Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Check out our new group just for Data Center!

Hi there Trust and Security group members! I’m part of the Data Center marketing team here at Atlassian and wanted to be sure you all knew about our new Data Center community group. Just as this Trust and Security group is a great way to stay updated on all things Trust, the new Data Center group is a great place for you to stay current on all things Data Center, across all of our Data Center products.

We’ll be featuring posts from our product team about Data Center featrues and this is a great place to continue learning about how Data Center can help address you security and compliance demands. Just follow this link and click the blue join group button on the right side of your screen!

13 comments

Comment

Log in or Sign up to comment
Taranjeet Singh
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
March 28, 2022

@Mel Policicchio Thanks for sharing this post and creating a dedicated group for "Data Center" products.

This was much awaited and needed!

Like # people like this
Mel Policicchio
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 28, 2022

Glad to hear it, @Taranjeet Singh! We're all looking forward to building up this Data Center community

pas.argenio March 29, 2022

Oh good. Another place I get to rant!

[Parts of rant that include attacks against our team or excessive sarcasm deleted, per our Rules of Engagement - Monique]

Take for example, Internet Explorer, which was released to outcompete Netscape. It never exceeded Netscape on technical grounds, so Microsoft used illegal business practices to force users onto IE and away from Netscape, despite losing a huge legal contest with the much smaller Netscape. And now, after so many (incompatible) upgrades to IE, have finally abandoned the browser with Edge, a licensing of Chrome code. For that matter, another good example is Windows itself -- new versions of which are almost ALWAYS released with bugs so egregious it barely works at all. This is why Windows 3.1 was the first actually viable version! And also why so many users lost control of their PCs when Windows 10 took over their hardware, initially. And let us not forget those wonderful Windows Updates that can break your system on any given day!

So Atlassian seems to be headed down the same hard-headed path.  

This brings me to the underappreciated and ignored area of IT, namely ICS. Where regular IT outfits are connected the the Internet at all times, ICS (Industrial Control Systems) generally are not. If they are, there is much in the way of security (Firewalls, NAT, ...) between the ICS and the Internet. This is why we need to host our own server! Hello Atlassian? Can you please acknowledge our existence? Please? And in doing so, please stop urging us to get on the cloud.

Let me digress and relate a few downsides to The Cloud: The almighty cloud is not as robust nor as secure as many of the cloud advocates (dare I say frothingly enthusiastic advocates) believe. The cloud can go down. The cloud goes down regularly. The cloud is not secure. It has been hacked regularly. if you are coming through a firewall, you have to punch so many holes to account for all of the (rotating, provisioning, redundant) servers in the cloud, including MFA and other security "helper" servers that your firewall looks like swiss cheese. I know, I know, there are solutions to all of these problems. Sure, but I have a much easier solution: local hosting.

And yet, Atlassian makes no provision nor does it account for a potentially large customer base that is NOT ON THE INTERNET as a regular part of operations. (I am writing this on my laptop, connected thru an Internet hotspot wholly separate from our production & development systems.)

Monique vdB
Community Manager
Community Managers are Atlassian Team members who specifically run and moderate Atlassian communities. Feel free to say hello!
March 29, 2022

@pas.argenio I edited your post somewhat to bring it in line with our rules of engagement; which I linked above for your reference. If you have any questions about this, I can be reached anytime at communitymanagers@atlassian.com. 

As for your concerns, I am not a product expert but I will find someone who can address your concerns about ICS and connectivity without trying to urge you to migrate to the cloud. 

Like Mel Policicchio likes this
pas.argenio March 29, 2022

Can you please send me the original post, Monique? So that I might better understand the do's and don'ts?

Sorry to break the rules. Will try harder :)

Like Monique vdB likes this
Stephen Sifers
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
March 30, 2022

Hello @pas.argenio,

Thank you for providing your honest and forward feedback; we do appreciate it and are listening.

Firstly, I would like to acknowledge and appreciate you fully and the admins you spoke of. While we do have a strong cloud offering, we do still have Data Center available for people and admins like yourself to host locally or in someone else's cloud. While using Data Center, being internet-connected is an option and not a requirement; you can run your instances isolated and air-gapped without issue. And to your point, if there is a lack of trust or internal policy which prevents you from using our cloud, then you have options to isolate your Data Center instances or host them elsewhere. Further information on this can be found in the following sources.  

Data Center:

Data Center vs Cloud:

 

Regarding your point around security and control, you're right. Unfortunately, no system is perfect, and eventually, bad actors will do their best (or worst) to get through any security measure possible, both locally hosted or in the cloud. With this said, we take security very seriously at Atlassian. We have multiple partnerships with identity providers and offer MFA within the cloud and Data Center. We also have a Bug Bounty program to incentivize security researchers to make our products (both Data Center and Cloud) more secure. We're also open with our security practices, and we urge everyone to review what Atlassian has in place.

Security:

 

Along with ensuring our platforms (Data Center and Cloud) are very secure, we also have multiple compliances to reinforce our commitment to your Security and Data Governance. We also urge everyone to review our ongoing work around compliance. 

Compliance and Customer Data:

 

Again, we appreciate you, your feedback, and your tireless work of being an Admin. Happy to answer or provide documentation around any questions you may have about Data Center or our Cloud offerings.

 

Regards,

Stephen Sifers
Community Product Lead

Like # people like this
pas.argenio March 31, 2022

Thanks Stephen, for your comments and the links.

I take issue with only 2 items you mentioned:

1-- Yes, Data Center is available, however, it costs way more than Server and does not offer smaller user pools. We have fewer than 50, but we will be paying for a thousand users under Data Center. This is what I'm talking about when I say business-based technical decisions. I'm not even sure Data Center is a different product. Just slap a new name on Server and charge more for it?

If it is a different product, I hope administration has been streamlined!

2-- Now when you say Internet connectivity is an "option". I do not fully agree. For example, the Marketplace failures say otherwise. Now I have turned off Marketplace from the administrative panel (Confluence, in this example), since it will not be usable without an Internet, however, once an hour there is a log entry of a failure to access Marketplace as part of "Health Check". This error, totally superfluous & obscuring other errors I may be looking for, is NOT configurable from the control panel! No, you have to go into the settings (.sh file) and add an option to the Catalina string! This is so much fun, and reminds us that us off-internet users are the ugly stepchildren. (Am I using the right tone here? Sorry if sarcasm has drifted in.)

Actually, in general, if I am asked if administering local hosting is easy, I'd have to say it is and it isn't. While Atlassian products can run for fairly long periods without much maintenance, getting those products to conform to local settings & preferences, configuring backups & other administrative items can be quite challenging. So if you are going to raise your prices several thousand percent, maybe it would be prudent to robustify the administrative aspects?

And I'm talking about plugins (being able to find and download them easily for copying onto the production servers via memory stick)

I'm talking about backups, restore, migrating to new hardware, interfacing to other Atlassian products and the Jira Directory -- you know, in a transparent manner and allowing for test servers, backup instances and redundancy.

I'm talking about installers that, for example, automatically determine hardware, OS, memory, tools, etc and then ask or automatically setup stuff like postgres memory and Java memory that needs to be adjusted. (For Linux, this is handled for many packages by the "AutoConf" GNU tool.)

I will read thru your many links & may have further comments.

Like # people like this
pas.argenio May 4, 2022

Continuing my point about Atlassian not caring about Server/Data Center users and trying to herd everyone onto the cloud.

On to the main point of this. One of my admins came to me with problems loading add-ons. Now, there isn't a step-by-step for this. And of course, if you try to find it Atlassian will constantly tell you how easy it is, simple really. Yeah, OK, but how exactly do you load add-ons for a server that is not connected to the Internet? And how do you get rid of the disclaimers that keep popping up that say "The Atlassian Marketplace server is not reachable. To avoid problems when loading this page, you can disable the connection to the Marketplace server. Click here for more information."

Right. That "click here" part tries to go to the Internet.

And Marketplace is already disabled. Multiple different ways (as previously discussed in the parts of my rant that have not been censored). 

And BTW, enable plugin hangs for several minutes then tells you it timed out. 

Mandy Ross
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
May 4, 2022

@pas.argenio Here are some support articles that provide answers to the questions you pose above: 

Offline app installation: https://confluence.atlassian.com/upm/installing-add-ons-273875715.html#InstallingMarketplaceapps-Installanappfromafile

Getting the plugin manager to stop trying to connect to the internet:
https://confluence.atlassian.com/upm/configuring-marketplace-connectivity-306350947.html#ConfiguringMarketplaceconnectivity-SwitchingUPMtoofflinemode

I hope this helps!

pas.argenio June 1, 2022

Thank you Mandy.

Another problem we have here is that the "Health Check" throws an error every hour. (In out case 42:34 after). This tends to fill up the log and obscure other errors.

Mandy Ross
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 2, 2022

@pas.argenio Could you please copy and paste the specific line in the log you're interested in making go away?

Like Stephen Sifers likes this
pas.argenio June 7, 2022

2022-02-26 04:47:53,883 ERROR [HealthCheck:thread-6] [plugins.healthcheck.eol.EolSupportHealthCheck] check An error occurred when performing the EOL check, see the exceptions for more info
java.net.UnknownHostException: marketplace.atlassian.com: Name or service not known
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(InetAddress.java:928)
at java.net.InetAddress.getAddressesFromNameService(InetAddress.java:1323)
at java.net.InetAddress.getAllByName0(InetAddress.java:1276)
at java.net.InetAddress.getAllByName(InetAddress.java:1192)
at java.net.InetAddress.getAllByName(InetAddress.java:1126)

Stephen Sifers
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
June 8, 2022

@pas.argenio

Thanks for reporting the event you're seeing with the logs.

This was and is an issue that we have a workaround to resolve per JRASERVER-63567 :

Workaround

Download the attached jira-healthcheck-eol.json and put it in your $JIRA_HOME directory.

Please attempt the above workaround and let us know if you're still seeing the event within your logs.

If you are still having the issue after the workaround, please have your Technical contact create a support request and let us know here what the case number is and we'll escalate it.

Regards,
Stephen Sifers

 

 

 

Like Mandy Ross likes this
TAGS
AUG Leaders

Atlassian Community Events