Deploy P4 on AWS | Admin

If you are the P4 administrator, you need to deploy P4 Server and configure it for your team. You can host P4 Server in your own cloud instance on Amazon Web Services (AWS). You deploy P4 using an AWS CloudFormation template.

To learn how to deploy P4 on AWS, watch this video or review the instructions following the video.

On this page:

Prerequisites

Before you deploy P4 on AWS, you must have:

An AWS account.
Credit card information attached to your AWS account.

Costs

For P4 on AWS, you only pay for the infrastructure you use. P4 is free for up to five users and less than 20 workspaces. If you have a larger team, contact Perforce Sales to get additional licenses.

Step 1: Create a key pair

Create a key pair to secure access to your P4 instance. To learn more about key pairs, see the AWS documentation.

In your AWS console, navigate to EC2.
Under Network & Security, click Key Pairs.
Click Create key pair.
Enter Name, such as MyPerforceKeyPair.
For Key pair type, accept the default value: RSA.
For Private key file format, select .pem.
Click Create key pair.

The key pair is automatically downloaded.
Move the downloaded key pair to a secure location. Losing this file can significantly hinder future access to your server.

Step 2: Sign up and subscribe to P4 on AWS

Sign up for P4 on AWS. You will receive an email from Perforce with a link to the AWS template.
In the email, click the template link.

The Perforce - P4 template opens in AWS Marketplace.
Click View purchase options.
Review the offer and terms and conditions.
Click Accept Terms.

The subscription starts processing. It may take a few minutes.
When the Continue to Configuration button is enabled, click it.
In the Fulfillment option field, accept the default value.
In the Software version field, select the most recent version.
In the Region field, select the region closest to your end users or a region that meets your compliance and security needs. The template supports all regions expect opt-in regions, China regions, and GovCloud regions. US East (N. Virginia) is selected by default.
Click Continue to Launch.
Click Usage instructions and review them.
In the Choose Action field, accept the default value: Launch CloudFormation.
Click Launch.

The Create stack page opens.

Step 3: Create a stack and deploy

On the Create Stack tab, accept the default field values.
Click Next.
Enter a Stack name.

Use a name that follows your organization's standard naming convention. If you do not have a standard convention, make the name easy to recognize. You may want to use a convention such as perforce-$environment-$team/department

If you deploy multiple instances of P4 in the same region, create unique names for each instance. For example: production, team a, or team b. CloudFormation stack names must be unique within an AWS region. If a Stack name already exists error is displayed, make sure the stack name you entered is unique.

In the rest of the Parameters section, enter or select parameters for your deployment. You can use the default parameter values, but consider changing values where it makes sense for your deployment and requirements. You can also change most parameters any time after deployment.

Security and Networking

Parameter field name	Description
Public/Private Key Pair	Select the key pair you created for P4.
Security Group Selection	Select Create New Security Group. Preferred option. Selecting this option automatically configures the required ports for SSH (22) and P4 Server (1666). If you have specific security requirements, you can use an existing security group. Select Use Existing Security Group and then enter the Existing Security Group ID.
Your Public IP address	To allow SSH connections from any IP address, leave this field empty. To restrict SSH connections to your current IP address, enter your public IP address. Find your IP address Allowing SSH connections from any IP address is less secure. Restricting connections is more secure, but requires updating if your IP address changes. Some administrative tasks require SSH access, such as operating system updates, P4 updates, reviewing logs, and expanding volume size. Daily use does not require SSH.
Subnet Options	To create a new Virtual Private Cloud (VPC) and subnet, select Create New VPC and Subnet. Preferred option. To use an existing VPC and subnet, select Use Existing Subnet and VPC. Enter the Existing Subnet ID and Existing VPC ID. Make sure the security group is in the specified subnet and that your VPC has an internet gateway.

Instance Configuration

Parameter field name Description

Instance Type Select an instance type based on your team size and expected usage. The default type, t3.small, is suitable for small teams. You can change this later. Compare instance types and pricing

Case Sensitivity

Parameter field name	Description
Instance Type	Select an instance type based on your team size and expected usage. The default type, `t3.small`, is suitable for small teams. You can change this later. Compare instance types and pricing
Case Sensitivity	If your team uses Linux or macOS, select sensitive. Preferred option. If your team exclusively uses Windows, select insensitive.
P4 Auth ID	Enter a unique name to identify your server. Example: `my-p4-server`.

If your team uses Linux or macOS, select sensitive. Preferred option.

If your team exclusively uses Windows, select insensitive.

P4 Auth ID Enter a unique name to identify your server. Example: my-p4-server.

Depot Volume

The Depot volume stores file data for P4. This volume uses EBS encryption.

Parameter field name	Description
Depot Volume Type	To use an SSD, select gp3. Preferred option. To use HDD, select st1. HDD is less expensive than SSD.
Depot Volume Size (GiB)	Set to 3 times your current project size. This value can be increased later, but not decreased.
Depot Provisioned IOPS	Set to approximately 1/10 the Depot Volume Size you entered.
Depot Throughput (MB/s)	Set to approximately 1/10 the Depot Volume Size you entered. Only relevant if the volume type is gp3.

Metadata (Database) Volume

The Metadata volume stores the database backend for P4. This volume uses EBS encryption.

Parameter field name	Description
Metadata Volume Type	To use an SSD, select gp3. Preferred option.
Metadata Volume Size (GiB)	Set to approximately 1/10 the Depot Volume Size you entered. This value can be increased later, but not decreased.
Metadata Provisioned IOPS	Use the default value unless you have specific performance requirements.
Metadata Throughput (MB/s)	Use the default value unless you have specific performance requirements. Only relevant if the volume type is gp3.

Log Volume

The Log volume stores the ongoing journal of server operations and logs that you and Perforce Support can use to diagnose any issues.

Parameter field name	Description
Log Volume Type	To use an SSD, select gp3. Preferred option.
Log Volume Size (GiB)	Set to approximately 1/10 the Depot Volume Size you entered. This value can be increased later, but not decreased.
Log Provisioned IOPS	Use the default value unless you have specific performance requirements.
Log Throughput (MB/s)	Use the default value unless you have specific performance requirements. Only relevant if the volume type is gp3.

Tags and Labels

Tags and labels help organize information in your AWS account.

Parameter field name	Description
Prefix for all resources	Enter a prefix to add to all created resources. Example: `MyCompany`.
Environment Label	Used in resource naming and as the tag on all resources. Default value: `prod`.
Owner	Enter the owner name of the instance for billing purposes.
Notification Email	Enter the email address to use for notifications about backup or processing errors. You will receive an email from AWS to confirm the subscription notification. Make sure you click the link in the email to confirm the subscription.

Backup Settings

Parameter field name	Description
Enable Backups?	To enable automatic daily snapshots, select true. The Depot and Log volumes Backup tag will be set to `true`. The AWS Data Lifecycle Manager will take snapshots of the Depot and Logs volumes every 24 hours.
Backup Retention (days)	Enter the number of days to retain snapshots. Default value: 30 days.

Advanced Options

Typically, you do not need to change any of the Advanced Options parameters, but you can if needed.

Parameter field name	Description
New VPC CIDR Block	If you are creating a new VPC, enter the CIDR block.
New Subnet CIDR Block	If you are creating a new subnet, enter the CIDR block.
Optional Private IP adress for the instance	For advanced use cases only. Enter the specific private IP address for the server.

When you finish defining parameters, click Next.
On the Configure stack options tab, in the Capabilities area, select the check box to acknowledge any required capabilities.
Click Next.
On the Review and create tab, review the parameters.
Click Submit to start deployment.

Deployment should take less than 10 minutes. When deployment is complete, the value in the Status column changes to CREATE_COMPLETE.

If deployment is not successful, select a failed step in Events list and click View root cause to troubleshoot.

Step 4: Find and note your deployment outputs

When deployment is complete, find the deployment outputs you need to connect to P4.

In your stack, click the Outputs tab.

Note the following values. You will need these values later.

Value	Description
`HelixCoreInstanceID`	Instance ID for the new P4 EC2 instance
`PerforcePrivateIP`	Private IP address for P4 Server
`PerforcePublicIP`	Public IP address for P4 Server

Step 5: Optional - Update firewall rules to allow access for other users

If you have users who will connect to P4 from a different IP address than the one used to deploy, you need to update your firewall rules to grant them access. Review the AWS documentation for updating security group rules.

The P4 service type is TCP and the port number is 1666.

In your AWS console, navigate to EC2.
Select your P4 instance.
Select the Security tab.
Open the Security Group.
To update, remove, or add new whitelist entries, click Edit inbound rules.
Review your changes.
Click Save rules.

Your P4 credentials

P4 clients

Use the following details to connect to P4 Server from P4 clients. You need the deployment outputs you previously noted.

The first time you connect to the server, you may be prompted to trust the authenticity of the server using the fingerprint.

Value	Format	Example
Server	`ssl:PerforcePublicIP:1666` Replace `PerforcePublicIP` with the value you noted	`ssl:52.186.76.48:1666`
User	`perforce`	`perforce`
Password	`HelixCoreInstanceID` you noted	`i-0d25def7ae812ce0a`

P4 operating system

To connect to the P4 operating system, use the following credentials:

Username: rocky
Server: P4CommitPublicIP

Log in to the P4 operating system

To log in to the P4 operating system, use the following command:

ssh -I /path-to-ssh-private-key rocky@P4CommitPublicIP

Replace path-to-ssh-private-key with the path to your private key.
Replace P4CommitPublicIP with the value you noted in your deployment outputs.

Example: ssh -I /path rocky@52.186.76.48:1666

To perform operating system administration, you can become the root user using the following command:

sudo -s

Perform P4 administration tasks

To perform administrative tasks on P4, switch to the perforce user and log in to P4 Server using the following commands:

sudo su - perforce
p4login -v 1

You now have the P4 CLI binaries in your $PATH and can run any p4 commands, such as p4 info.

SSL certificate rotation

The P4 deployment provides a self-signed certificate out of the box. This certificate is used to encrypt all client/ server communication. The certificate expires 2 years after initial deployment.

What's next

Next, download and install P4 Visual Client (P4V), which allows you to work with versioned files. Installing P4V also installs the P4 Admin by default. You will use these tools to configure security and add users in later steps. You will also install other tools that you might use when working with P4.

Go to Step 3: Download and install P4V and other client applications.