Running Crowd on an Azure cluster

If you decide to deploy Crowd Data Center in a clustered environment, consider using Microsoft Azure. This platform allows you to scale your deployment elastically by resizing and quickly launching additional nodes, and provides a number of managed services that work out of the box with Crowd Data Center. These services make it easier to configure, manage, and maintain your deployment's clustered infrastructure.

We've set up reference templates that let you deploy Crowd Data Center in Microsoft Azure, and you can then configure it depending on your organization's needs. We strongly recommend you set up user management, central logging storage, a backup strategy, and monitoring, just as you would for a Crowd Data Center installation running on your own hardware.

On this page:

Non-clustered VS clustered environment

A single node is adequate for most Small or Medium size deployments, unless you need high availability or zero-downtime upgrades

If you have an existing Server installation, you can still use its infrastructure when you upgrade to Data Center. Many features exclusive to Data Center (like SAML single sign-onself-protection via rate limiting, and CDN support) don't require clustered infrastructure. You can start using these Data Center features by simply upgrading your Server installation’s license.
 
For more information on whether clustering is right for you, check out Atlassian Data Center architecture and infrastructure options.

How it works

Here's an architectural overview of what you'll get when deploying Crowd Data Center using the templates:

The deployment contains one or more Azure standard VM instances as application cluster nodes in a scale set. Each of those nodes runs Crowd Data Center.

The template also provisions an Azure Files storage account for the shared home. This shared home stores attachments and other files accessible to the application cluster nodes. It's mounted as a SAN drive on each cluster node, and treated normally like any other file.

Standardized infrastructure

The Jira Data CenterConfluence Data CenterBitbucket Data Center, and Crowd Data Center templates deploy the following infrastructure components identically:
ComponentConfiguration
Bastion hostThis is a lightweight but highly secure Azure Linux VM that controls SSH access to the application cluster nodes.
Application GatewayBy default, this gateway is composed of two instances for high availability. It acts as a HTTP/HTTPS load balancer for your scale set of application cluster nodes.
MonitoringThe ARM templates configure Azure Monitoring to perform basic health and availability monitoring to cluster nodes and database.
DatabaseYou can choose between Azure SQL Database (MS SQL Server-compatible) or Azure PostgreSQL database. Either way, the database will be configured as service endpoints to only allow traffic from the private network that the cluster nodes are in. This restricted traffic setup helps enhance security.


Migrating to an Azure deployment

You can also migrate your existing Crowd Data Center instance into Azure. To do this, you will need to set up a new Crowd Data Center instance in Azure, and then import data from your existing instance. This approach ensures that your new site is created with optimum settings for Azure.

Once you've deployed Crowd Data Center on Azure, refer to Migrating Crowd Between Servers for further instructions.


Securing your Azure deployment

We recommend deploying Crowd with SSL. Our template will prompt you for a certificate and password. 

Good to know:

  • HTTPS is terminated at the application gateway.
  • Your certificate should be from a trusted Certificate Authority. You should avoid self-signed certificates.


Preparing for your deployment

1. Determining the size of your deployment

While deploying Crowd Data Center on Microsoft Azure, you’ll have an option to choose the size of your deployment—small, medium, large, or enterprise. We use these sizes to help you estimate the size and number of Crowd application node to be provisioned. 

2. Choosing the region

The region, or location, is where Azure will house your deployment. Some regions don’t provide all Azure features, like access to Application insights and analytics. The choice here depends on what features would you like to use for your deployment.

To browse regions and available features, see Products available by region.

3. Preparing additional information

During the deployment, you will also need:

  • (Optional) SSL: A Base64 encoded PFX certificate from a trusted Certificate Authority. 
  • (Optional) CNAME: Details of your existing CNAME, if you don't want Azure to generate a random domain for you. 


Deploying Crowd Data Center to Azure via Azure marketplace

This method uses the Azure Marketplace to deploy Crowd Data Center using our deployment templates as a reference. 

To deploy Crowd Data Center to Azure using our Marketplace app:

  1. Log in to Azure Portal.
  2. Choose Create a resource to start a new deployment
  3. Search for Atlassian, then select Crowd Data Center from the list of Marketplace apps.
  4. Choose Create to start configuring the deployment.
  5. Follow the prompts in the wizard to configure your deployment. Refer to the parameters table below for more information.
  6. Confirm all the details are correct, then click Create to purchase the subscription.  Deployment will take about 30 minutes.  
  7. Once deployment is complete, go to the Crowd URL listed in the deployment outputs to complete onboarding and start using Crowd.

Crowd-specific parameters

The following parameters apply only to Crowd Data Center.

Crowd Version

Specify the version of Crowd you'd like to install in full. For example, 4.2.0.

Crowd ClusterSelect the expected size of your site - trial, small, medium, large, enterprise. This will determine the number of Crowd application nodes, and the size of VMs to be provisioned. Choose Change Size to override the defaults.

Standardized infrastructure parameters

The Jira Data CenterConfluence Data CenterBitbucket Data Center, and Crowd Data Center templates all share the same parameters:
ParameterDescription
SubscriptionYour Microsoft Azure subscription type.
Resource groupIf you have an existing resource group, you can use it, or create a new one.
LocationThis is the region where Azure will house your deployment.
SSH AccessProvide an SSH public key to be used to SSH into the instance that will act as bastion host, and a username and password for SSH access to the Bitbucket nodes.

See Create and use an SSH public-private key pair for Linux VMs in Azure in the Microsoft Azure documentation.

Database configuration

Choose between an Azure SQL Database, or Azure Database for PostgreSQL. Provide a username and password for the database admin user.

Existing databases

If you want to integrate with an existing database, you'll have to deploy to Azure using the CLI.

CNAMEThis is the  Canonical Name record (CNAME) for your organization. If you don't provide one, Azure will generate a random sub domain for your instance.
HTTP/SSLProvide the certificate and password to be used for SSL termination on the Azure Application Gateway.
MonitoringChoose the monitoring and analytics services that you would like to enable. Subject to availability in your location. See Monitoring for related information.

Deploying Crowd Data Center to Azure using the CLI

This method uses the Azure command line interface to deploy Crowd Data Center using our deployment templates as a reference. You'll need to install the Azure CLI to do this.

Using the deployment templates directly allows for greater configuration granularity. All hardware choices such as the number of cluster nodes, size, disk size, and OS type are configurable as parameters. 

Head to https://bitbucket.org/atlassian/atlassian-azure-deployment and check out the README to find out how to to deploy using the CLI. 

Monitoring

As a number of the resources we provision are managed by Azure, a number of options are available for monitoring. For example:

  • The application gateway will automatically monitor its backend pool (the Crowd application nodes), sending the alerts to the Crowd admin email address specified in the deployment. See  Application Gateway health monitoring overview  in the Microsoft Azure documentation. 

  • Application Insights can be used to see the overall system health, and dig into particular areas of interest Application Insights in the Azure documentation. 

  • Azure SQL Analytics is available for more granular monitoring of your SQL Server database.   Monitor Azure SQL Database using Azure SQL Analytics in the Microsoft Azure documentation. 

Note that some of these resources are still in Preview, so may not be available in your region yet. 


Last modified on Oct 29, 2020

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.