ARTIFACTORY: Automating and Manual License Key Cleanup in Access Config

ARTIFACTORY: Automating and Manual License Key Cleanup in Access Config

AuthorFullName__c
David Shin
articleNumber
000006200
ft:sourceType
Salesforce
FirstPublishedDate
2024-10-20T07:53:44Z
lastModifiedDate
2024-10-21
VersionNumber
27
Introduction
When scaling new clusters via auto-scaling in AWS, it’s important to remove old licenses from the access.config YAML file. 
Regularly cleaning up the license section of decommissioned nodes helps prevent the error "The incoming YAML document exceeds the limit: 3145728 code points" by avoiding excessively large YAML documents.

The process of license key cleanup has been automated in Artifactory versions 7.68 and above.
This guide provides instructions for both automated cleanup in versions 7.68 and above and manual cleanup for any 7.x versions.
 

 

Resolution
Automated Cleanup for Artifactory 7.68 and Above

1. Enable License Key Cleanup Automation:

  • Copy access.config.latest.yml to access.config.import.yml
  • Configure the clean-unused-licenses task in the access.config.import.yml file to automate the removal of old license keys
  • Ensure that the interval-seconds value is set to at least 600 seconds (10 minutes) or above; a value of 0 disables the task

Note:  Between versions 7.68 and 7.85, the default value for interval-seconds was 0 (task disabled).

From version 7.85.1 onward, the default is set to 86,400 seconds (1 day).

task:
  clean-unused-licenses:
    interval-seconds: 600  # seconds to run job to clean licenses

2. Adjust Stale License Consideration Time:

Modify the stale-admin-revoke configuration to change how quickly a server is considered stale:
task: 
  stale-admin-revoke: 
    consider-stale-seconds: 500 # seconds to consider stale (default is 604800)
 

3. Understand the Removal Process:

The system will mark a license for removal on the first iteration and remove it on the second to avoid removing licenses from nodes that are restarting or upgrading.
4. Restart Artifactory:  systemctl restart artifactory

5. Verify Automated Cleanup:
Check the access.config.latest.yml file and Artifactory logs to ensure outdated licenses are being removed as expected.

 

Manual Cleanup for any Artifactory Versions

1. Create a backup of the configuration File:

  • Start by creating a backup of the access.config.latest.yml file.
  • Save the duplicate as access.config.import.yml:
cp access.config.latest.yml access.config.import.yml
2. Edit the Duplicated File:
  • Open access.config.import.yml in your text editor.
  • Delete the entire licenses: section, which includes all nodes (valid and decommissioned).
    For example, use the following command to delete the licenses: section:
sed '/licenses:/,/^$/ {/schema-version: 2/!d}' access.config.latest.yml > access.config.import.yml
3. Restart Artifactory: systemctl restart artifactory
4. After restarting,: verify that only valid node information remains under the licenses: section in access.config.latest.yml.

 

Conclusion

For Artifactory 7.68 and above, configuring automated cleanup ensures a streamlined process for managing outdated license keys. For versions below 7.68, follow the manual cleanup procedure to maintain an updated configuration. Regular maintenance helps avoid errors and ensures optimal operation of your Artifactory instance.