Deploy Hipchat Data Center on AWS
How it works
AWS's CloudFormation is a templating language that allows you to build a "stack," in which specific servers and services are deployed and linked together with minimum amount of input from you. When you create a stack using the Hipchat Data Center CloudFormation template, AWS performs the following steps:
- Creates a VPC that the cluster will live in, and any standard VPC facilities, such as the bastion host (or jumpbox).
- Creates, deploys, and configures a Postgres 9.5 instance using AWS Relational Database Service (RDS).
- Creates the
- Creates the
- Grants the
hipchat_userGRANTS ALL access to the
- Creates the
- Creates, deploys, and configures a Redis cache using AWS ElastiCache, and configures it.
- Creates, deploys, and configures an AWS Elastic File System (EFS) storage volume.
- Creates, deploys, and configures an AWS Elastic Load Balancer (ELB).
- Creates three Hipchat Data Center nodes from AMIs, and performs the following configuration steps:
- Applies a standard configuration that connects the nodes to the external services.
- Adds the three nodes to the load balancer.
- Restarts the cluster to apply the configuration changes.
- Installs your SSL certificate on the load balancer so it can terminate SSL traffic.
- A Hipchat Data Center license key (You'll use this once the cluster is running)
- An Amazon Web Services account with CloudFormation enabled
- You must use the
- You must deploy the nodes across three or more Availability Zones within the same region.
- The region you deploy to must support EFS.
- You must use the
- A SSL certificate for the DNS domain you will use, uploaded to AWS' certificate manager
- AWS information about SSL certificates in ELB: http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-server-cert.html
- How to import your SSL certificate to AWS: https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html
- SSH keypair on the AWS region you're going to use (so you can administer the cluster)
- In your browser, navigate to the Amazon CloudFormation portal.
- Click Create Stack.
- On the screen that appears, choose Specify an Amazon S3 template URL.
- Paste the Hipchat Data Center CloudFormation template URL in the field below
On the next screen, enter values for the following fields.
Enter the fully qualified domain name that clients will use to access the deployment. Do not include the
httpsprotocol prefix, for example:
DNS zone (optional)
If you are using AWS Route53 for DNS, enter your Route53 zone name . Route53 zone name domains must end with a trailing period, for example:
If you are not using Route53, you must create your own DNS entry that directs to the Hipchat Data Center load balancer's A record.
SSL Certificate Name Select the Amazon Resource Name (ARN) of the the SSL certificate you uploaded to AWS. The CN must match the hostname.domain-name you provided. (You can see your list of SSL certificates at the Amazon console: https://console.aws.amazon.com/acm/home. Select a certificate, and the ARN is displayed at the bottom of the Details section.) SSH KeyPair Select the SSH KeyPair you will use to access the deployment. You must have already created or imported this KeyPair in your AWS Console, in the AWS Region you will use.
Optionally, override the advanced configuration options as needed.
Dedicated VPC network address The network address to use for Hipchat Data Center in your Virtual Private Cloud. Whitelisted IP range The CIDR IP range that is allowed to access the Hipchat service. RDS database user We recommend that you set the RDS username to
hipchat, but if you must use a different name, enter that one here.
RDS database password Change this from the default password. Use between 16 and 24 ASCII characters, and include both uppercase and lowercase letters, digits, and at least one symbol (#%^&+=!). Bastion host SSH access range Enter the CIDR IP range used by administrators for SSH access to the cluster's jumpbox.
- Double check your entries, and click Next.
- Optionally, enter any tags for your AWS Resources, then click Next.
Review your entries, and if they look correct, click Create.
If you are troubleshooting a CloudFormation based deployment, you might want to select "disable rollback". See the AWS Cloud Formation troubleshooting guide for more information.
AWS will take about an hour to fully deploy the Hipchat Data Center Cluster.
Once the deployment is finished, browse to your server's full host name and the
setuppath (for example
The wizard prompts you for the name of your Team, your license, and the details for the owner account for the instance. (You'll use the owner account to configure optional features in the next step.)
Configure optional features
Although the CloudFormation template configures trust and networking between the nodes and the storage services, it does not enable or disable optional Hipchat services (for example email notifications or video chat) which you might want on your deployment.
Before you add users, follow the instructions at Configure optional Hipchat Data Center features to make sure your deployment has all the functionality they will expect.
Quick deploy known issues
The AWS CloudFormation Quick Start has the following known issues:
- If you reboot a host, it can cause the Elastic LoadBalancer to misidentify it as "unhealthy" and terminate it. The Auto Scaling Group (ASG) then launches another instance.
- If deployment fails with a
CREATE_FAILEDmessage, your AWS environment may have a misconfiguration or another underlying problem. Check the system logs on your EC2 instance for error messages before contacting Atlassian Support.
Connect to AWS Hipchat Data Center nodes
The Hipchat Data Center node instances are deployed in a Virtual Private Cloud (a type of private network). To SSH to them, you need to SSH into the bastion host (also called a jumpbox) to access the private network. From there, with either the SSH private key on that jumpbox or SSH Agent forwarding, you can SSH to the nodes using their private IP addresses.
BastionHostIP output in the CloudFormation stack is the IP of the jumpbox.