- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with JIRA
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
- Testing - How to test the JIRA module
- Contributors
This module allows you to install, upgrade and manage Atlassian JIRA.
This module installs/upgrades Atlassian's Enterprise Issue Tracking and project management tool. The JIRA module also manages the JIRA configuration files with Puppet.
-
JIRA requires a Java Developers Kit (JDK) or Java Run-time Environment (JRE) platform to be installed on your server's operating system. Oracle JDK / JRE (formerly Sun JDK / JRE) versions 7 and 8 are currently supported by Atlassian.
-
JIRA requires a relational database to store its issue data. This module currently supports PostgreSQL 8.4 to 9.x and MySQL 5.x and Oracle 11g and Microsoft SQL Server 2008 & 2012. We suggest using puppetlabs-postgresql/puppetlabs-mysql modules to configure/manage the database. The module uses PostgreSQL as a default.
-
Whilst not required, for production use we recommend using nginx/apache as a reverse proxy to JIRA. We suggest using the jfryman/nginx puppet module.
If installing to an existing JIRA instance, it is your responsibility to backup your database. We also recommend that you backup your JIRA home directory and that you align your current JIRA version with the version you intend to use with puppet JIRA module.
You must have your database setup with the account user that JIRA will use. This can be done using the puppetlabs-postgresql and puppetlabs-mysql modules.
When using this module to upgrade JIRA, please make sure you have a database/JIRA home backup.
When using MySQL, We call the jira::mysql_connector class to install the MySQL java connector directory from mysql.com as per Atlassian's documented recommendations.
This puppet module will automatically download the JIRA zip from Atlassian and extracts it into /opt/jira/atlassian-jira-$version. The default JIRA home is /home/jira.
If you would prefer to use Hiera then see jira.yaml file for available options.
class { 'jira':
javahome => '/opt/java',
}
Jira can be upgraded by incrementing this version number. This will STOP the running instance of Jira and attempt to upgrade. You should take caution when doing large version upgrades. Always backup your database and your home directory. The jira::facts class is required for upgrades.
class { 'jira':
javahome => '/opt/java',
version => '6.3.7',
}
class { 'jira::facts': }
puppet-archive is the default module for deploying the JIRA binaries.
class { 'jira':
javahome => '/opt/java',
deploy_module => 'archive',
}
jira
: Main class, manages the installation and configuration of JIRAjira::facts
: Enable external facts for running instance of JIRA. This class is required to handle upgrades of jira. As it is an external fact, we chose not to enable it by default.
jira::install
: Installs JIRA binariesjira::config
: Modifies jira/tomcat configuration filesjira::service
: Manage the JIRA service.jira::mysql_connector
: Install/Manage the MySQL Java connector
Specifies the version of JIRA to install, defaults to latest available at time of module upload to the forge. It is recommended to pin the version number to avoid unnecessary upgrades of JIRA.
Product name, defaults to jira
The default file format of the JIRA install file, defaults to tar.gz
The directory to install to, defaults to '/opt/jira'
The default home directory of JIRA, defaults to '/home/jira'
The user to run/install JIRA as, defaults to 'jira'
The group to run/install JIRA as, defaults to 'jira'
The uid of the JIRA user, defaults to next available (undef)
The gid of the JIRA user, defaults to next available (undef)
The shell of the JIRA user, defaults to '/bin/true'
Enables or disables JIRA Secure Administrator Sessions, defaults to true
Override default values for advanced configuration. Default values are defined in jpm.xml, see https://confluence.atlassian.com/jira/advanced-jira-configuration-126006.html for details. Specify key/value pairs as a hash. Example:
jira_config_properties => {
'ops.bar.group.size.opsbar-transitions' => '4',
}
Enables or disables clustering, defaults to false
The directory of the shared home directory, defaults to undef. When clustering is enabled, this parameter is required.
Which database to use for JIRA, defaults to 'postgresql'. Can be: 'postgresql', 'mysql', 'oracle', 'sqlserver', or 'h2'.
The default database user for JIRA, defaults to 'jiraadm'
The password for the database user, defaults to 'mypassword'
The hostname of the database server, defaults to 'localhost'
The name of the database, defaults to 'jira'. If using oracle this should be the SID.
The port of the database, defaults to an appropriate port for the $db:
$db | DEFAULT |
---|---|
postgresql | 5432 |
mysql | 3306 |
oracle | 1521 |
sqlserver | 1443 |
h2 | N/A |
The database driver to use, defaults to an appropriate value for $db:
$db | DEFAULT |
---|---|
postgresql | org.postgresql.Driver |
mysql | com.mysql.jdbc.Driver |
oracle | oracle.jdbc.OracleDriver (*) |
sqlserver | com.microsoft.sqlserver.jdbc.SQLServerDriver |
h2 | org.h2.Driver |
(*) NOTE: You must add the Oracle JDBC Driver manually with recent versions of JIRA (for now). See: https://confluence.atlassian.com/doc/database-jdbc-drivers-171742.html
Database type, defaults to an appropriate value for $db:
$db | DEFAULT |
---|---|
postgresql | postgresql72 |
mysql | mysql |
oracle | oracle10g |
sqlserver | mssql |
h2 | h2 |
NOTE: Atlassian only supports Oracle 11g/12g, even so this value should be as documented here.
Set the schema
The Default value is 'public'
The connection pool size to the database, defaults to 20
This parameter is not required nor do we recommend setting it. However it can be used to customize the database connection string.
Configure database settings if you are pooling connections, defaults to 'false'
defaults to 20 (requires enable_connection_pooling => true
)
defaults to 20 (requires enable_connection_pooling => true
)
defaults to 30000 (requires enable_connection_pooling => true
)
defaults to undef (requires enable_connection_pooling => true
)
defaults to 60000 (requires enable_connection_pooling => true
)
defaults to undef (requires enable_connection_pooling => true
)
defaults to 20 (requires enable_connection_pooling => true
)
defaults to true (requires enable_connection_pooling => true
)
defaults to 300 (requires enable_connection_pooling => true
)
defaults to true (requires enable_connection_pooling => true
)
defaults to false (requires enable_connection_pooling => true
)
Manage the MySQL Java Connector with the JIRA module, defaults to 'true'
Specifies the version of MySQL Java Connector you would like installed. Defaults to '5.1.34',
Product name, defaults to 'mysql-connector-java'
The default file format of the MySQL Java Connector install file, defaults to tar.gz
Installation directory of the MySQL connector. Defaults to '/opt/MySQL-connector'
The URL used to download the MySQL Java Connector installation file.
Defaults to http://cdn.mysql.com/Downloads/Connector-J
The JAVA_HOME directory, defaults to undef. This is a required parameter
The initial memory allocation pool for a Java Virtual Machine. defaults to '256m'
Maximum memory allocation pool for a Java Virtual Machine. defaults to '1024m'
Increase max permgen size for a Java Virtual Machine. defaults to '256m'
defaults to '-XX:-HeapDumpOnOutOfMemoryError'
defaults to ''
defaults to ''
The URL used to download the JIRA installation file.
Defaults to https://product-downloads.atlassian.com/software/jira/downloads/
The md5 checksum of the archive file. Only supported with
deploy_module => archive
. Defaults to 'undef'
Module to use for downloading and extracting archive file. Supports puppet-archive and puppet-staging. Defaults to 'archive'. Archive supports md5 hash checking and Staging supports S3 buckets.
Specify a proxy server, with port number if needed. ie: https://example.com:8080.
Only supported with deploy_module => archive
(the default). Defaults to 'undef'.
Proxy server type (none|http|https|ftp)
Only supported with deploy_module => archive
(the default). Defaults to 'undef'.
Manage the JIRA service, defaults to 'true'
Manage the JIRA service, defaults to 'running'
Defaults to 'true'
Restart the jira service in response to this subscription
Notify other puppet resources to refresh after the jira service
If the jira service is managed outside of puppet the stop_jira parameter can be used to shut down jira for upgrades. Defaults to 'service jira stop && sleep 15'
Defaults to {}, See examples on how to use.
Defaults to an empty string (""). Will add a path to the Tomcat Server Context.
Manages the 'check-java.sh' script provided by JIRA.
Defaults to 'false'.
Alternate location to find the 'check-java.sh' script. Requires
$script_check_java_manage = true
.
Defaults to 'jira/check-java.sh.erb'.
IP address to listen on. Defaults to all addresses.
Port to listen on, defaults to '8080'
Defaults to '150'
Defaults to '100'
Enable https/ssl support. Defaults to 'false'. See https://confluence.atlassian.com/display/JIRA/Running+JIRA+over+SSL+or+HTTPS
for additional info. The java keystore can be managed with the puppetlabs-java_ks
module or manually with
keytool -genkey -alias jira -keyalg RSA -sigalg SHA256withRSA -keystore /home/jira/jira.ks
https/ssl Port to listen on, defaults to 8443.
Specifiy Jira redirect https port when using port redirection 80->8080 and 443->8443 or proxy server in front, defaults to $tomcat_https_port. To be used with tomcat_native_ssl.
The alias name of the java keystore entry. Defaults to 'jira'.
Location of java keystore file. Defaults to '/home/jira/jira.jks'
Password to access java keystore. Defaults to 'changeit'
Defaults to 'JKS'. Valid options are 'JKS', 'PKCS12', 'JCEKS'.
Well-formed, complex Hash where each key represents a port number and the key's
value is a hash whose key/value pairs represent the attributes and their values
that define the connector's behaviour. Default is {}
.
Use this parameter to specify arbitrary, additional connectors with arbitrary attributes. There are no defaults here, so you must take care to specify all attributes a connector requires to work in Jira. See below for examples.
This is useful if you need to access your Jira instance directly through an additional HTTP port, e.g. one that is not configured for reverse proxy use. Atlassian describes use cases for this in https://confluence.atlassian.com/kb/how-to-create-an-unproxied-application-link-719095740.html and https://confluence.atlassian.com/kb/how-to-bypass-a-reverse-proxy-or-ssl-in-application-links-719095724.html
Enable crowd single sign on configuration as described in https://confluence.atlassian.com/display/CROWD/Integrating+Crowd+with+Atlassian+Confluence#IntegratingCrowdwithAtlassianConfluence-2.2EnableSSOintegrationwithCrowd(Optional)
Set crowd application name
Set crowd application password
Set crowd application login url, where to login into crowd (e.g. https://crowd.example.com/console/
)
Set crowd application services url, e.g. https://crowd.example.com/services/
Set crowd base url, e.g. https://crowd.example.com/
Some more crowd.properties for SSO, see atlassian documentation for details
Some more crowd.properties for SSO, see atlassian documentation for details
Some more crowd.properties for SSO, see atlassian documentation for details
Some more crowd.properties for SSO, see atlassian documentation for details
class { 'jira':
version => '6.0.1',
installdir => '/opt/atlassian-jira',
homedir => '/opt/atlassian-jira/jira-home',
user => 'jira',
group => 'jira',
dbpassword => 'secret',
dbserver => 'localhost',
javahome => '/opt/java/jdk1.7.0_21/',
download_url => 'http://myserver/pub/development-tools/atlassian/',
tomcat_additional_connectors => {
# Define two additional connectors, listening on port 8081 and 8082
8081 => {
'relaxedPathChars' => '[]|',
'relaxedQueryChars' => '[]|{}^\`"<>',
'maxThreads' => '150',
'minSpareThreads' => '25',
'connectionTimeout' => '20000',
'enableLookups' => 'false',
'maxHttpHeaderSize' => '8192',
'protocol' => 'HTTP/1.1',
'useBodyEncodingForURI' => 'true',
'redirectPort' => '8443',
'acceptCount' => '100',
'disableUploadTimeout' => 'true',
'bindOnInit' => 'false',
},
# This additional connector is configured for access from a reverse proxy
8082 => {
'relaxedPathChars' => '[]|',
'relaxedQueryChars' => '[]|{}^\`"<>',
'maxThreads' => '150',
'minSpareThreads' => '25',
'connectionTimeout' => '20000',
'enableLookups' => 'false',
'maxHttpHeaderSize' => '8192',
'protocol' => 'HTTP/1.1',
'useBodyEncodingForURI' => 'true',
'redirectPort' => '8443',
'acceptCount' => '100',
'disableUploadTimeout' => 'true',
'bindOnInit' => 'false',
'proxyName' => 'jira2.example.com',
'proxyPort' => '443',
'scheme' => 'https',
'secure' => true,
},
}
}
This example is used in production for 2000 users in an traditional enterprise environment. Your mileage may vary. The dbpassword can be stored using eyaml hiera extension.
jira::version: '6.2.7'
jira::installdir: '/opt/atlassian/atlassian-jira'
jira::homedir: '/opt/atlassian/application-data/jira-home'
jira::user: 'jira'
jira::group: 'jira'
jira::shell: '/bin/bash'
jira::dbserver: 'dbvip.example.co.za'
jira::javahome: '/opt/java'
jira::java_opts: >
-Dhttp.proxyHost=proxy.example.co.za
-Dhttp.proxyPort=8080
-Dhttps.proxyHost=proxy.example.co.za
-Dhttps.proxyPort=8080
-Dhttp.nonProxyHosts=localhost\|127.0.0.1\|172.*.*.*\|10.*.*.*
-XX:+UseLargePages'
jira::dbport: '5439'
jira::dbuser: 'jira'
jira::jvm_xms: '1G'
jira::jvm_xmx: '3G'
jira::jvm_permgen: '384m'
jira::service_manage: false
jira::enable_connection_pooling: 'true'
jira::env:
- 'http_proxy=proxy.example.co.za:8080'
- 'https_proxy=proxy.example.co.za:8080'
jira::proxy:
scheme: 'https'
proxyName: 'jira.example.co.za'
proxyPort: '443'
jira::contextpath: '/jira'
jira::tomcat_additional_connectors:
8181:
relaxedPathChars: '[]|'
relaxedQueryChars: '[]|{}^\`"<>'
maxThreads: '150'
minSpareThreads: '25'
connectionTimeout: '20000'
enableLookups: 'false'
maxHttpHeaderSize: '8192'
protocol: 'HTTP/1.1'
useBodyEncodingForURI: 'true'
redirectPort: '8443'
acceptCount: '100'
disableUploadTimeout: 'true'
bindOnInit: 'false'
These additional and substituted parameters are used in production in an traditional enterprise environment with an Oracle 11g remote database and Oracle 8 JDK. Your mileage may vary.
jira::db: 'oracle'
jira::dbname: '<dbname>'
jira::dbport: '1526'
jira::dbdriver: 'oracle.jdbc.OracleDriver'
jira::dbtype: 'oracle10g'
jira::dburl: 'jdbc:oracle:thin:@//dbvip.example.co.za:1526/<dbname>'
jira::javahome: '/usr/lib/jvm/jdk-8-oracle-x64'
Reverse proxy can be configured as a hash as part of the JIRA resource
proxy => {
scheme => 'https',
proxyName => 'www.example.com',
proxyPort => '443',
},
Enable external facts for puppet version. These facts are required to be enabled in order to upgrade to new JIRA versions smoothly.
class { 'jira::facts': }
- Puppet 3.8.7+
- Puppet Enterprise
The puppetlabs repositories can be found at: http://yum.puppetlabs.com/ and http://apt.puppetlabs.com/
-
RedHat 6/7
-
CentOS 6/7
-
Scientific 6/7
-
Oracle Linux 6/7
-
Ubuntu 12.04/14.04
-
Debian 7
-
PostgreSQL
-
MySQL 5.x
-
Oracle 11G with Oracle 11.2.x drivers
-
Microsoft SQL Server 2005/2008/2012 with JTDS driver (included in non-WAR version)
We plan to support other Linux distributions and possibly Windows in the near future.
Please feel free to raise any issues here for bug fixes. We also welcome feature requests. Feel free to make a pull request for anything and we make the effort to review and merge. We prefer with tests if possible.
Using puppetlabs_spec_helper. Simply run:
bundle install && bundle exec rake spec
to get results.
ruby-1.9.3-p484/bin/ruby -S rspec spec/classes/jira_install_spec.rb --color
.
Finished in 0.38159 seconds
1 example, 0 failures
Using Beaker - Puppet Labs cloud enabled acceptance testing tool..
The beaker tests will install oracle Java to /opt/java. When running the beaker tests you agree that you accept the oracle java license.
bundle install
BEAKER_set=ubuntu-server-12042-x64 bundle exec rake beaker
BEAKER_set=ubuntu-server-1404-x64 bundle exec rake beaker
BEAKER_set=debian-73-x64 bundle exec rake beaker
BEAKER_set=centos-64-x64 bundle exec rake beaker
BEAKER_set=centos-70-x64 bundle exec rake beaker
BEAKER_set=centos-64-x64-pe bundle exec rake beaker
To save build time it is useful to host the installation files locally on a web server. You can use the download_url environment variable to overwrite the default.
export download_url="'http://my.local.server/'"
The list of contributors can be found here