Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Elastic build agents in Amazon Virtual Private Cloud

Igor Lobanov
Igor Lobanov October 9, 2012

(Not quite sure why it says above this question is applied to installed version of Atlassian products -- I don't remember setting it and I can't change it now)

We want to use Bamboo OnDemand to run integration tests as part of the CI process. Unfortunately, it does require access to some resources available only in local network (e.g. specialist hardware). We can not open direct access to such resources due to security policy.

One of the options would be to have Elastic build agents running inside Amazon Virtual Private Cloud (VPC) that effectively creates instances within our network. Such instances wouldn't have direct access to the Internet, so it would work fine with regard to security. The question is whether Bamboo can be made working with such build agents.

I've looked at the documentation for Bamboo and it seems that agents are accessing main Bamboo service by establishing HTTP connections to it. It does mean that we can potentially have the instances running in VPC and getting access to main Bamboo service through a proxy. Unfortunately, I couldn't find any further information on the architecture of Elastic build agents to confirm that.

Could you help me understand if this scenario is viable?

Thank you

Update: one thing that is particularly concerning is that, seemingly, in order to launch an instance in VPC using the EC2 API one needs to pass extra parameters: VPC, subnet and security group. I've checked Elastic agent configuration in Bamboo OnDemand and it doesn't look like there's a way of configuring these.

Answer
Watch
Like Steffen Opel likes this
621 views

1 answer

1 accepted

0 votes
Answer accepted
Igor Lobanov
Igor Lobanov October 17, 2012

Apparently, VPCs will be natively supported in the next Bamboo version (4.3) which is due to be released this November. However, it is yet uncertain when Bamboo OnDemand will be upgraded to this version.

In the meantime, the there is a workaround, which is confirmed to be workable. One need to a customized AMI for elastic build agent that is spawned in the public cloud, but completely locks itself down via iptables once started and establishes a VPN tunnel to the on-premises network. Hence, the instance will be running effectively within VPC and accessing Bamboo OnDemand via corporate HTTP proxy (Internet gateway), but still can be started via EC2 API without any additional parameters.

I've attached a diagram that illustrates the solution.

View More Comments
Przemek Bruski
Przemek Bruski
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 17, 2012

A customised AMI will work, but you can also use an EBS or instance setup script. In this way, you will be able to use the stock image (stock images get bugfixes and minor version updates).

Like
Reply

Suggest an answer

Log in or Sign up to answer
Product apps
Apps & Integrations
TAGS
AUG Leaders

Atlassian Community Events

    See all events