Bridge Client Helm Chart Installation

JFrog Installation & Setup Documentation
Content Type
Installation & Setup

This topic describes installation of the Bridge Client service using a Helm chart.

Review and verify prerequisites before you begin installation.

To install the Bridge Client with a Helm Chart:

  1. Add the JFrog Helm Charts repository to your Helm client and update the repository

    helm repo add jfrog https://charts.jfrog.io
helm repo update

  2. Create the bridge-values.yaml file as shown in the following example. Use the values of this jPD for the jfrogUrl, joinKey, and masterKey variables.

    This file also defines local and remote endpoints to establish the tunnel.

    ## JPD URL is mandatory
jfrogUrl: https://<your_self-managed_JPD>:8082
## Configuration of the initial default bridge connection.
tunnel:
  client:
    bridges:
      default:
        # Client forwards requests it receives via the bridge to this local socket
        local:
          url: https://sh-artifactory:8082
        # url of bridge server JPD. This value is optional for Client installation. Client connects to this endpoint to establish bridge connection.
        remote:
           url: https://<your-subscription.SaaS_JPD>.jfrog.io
## Token used to authenticate the client at the server endpoint to establish bridge connection.
## Token should have scope 'system:bridge:x' and be long-lived
## Token will be used for the initial default bridge
## This configuration is optional. Tunnels created in UI do not need this token
# tunnelClientToken: "<actual-token>"
## Alternatively, use a pre-existing secret with a key called tunnel-client-token by specifying tunnelClientTokenSecretName
tunnelClientTokenSecretName: ""

## Name of the secret containing the certificate sent by the client to the remote endpoint during opening of the tunnel
## Bridge server uses this certificate to validate requests before forwarding them
## Secret should contain 'tls_cert.crt' key with the certificate
tunnelClientCertificateSecretName: ""
## certificates added to this secret are copied to $JFROG_HOME/var/etc/security/keys/trusted
customCertificates:
  enabled: false
  # certificateSecretName:

router:
  serviceRegistry:
    ## Service registry (Access) TLS verification skipped if already enabled
    insecure: true

masterKey:
joinKey:

  3. Install the Bridge chart

    helm upgrade --install --values bridge-values.yaml bridge-client jfrog/bridge --namespace sh

The bridge-client pod becomes ready after the initial bridge connection is established.

Bridge Client Installation in an HA Cluster

To install the Bridge Client server in an HA cluster of several JPDs, first edit the values.yaml file in your Helm chart and change the value of replicaCount to 3 or more.