|
| 1 | +# AWS One-Click Installation for Sourcegraph |
| 2 | + |
| 3 | +This page describes how to launch a verified and pre-configured Sourcegraph instance in just ~10 minutes using our one-click CloudFormation template and standard AMIs. |
| 4 | + |
| 5 | +Prefer manually installing on AWS yourself? See our [AMI](/admin/deploy/machine-images/aws-ami) installation options or our [script-install](/admin/deploy/single-node/script) installation options. |
| 6 | + |
| 7 | +## Prerequisites |
| 8 | + |
| 9 | +* An AWS account (most regions are supported, see our [Launcher](#deploy-sourcegraph) below for a complete list) |
| 10 | +* General familiarity with AWS |
| 11 | +* An [EC2 keypair](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-key-pairs.html) for SSH access |
| 12 | +* (optional) A Sourcegraph license to unlock features ([view plans](https://sourcegraph.com/pricing) or [learn how licenses work](/admin/subscriptions/index)) |
| 13 | + |
| 14 | +## What will be created |
| 15 | + |
| 16 | +Using our wizard, a single EC2 instance will be created with the following: |
| 17 | + |
| 18 | +- EBS root volume: 50GB |
| 19 | +- EBS data volume: 500GB - your Sourcegraph data (code and search indices.) |
| 20 | +- AWS Network Security Group |
| 21 | +- The latest version of Sourcegraph |
| 22 | +- (optional) DNS and TLS via AWS Load Balancer and AWS Certificate Manager |
| 23 | + |
| 24 | +<Callout type="note">The instance will launch in the default VPC. If your AWS user does not have a default VPC, or the option `Auto-assign public IPv4 address` is not enabled for a subnet within that VPC, please see our [Manual AMI](/admin/deploy/machine-images/aws-ami) instructions instead.</Callout> |
| 25 | + |
| 26 | + |
| 27 | + |
| 28 | +## Determine your instance size |
| 29 | + |
| 30 | +The number of users and repositories you will use with Sourcegraph determines your instance size. If you fall between two sizes, choose the larger of the two. |
| 31 | + |
| 32 | +Example: With 8,000 users with 80,000 repositories, your instance size would be **L**. If you have 1,000 users with 80,000 repositories, then size **M**. |
| 33 | + |
| 34 | +| | **XS** | **S** | **M** | **L** | **XL** | |
| 35 | +| -------------------- | ----------- | ----------- | ----------- | ------------ | ------------ | |
| 36 | +| **Users** | `<= 500` | `<= 1,000` | `<= 5,000` | `<= 10,000` | `<= 20,000` | |
| 37 | +| **Repositories** | `<= 5,000` | `<= 10,000` | `<= 50,000` | `<= 100,000` | `<= 250,000` | |
| 38 | +| **Recommended Type** | m6a.2xlarge | m6a.4xlarge | m6a.8xlarge | m6a.12xlarge | m6a.24xlarge | |
| 39 | +| **Minimum Type** | m6a.2xlarge | m6a.2xlarge | m6a.4xlarge | m6a.8xlarge | m6a.12xlarge | |
| 40 | + |
| 41 | +## Deploy Sourcegraph 🎉 |
| 42 | + |
| 43 | +<Callout type="note">For security, please follow [Amazon best practices](https://docs.aws.amazon.com/accounts/latest/reference/best-practices-root-user.html) and _do not deploy Sourcegraph using your AWS account root user.</Callout> |
| 44 | + |
| 45 | +<Callout type="note">By default the CloudFormation template will create standard EBS volumes. If you have special EBS volume encryption requirements, please see the [AWS EBS Encryption guide](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) and install Sourcegraph using our [Manual AMI](/admin/deploy/machine-images/aws-ami) instructions instead.</Callout> |
| 46 | + |
| 47 | +Choose an AWS Region in the launcher below and click **Launch Stack**. When prompted, choose your **SSH Keypair** and **Sourcegraph Instance Size** per the chart above, then **Create Stack**. |
| 48 | + |
| 49 | +<AWSOneClickLaunchForm /> |
| 50 | + |
| 51 | +If you're running into any problem, see our [Troubleshooting guide](/admin/troubleshooting). |
| 52 | + |
| 53 | +### Confirm you can access Sourcegraph |
| 54 | + |
| 55 | +Find the URL of your Sourcegraph instance in the **Outputs** section of the AWS Stack. On first launch, Sourcegraph may take ~5 minutes to start and may display a `404 not found` page temporarily. |
| 56 | + |
| 57 | +### Executors |
| 58 | + |
| 59 | +Executors are supported using [native kubernetes executors](/admin/executors/deploy_executors_kubernetes). |
| 60 | + |
| 61 | +Executors support [auto-indexing](/code-search/code-navigation/auto_indexing) and [server-side batch changes](/batch_changes/explanations/server_side). |
| 62 | + |
| 63 | +To enable executors you must do the following: |
| 64 | + |
| 65 | +1. Connect to the AMI instance using `ssh` |
| 66 | +2. Run `cd /home/ec2-user/deploy/install/` |
| 67 | +3. Replace the placeholder `executor.frontendPassword` in `override.yaml` |
| 68 | +4. Run the following command to update the executor |
| 69 | + |
| 70 | +```curl |
| 71 | +helm upgrade -i -f ./override.yaml --version "$(cat /home/ec2-user/.sourcegraph-version)" executor sourcegraph/sourcegraph-executor-k8s |
| 72 | +``` |
| 73 | + |
| 74 | +1. Adding the following to the site-admin config using the password you chose previously |
| 75 | + |
| 76 | +```curl |
| 77 | +"executors.accessToken": "<exector.frontendPassword>", |
| 78 | +"executors.frontendURL": "http://sourcegraph-frontend:30080", |
| 79 | +"codeIntelAutoIndexing.enabled": true |
| 80 | +``` |
| 81 | + |
| 82 | +1. Check `Site-Admin > Executors > Instances` to verify the executor connected successfully. If it does not appear try reboot the instance |
| 83 | + |
| 84 | +To use server-side batch changes you will need to enable the `native-ssbc-execution` [feature flag](/admin/executors/native_execution#enable). |
| 85 | + |
| 86 | +### Secure your instance |
| 87 | + |
| 88 | +By default Sourcegraph will be available over HTTP on the public internet. To secure it you should now perform the following: |
| 89 | + |
| 90 | +1. [Configure DNS and HTTPS/TLS](/admin/deploy/machine-images/aws-ami#networking) using an AWS Load Balancer and AWS Certificate Manager. |
| 91 | +2. [Configure user authentication](/admin/auth/) (SSO, SAML, OpenID Connect, etc.) |
| 92 | +3. [Review the new Network Security Group](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) to prevent access from the public internet and follow the principle of least privilege. |
| 93 | + |
| 94 | +## Managing Sourcegraph |
| 95 | + |
| 96 | +### Backup and restore |
| 97 | + |
| 98 | +We strongly recommend you taking [snapshots of the entire Sourcegraph data EBS volume](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-snapshot.html) on an [automatic, scheduled basis](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-lifecycle.html). Only the Sourcegraph data volume (500G) needs to be backed up. |
| 99 | + |
| 100 | +To restore from a backup, simply follow our [upgrade instructions](/admin/deploy/machine-images/aws-ami#upgrade) and skip directly to **Step 2: Launch a new instance** - choosing your desired Sourcegraph version and your backed up data volume. |
| 101 | + |
| 102 | +### Upgrading your Sourcegraph instance |
| 103 | + |
| 104 | +Updates are released every month, and upgrading is a simple process: backup your instance, detach the Sourcegraph data volume, and start a new instance using the latest AMI with your data volume attached. For step-by-step instructions [see here](/admin/deploy/machine-images/aws-ami#upgrade). |
| 105 | + |
| 106 | +### Monitoring & alerting |
| 107 | + |
| 108 | +Sourcegraph comes with extensive built-in monitoring dashboards & the ability to configure alerts. Please see our [monitoring guide](/admin/how-to/monitoring-guide) for more information. |
| 109 | + |
| 110 | +### Get Support |
| 111 | + |
| 112 | +Feel free to reach out to `[email protected]` if you have any questions. |
| 113 | + |
| 114 | +Business support, training, Slack support, SLAs, and dedicated Technical Advisors are all available through [Business and Enterprise plans](https://sourcegraph.com/pricing). |
0 commit comments