This set of Templates provide all the components to deploy a single Gerrit master in ECS
Two templates are provided in this example:
cf-cluster
: define the ECS cluster and the networking stackcf-service
: defined the service stack running Gerritcf-dns-route
: defined the DNS routing for the serviceerror_log
is exported in a Log Group in CloudWatchThe setup.env.template
is an example of setup file for the creation of the stacks.
Before creating the stacks, create a setup.env
in the Makefile
directory and correctly set the value of the environment variables.
This is the list of available parameters:
DOCKER_REGISTRY_URI
: Mandatory. URI of the Docker registry. See the prerequisites section for more details.SSL_CERTIFICATE_ARN
: Mandatory. ARN of the SSL Certificate.CLUSTER_STACK_NAME
: Optional. Name of the cluster stack. gerrit-cluster
by default.SERVICE_STACK_NAME
: Optional. Name of the service stack. gerrit-service
by default.DNS_ROUTING_STACK_NAME
: Optional. Name of the DNS routing stack. gerrit-dns-routing
by default.HOSTED_ZONE_NAME
: Optional. Name of the hosted zone. mycompany.com
by default.SUBDOMAIN
: Optional. Name of the sub domain. gerrit-master-demo
by default.As a prerequisite to run this stack, you will need:
AWS Secret Manager is a secure way of storing and managing secrets of any type.
The secrets you will have to add are the Gerrit SSH keys and the Register Email Private Key set in secure.config
.
The SSH keys you will need to add are the one usually created and used by Gerrit:
You will have to create the keys and place them in a directory.
You will need to create a secret and put it in a file called registerEmailPrivateKey
in the same directory of the SSH keys.
You can now run the script to upload them to AWS Secret Manager: add_secrets_aws_secrets_manager.sh /path/to/your/keys/directory
aws ecr create-repository --repository-name aws-gerrit/gerrit
DOCKER_REGISTRY_URI
gerrit.config
in ./gerrit/etc
./gerrit/plugins
make gerrit-publish
aws ec2 create-key-pair --key-name gerrit-cluster-keys \ --query 'KeyMaterial' --output text > gerrit-cluster.pem
NOTE: the EC2 key pair are useful when you need to connect to the EC2 instances for troubleshooting purposes. Store them in a pem
file to use when ssh-ing into your instances as follow: ssh -i yourKeyPairs.pem <ec2_instance_ip>
make create-all
make delete-all
You Gerrit instance will be available at this URL: http://<HOSTED_ZONE_NAME>.<SUBDOMAIN>
.
The available ports are 8080
for HTTP and 29418
for SSH.