Deploy Data Center products with the Azure template

Atlassian Data Center documentation

On this page

Related content

  • No related content found

Still need help?

The Atlassian Community is here for you.

Ask the community

The Azure Resource Manager template as a method of deployment is no longer supported or maintained by Atlassian. You can still customize it for your own usage to deploy Data Center products on Azure though.

We recommend deploying your Data Center products on a Kubernetes cluster using our Helm charts for a more efficient and robust infrastructure and operational setup. Learn more about deploying on Kubernetes

If you decide to deploy your Data Center instance in a clustered environment, consider using Microsoft Azure. This platform allows you to scale your deployment elastically by resizing and quickly launching additional nodes, and provides a number of managed services that work out of the box with Data Center products. These services make it easier to configure, manage, and maintain your deployment's clustered infrastructure.

We strongly recommend you set up user management, central logging storage, a backup strategy, and monitoring, just as you would for your Data Center installation running on your own hardware.

Non-clustered VS clustered environment

A single node is adequate for most small or medium size deployments, unless you need specific features that require clustering (for example high availability or zero-downtime upgrades).

If you have an existing Server installation, you can still use its infrastructure when you upgrade to Data Center. Many features exclusive to Data Center (like SAML single sign-onself-protection via rate limiting, and CDN support) don't require clustered infrastructure. You can start using these Data Center features by simply upgrading your Server installation’s license.

For more information on whether clustering is right for you, check out Data Center architecture and infrastructure options.

How it works

Standardized infrastructure

The Jira Data Center, Jira Service Management Data CenterConfluence Data CenterBitbucket Data Center, and Crowd Data Center templates deploy the following infrastructure components identically:

Component

Configuration

Bastion host

This is a lightweight but highly secure Azure Linux VM that controls SSH access to the application cluster nodes.

Application Gateway

By default, this gateway is composed of two instances for high availability. It acts as a HTTP/HTTPS load balancer for your scale set of application cluster nodes.

Monitoring

The ARM templates configure Azure Monitoring to perform basic health and availability monitoring to cluster nodes and database.

Database

You can choose between Azure SQL Database (MS SQL Server-compatible) or Azure PostgreSQL database. Either way, the database will be configured as service endpoints to only allow traffic from the private network that the cluster nodes are in. This restricted traffic setup helps enhance security.

Confluence Data Center limitations

There are some limitations you should be aware of before deciding to deploy to Azure:

  • Changing the size of the cluster after creation is not possible, due to a limitation in Hazelcast, which Confluence uses to discover nodes.

  • You can't use the deployment template to upgrade an existing Confluence deployment, or to provision new nodes running a different version to the rest of your cluster. 

  • If a node is deleted manually, it can't be redeployed without first removing the cluster. The existing database, and the existing shared home directory won't be removed when redeploying.

Bitbucket Data Center limitations

You can't use the deployment template to upgrade an existing Bitbucket deployment, or to provision new nodes running a different version to the rest of your cluster. 

Migrating to an Azure deployment

You can also migrate your existing Data Center instance into Azure. To do this, you will need to set up a new Data Center instance in Azure, and then import data from your existing instance. This approach ensures that your new site is created with optimum settings for Azure.

Here’s a high-level overview of the steps.

Before you begin

Back up your existing instance, including your database, and home directories. 

Steps

  1. Make a list of any Marketplace or other user-installed apps.

  2. Export the data into XML format. The attachments won't be exported, so you need to manually copy them from your current shared home directory.

  3. Deploy your Data Center instance in Azure, and test if it's working as expected.

  4. Import the XML backup that you created before. Make sure you know the administrator password for your existing site, as you'll be logged out during the import.

  5. Copy the contents of your /attachments directory to the equivalent directory in your shared home directory in Azure.

  6. Install any apps that you used before.

  7. Test your new Data Center instance.

Tips for a successful migration:

  • Do a trial run first: export your existing site, and import it into Azure to iron out any issues. 

  • Because you're setting up your new site in parallel, your current Data Center instance can remain accessible throughout the process.  If you're already running your Data Center instance, use read-only mode to prevent people making changes after you've exported the site. 

  • Unless your existing site is small, exporting the site without attachments will keep the export file smaller.

Securing your Azure deployment

We recommend deploying with SSL. Our template will prompt you for a certificate and password. 

Good to know:

  • HTTPS is terminated at the application gateway.

  • Your certificate should be from a trusted Certificate Authority. You should avoid self-signed certificates.

Preparing for your deployment

1. Determining the size of your deployment

While deploying your Data Center instance on Microsoft Azure, you’ll have an option to choose the size of your deployment—small, medium, large, or enterprise. This will determine the number and size of application nodes to be provisioned.

To help you estimate your instance’s size, we identified several Jira Data Center and Confluence Data Center size profiles that are based on the amount of data dimensions that you already have, or are planning to have, such as the number of issues, projects, custom fields, users, and so on.

2. Choosing the region

The region, or location, is where Azure will house your deployment. Some regions don’t provide all Azure features, like access to Application Insights or Azure SQL Analytics. Check out the Azure global infrastructure

3. Preparing additional information

During the deployment, you might also need:

  • Your database details, if you want to use an existing Azure database service. You'll need the database URL, port, username, and password. 

  • A Base64 encoded PFX certificate from a trusted Certificate Authority.

  • Details of your existing CNAME, if you don't want Azure to generate a random domain for you. 

Deploying your Data Center instance to Azure via Azure marketplace

This method uses the Azure Marketplace to deploy a Data Center instance using our deployment templates as a reference. 


You will need Owner permissions on the resource group into which the deployment is planned. This means adding the RBAC role “Owner” to your Azure subscription.

For related information, see What is role-based access control (RBAC) for Azure resources?


To deploy your Data Center instance to Azure using our Marketplace app:

  1. Log in to the Azure portal.

  2. From the New menu select Create a resource to start a new deployment.

  3. Search for Atlassian, then select your Data Center product from the list of Marketplace apps.

  4. Select Create to start configuring the deployment.

  5. Follow the prompts in the wizard to configure your deployment. Refer to the parameters table below for more information.

  6. Confirm all the details are correct, then select Create to purchase the subscription. Deployment will take about 30 minutes.  

  7. Once deployment is complete, go to your instance’s URL listed in the deployment outputs to complete onboarding.

Jira-specific parameters

Parameters

Description

Jira version

Specify the version of Jira you'd like to install in full. For example, 7.13.0.

We'd recommend that you select Jira Software 7.13 or later or Jira Service Management 3.16 or later. These versions have been thoroughly tested in Azure. Head to Jira Software release notes or Jira Service Management release notes for a list of all releases.

Jira admin credentials

Provide a name and password for the initial Jira administrator on your instance.

Jira cluster

Select the expected size of your site—trial, small, medium, large, or enterprise. This will determine the number of Jira application nodes and the size of VMs to be provisioned. Select Change size to override the defaults.

Confluence-specific parameters

Parameters

Description

Confluence version

Specify the version of Confluence you'd like to install in full. Check out the full list of Confluence releases.

Confluence admin credentials

Provide a name and password for the initial Confluence administrator on your instance.

Confluence cluster

Select the expected size of your site—trial, small, medium, large, or extra large. This will determine the number of Confluence application nodes and the size of VMs to be provisioned. Select Change size to override the defaults.

Bitbucket-specific parameters

Parameters

Description

Bitbucket version

Specify the version of Bitbucket you'd like to install in full (for example, 6.2.0). Head to release notes for a list of all releases.

Bitbucket admin credentials

Provide a name, email, and password for the initial Bitbucket administrator in your instance.

Bitbucket cluster

Specify the initial number of Bitbucket application nodes, and the size of each node. This can be reconfigured at a later date.

File server

Specify the size of the NFS file server and its disk size.

Elasticsearch details

Specify the initial number of Elasticsearch nodes, along with the instance size and disk size of each one.

Crowd-specific parameters

Crowd version

Specify the version of Crowd you'd like to install in full. For example, 4.2.0.

Crowd cluster

Select the expected size of your site - trial, small, medium, large, enterprise. This will determine the number of Crowd application nodes, and the size of VMs to be provisioned. Select Change size to override the defaults.

Standardized infrastructure parameters

The Jira Data Center, Jira Service Management, Confluence Data Center, Bitbucket Data Center, and Crowd Data Center templates all share the same parameters:

Parameter

Description

Subscription

Your Microsoft Azure subscription type.

Resource group

If you have an existing resource group, you can use it, or create a new one.

Location

This is the region where Azure will house your deployment.

SSH Access

Provide an SSH public key to be used to SSH into the instance that will act as bastion host, and a username and password for SSH access to the Bitbucket nodes.

See Create and use an SSH public-private key pair for Linux VMs in Azure in the Microsoft Azure documentation.

Database configuration

Choose between an Azure SQL Database, or Azure Database for PostgreSQL. Provide a username and password for the database admin user.

If you want to integrate with an existing database, you'll have to deploy to Azure using the CLI.

CNAME

This is the Canonical Name record (CNAME) for your organization. If you don't provide one, Azure will generate a random sub domain for your instance.

HTTP/SSL

Provide the certificate and password to be used for SSL termination on the Azure Application Gateway.

Monitoring

Choose the monitoring and analytics services that you would like to enable. Subject to availability in your location. See Monitoring for related information.

Deploying your Data Center isntance to Azure using the CLI

This method uses the Azure command-line interface to deploy your Data Center instance using our deployment templates as a reference. You'll need to install the Azure CLI to do this.

Using the deployment templates directly allows for greater configuration granularity. All hardware choices such as the number of cluster nodes, size, disk size, and OS type are configurable as parameters. 

Head to atlassian-azure-deployment in Bitbucket and check out the README to find out how to deploy using the CLI. 

Confluence-specific parameters

Required parameters 

The deployment template requires a number of values to be provided in order to deploy your Confluence Data Center instance. 

Parameter

Description

confClusterSize

To use recommended hardware options for the Confluence installation choose a size. Allowed values:

  • trial

  • small

  • medium

  • large

  • enterprise

If set, all further Gateway, VM, DB size parameters will be ignored.

clusterSshPassword

This is the SSH password you'll use to access your Confluence nodes.

dbPassword

This the password for your dedicated database user.

The password must meet a strong password requirement (imposed by AzureSQL Server): it must be between 16 and 41 characters long, and must contain at least one uppercase letter, one lowercase letter, one number (0-9), and one non-alphanumeric character (., !, $, #, %, etc). See the Azure SQL password documentation for details.

confAdminUserPassword

This is the password for your Confluence administrator's account.

Optional parameters 

The following parameters are optional. If you don't provide a value in the parameter file, we'll use the default values listed below. 

Parameter

Default value

Description

confluenceVersion

Latest

This is the version of Confluence you want to install on your cluster nodes. Enter the Confluence version number in full, for example "6.14.0".

We don't recommend using versions prior to 6.12, as they don't support managed Synchrony.

customDownloadUrl

empty

Use this URL to override standard Atlassian download url, for example to specify beta, release candidate or EAP versions. Used in conjunction with the confluenceVersion parameter.

dbCreateNew

true

Create a new database or attempt to use an existing specified database. Note that this has to be in same resource group and location as the target deployment.

dbType

Azure SQL DB

Choose between Azure SQL Server and Azure DB for PostgreSQL.

dbHost

auto-generated

The hostname of database server to be used if an external database is being used. This will be autogenerated if a new database is to be created.

dbPort

1433

The database port to use if an external database is being used. This will be autogenerated if a new database is to be created.

dbDatabase

confdatabase

The database name to use if an external database is being used. This will be autogenerated if a new database is to be created.

dbSchema

auto-generated

The database schema to use if an external database is being used. This will be autogenerated if a new database is to be created.

dbUsername

confluencedbuser

The username for the dedicated database user.

cname

auto-generated

This is the Canonical Name record (CNAME) for your organization. If you don't provide one, Azure will generate a random domain.

If you do use a custom domain, you must also update your Domain Registrar's settings to add the Azure DNS Name Servers. Consult your domain registry's documentation on how to configure cname records.

sslBase64EncodedPfxCertificate


The certificate to be used for SSL termination on the Azure Application Gateway.

sslPfxCertificatePassword


The certificate password to be used for SSL termination on the Azure Application Gateway.

jumpboxSshKey


The SSH public key to use to access the bastion host (jumpbox)

confAdminUserName

admin

The username for the Confluence Administrator's account. Must be lowercase.

confAdminUserFullName

Admin Admin

The full name of the Confluence Administrator's account.

confAdminUserEmail

admin@example.com

The email address of the Confluence Administrator user.

confAppTitle

Atlassian Confluence

The name of your Confluence site.

jumpboxSshUser

confluenceadmin

This is the SSH user you'll use to access the bastion host (jumpbox).

clusterSshUser

confluenceadmin

The SSH username to use to access the Confluence nodes from the bastion host (jumpbox). This is the only way you can access Confluence nodes.

enableEmailAlerts

true

Enable email alerts.

enableApplicationInsights

true

Enable Azure Application Insights.

enableAnalytics

true

Enable Azure Operational Insights.

Overriding the recommended hardware options

The confClusterSize parameter allows you to select the size of your deployment, and then use our recommendations for all resources to be created. 

If you choose not to set the confClusterSize parameter, you can choose to define your own values for things like dbTier, dbTierSize, clusterVmSize, LinuxOsType, and appGtwyTier

These parameters are all listed in the azuredeploy.json template file, with a description and allowed values. You should also check out the Developing guide in the template repository to learn more about developing your own template.

Monitoring

As a number of the resources we provision are managed by Azure, a number of options are available for monitoring. For example:

  • The application gateway will automatically monitor its backend pool (the application nodes), sending the alerts to the admin email address specified in the deployment. See Application Gateway health monitoring overview in the Microsoft Azure documentation. 

  • Application Insights can be used to see the overall system health, and dig into particular areas of interest Application Insights in the Azure documentation.

  • Azure SQL Analytics is available for more granular monitoring of your SQL Server database. Monitor Azure SQL Database using Azure SQL Analytics in the Microsoft Azure documentation. 

Note that some of these resources are still in Preview, so may not be available in your region yet.

Last modified on Apr 17, 2023

Was this helpful?

Yes
No
Provide feedback about this article

Related content

  • No related content found
Powered by Confluence and Scroll Viewport.