/audit/logsdirectory. Note that Bitbucket has an upper limit to the number of log files it maintains, and deletes the oldest file when a new file is created – we recommend an automated backup of log files. See View and configure the audit log.]