Distribution Single Node RPM Installation

JFrog Installation & Setup Documentation

Content Type
Installation & Setup
ft:sourceType
Paligo

The RPM installation bundles Distribution and all its dependencies. It is provided as native RPM packages, where Distribution and its dependencies must be installed separately. Use this if you are automating installations.

Before you proceed, see System Requirements for information on supported platforms, supported browsers, and other requirements.

Operating Systems and Platform Support

The following table lists the supported operating systems and the versions.

Product

Debian

RHEL

Ubuntu

Amazon Linux

Windows Server

Artifactory

10.x, 11.x

8.x, 9.x

20.04, 22.04

Amazon Linux 2023

2016 or 2019

Xray

10.x, 11.x

8.x, 9.x

20.04, 22.04

Distribution

10.x, 11.x

8.x, 9.x

20.04, 22.04

Insight

10.x, 11.x

8.x, 9.x

20.04, 22.04

Amazon Linux 2023

Pipelines

8.x

20.04, 22.04

Amazon Linux 2023

Build nodes only

Supported Platforms

The following table lists the supported platforms.

Product

x86-64

ARM64

Kubernetes

OpenShift

Artifactory

1.19+

4.13+

Xray

1.19+

4.13+

Distribution

1.19+

4.13+

Insight

1.19+

Pipelines

1.19+

Installation on Kubernetes environments is through Helm Charts. Supported Helm version is Helm 3+.

Kubernetes Sizing Requirements

We have included YAML files with the different sizing configuration for Artifactory in our GitHub page. You can use these YAML when you set up your cluster.

We have included YAML files with the different sizing configuration for Xray in our GitHub page. You can use these YAML when you set up your cluster.

We have included YAML files with the different sizing configuration for Distribution in our GitHub page. You can use these YAML when you set up your cluster.

ARM64 Support

From version 7.41.4, Artifactory supports installation on ARM64 architecture through Helm and Docker installations. You must set up an external database as the Artifactory database since Artifactory does not support the bundled database with the ARM64 installation. Artifactory installation pulls the ARM64 image automatically when you run the Helm or Docker installation on the ARM64 platform.

ARM64 support is also available for Xray, Distribution and Insight.

Database and Third-Party Applications in Distribution

Distribution supports the following versions of PostgreSQL.

  • 16.x

  • 15.x

  • 14.x

  • 13.x

  • 12.x

Distribution HA requires an external database. Any change to configuration requires restarting of any Distribution node for changes to take effect for the whole Distribution cluster.

Distribution requires Redis and supports Redis 7.x. A supported Redis version is bundled with the Distribution installer.

Redis Password Restrictions

Redis password should contain only alphanumeric characters and should not contain any special characters.

Distribution Network Ports

Distribution uses the 8082 port by default for external communication.

Distribution uses the following internal ports by default for communication with JFrog Platform microservices.

Microservice

Port

Distribution Server

8080

Router

8082, 8046, 8047, and 8049

Redis

6379

PostgreSQL (if you use the bundled Postgres database)

5432

Observability

8036

gRPC

8037

Complete the following steps to install the product.

  1. Download Distribution.

  2. Extract the contents of the compressed archive, and go to the extracted folder.

    tar -xvf jfrog-distribution-<version>-rpm.tar.gz
    cd jfrog-distribution-<version>-rpm
  3. Install PostgreSQL.

    Already have a PostgreSQL installation?

    Set your PostgreSQL connection details in the Shared Configurations section of the $JFROG_HOME/distribution/var/etc/system.yaml file.

  4. Install Redis.

  5. Install Distribution.

    rpm -Uvh --replacepkgs ./distribution/distribution.rpm

    You must run as a root user.

  6. Customize the product configuration.

    1. Set the Artifactory connection details.

    2. Customize the PostgreSQL Database connection details. (optional)

    3. Set any additional configurations (for example: ports, node id) using the Distribution System YAML file .

  7. Start and manage the Distribution service.

    systemd OS

    systemctl start|stop distribution.service

    systemv OS

    service distribution start|stop|status|restart
  8. Access Distribution from your browser at: http://<jfrogUrl>/ui/.

    Go to the Distribution tab in the Application module in the UI.

  9. Check the Distribution log.

    tail -f $JFROG_HOME/distribution/var/log/console.log

    Configure log rotation of the console log

    The console.log file can grow quickly since all services write to it. For more information, see configure the log rotation.Configuring Log Rotation for Tomcat

After installing and before running Distribution, you may set the following configurations.

Where to find the system configurations?

You can configure all your system settings using the system.yaml file located in the $JFROG_HOME/distribution/var/etc folder. For more information, see Distribution YAML Configuration.

If you don't have a System YAML file in your folder, copy the template available in the folder and name it system.yaml.

For the Helm charts, the system.yaml file is managed in the chart’s values.yaml.

Artifactory Connection Details for Distribution

Distribution requires a working Artifactory server and a suitable license.

The Distribution connection to Artifactory requires the following parameters.

  • jfrogUrl - URL to the machine where JFrog Artifactory is deployed, or the load balancer pointing to it. It is recommended to use DNS names rather than direct IPs. For example: http://jfrog.acme.com instead of http://10.20.30.40:8082.

    Set it in the Shared Configurations section of the $JFROG_HOME/distribution/var/etc/system.yaml file.

  • join.key - This is the secret key required by Artifactory for registering and authenticating the Distribution server.

    You can fetch the Artifactory joinKey (join Key) from the JPD UI in the Administration module | User Management | Settings | Join Key.

    Set the join.key used by your Artifactory server in the Shared Configurations section of the $JFROG_HOME/distribution/var/etc/system.yaml file.

Add Signing Keys to JFrog Distribution

The JFrog Platform supports signing keys to establish trust with your clients for downloading your packages from Artifactory. Signing keys consist of a public and a private key pair, which are used for signing and verifying release bundles. When installing a new Edge, you will need to propagate the public keys to the new Edge. To learn about how to add and propagate keys, see GPG Signing.GPG Signing

Change PostgreSQL Database Credentials

Distribution comes bundled with a PostgreSQL Database out-of-the-box, which comes pre-configured with default credentials

To change the default credentials:

# Access PostgreSQL as the Distribution user adding the optional -W flag to invoke the password prompt
$ psql -d distribution -U distribution -W
  
# Securely change the password for user "distribution". Enter and then retype the password at the prompt.
\password distribution
  
# Verify the update was successful by logging in with the new credentials
$ psql -d distribution -U distribution -W

Set your PostgreSQL connection details in the Shared Configurations section of the $JFROG_HOME/distribution/var/etc/system.yaml file.

Change Redis Database Credentials

Redis Password Restrictions

Redis password should contain only alphanumeric characters and should not contain any special characters.

  1. Set the new password in the $JFROG_HOME/distribution/app/third-party/redis/redis.conf file.

    requirepass <new password>
    • Docker Compose

      The file is available at $JFROG_HOME/distribution/app/third-party/redis/redis.conf.

    • RPM/DEB

      The file is available at $JFROG_HOME/distribution/app/third-party/redis/redis.conf.

    • Linux Archive

      The file is available at $JFROG_HOME/distribution/app/third-party/redis/redis.conf.

  2. Set your Redis password in the Shared Configurations section of the $JFROG_HOME/distribution/var/etc/system.yaml file.

  3. For Helm installations, you can set the password in the values.yaml file.

    distribution:
     jfrogUrl: http://xx.xx.xxx.xx
     joinKey: 6a8d2eaa5eab7d6945c020245c98344b9b42b9665073a36c74645d52e565dce4
     persistence:
      enabled: true
    redis:
     password: <password>
  4. Restart all the services.

    Docker Compose
    
    cd jfrog-distribution-<version>-compose
    docker-compose -p distribution restart
    RPM/DEB
    
    service distribution restart / systemctl restart distribution.service
    Linux Archive
    
    distribution/app/bin/distribution.sh restart 
Third Party Applications for Distribution
PostgreSQL for Distribution

You must install PostgreSQL before you proceed with the installation of Distribution.

PostgreSQL for RPM
  1. Install PostgreSQL.

    Run the following commands from the extracted jfrog-distribution-<version>/rpm directory.

    # Use PostgreSQL RPMs with el6 when installing on Centos 6 and RHEL 6 and use postgresql13-13.3-1 packages
    # Use PostgreSQL RPMs with el8 when installing on Centos 8 and RHEL 8
      
    mkdir -p /var/opt/postgres/data
      
    rpm -ivh --replacepkgs ./third-party/postgresql/libicu-50.2-3.el7.x86_64.rpm (only AWS instance)
    rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-libs-13.3-5PGDG.rhel7.x86_64.rpm
    rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-13.3-5PGDG.rhel7.x86_64.rpm
    rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-server-13.3-5PGDG.rhel7.x86_64.rpm
      
    chown -R postgres:postgres /var/opt/postgres
      
    export PGDATA="/var/opt/postgres/data"
    export PGSETUP_INITDB_OPTIONS="-D /var/opt/postgres/data"
      
    # For centos 7&8 / rhel 7&8
    sed -i "s~^Environment=PGDATA=.*~Environment=PGDATA=/var/opt/postgres/data~" /lib/systemd/system/postgresql-13.service
    systemctl daemon-reload
    /usr/pgsql-13/bin/postgresql-13-setup initdb
      
    # For centos 6 / rhel 6
    sed -i "s~^PGDATA=.*~PGDATA=/var/opt/postgres/data~" /etc/init.d/postgresql-13
    service postgresql-13 initdb
      
    Replace "ident" and "peer" with "trust" in postgres hba configuration files ie /var/opt/postgres/data/pg_hba.conf
  2. Configure PostgreSQL to allow external IP connections.

  3. By default, PostgreSQL will only allow localhost clients communications. To enable different IP's to communicate with the database, you need to configure the pg_hba.conf file.

    The file is available at /var/opt/postgres/data.

    To grant all IPs access, add the following entry under the IPv4 local connections section.

    host    all             all             0.0.0.0/0               trust

    Add the following entry to /var/opt/postgres/data /postgresql.conf.

    listen_addresses='*'
    port=5432
  4. Start PostgreSQL.

    systemctl start postgresql-<version>.service   
    
    or   
    
    service postgresql-<version> start
  5. Set up the database and user.

    Run the following commands to seed the tables and schema needed by Distribution.

    sudo -u postgres psql -c "CREATE USER distribution WITH PASSWORD 'password';"
    sudo -u postgres psql -c "CREATE DATABASE distribution WITH OWNER=distribution ENCODING='UTF8';"
    sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE distribution TO distribution;"
     
    cp -f ./third-party/postgresql/createPostgresUsers.sh /tmp
    source /etc/locale.conf
      
    cd /tmp && su postgres -c "POSTGRES_PATH=/usr/pgsql-13/bin PGPASSWORD=postgres DB_PASSWORD=password bash /tmp/createPostgresUsers.sh"
    
PostgreSQL for Debian

We recommended to get your apt-get libraries up-to-date by using the following commands.

apt-get update
apt-get install -f -y
apt-get update
  1. Create the file repository configuration to pull PostgreSQL dependencies.

    cp -f /etc/apt/sources.list /etc/apt/sources.list.origfile
    sh -c 'echo "deb http://ftp.de.debian.org/debian/ $(lsb_release -cs) main non-free contrib" >> /etc/apt/sources.list'
    sh -c 'echo "deb-src http://ftp.de.debian.org/debian/ $(lsb_release -cs) main non-free contrib" >> /etc/apt/sources.list' 
        
    cp -f /etc/apt/sources.list.d/pgdg.list /etc/apt/sources.list.d/pgdg.list.origfile
    sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
    sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'
      
    wget --no-check-certificate --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc | sudo apt-key add -
  2. Install PostgreSQL.

    Run the following commands from the extracted jfrog-distribution-<version>-deb directory.

    mkdir -p /var/opt/postgres/data

    Ubuntu 18.04 (bionic)

    dpkg -i ./third-party/postgresql/postgresql-13_13.2-1.pgdg18.04+1_amd64.deb

    Ubuntu 20.04 (focal)

    dpkg -i ./third-party/postgresql/postgresql-13_13.2-1.pgdg20.04+1_amd64.deb

    Debian 9 (stretch)

    dpkg -i ./third-party/postgresql/postgresql-13_13.2-1.pgdg90+1_amd64.deb

    Debian 10 (buster)

    apt update -y
    apt-get install wget sudo -y
    apt-get install -y gnupg gnupg1 gnupg2
    dpkg -i ./third-party/postgresql/postgresql-13_13.2-1.pgdg100+1_amd64.deb
  3. Stop the PostgreSQL service.

    systemctl stop postgresql.service
  4. Change permissions for the PostgreSQL folder.

    chown -R postgres:postgres /var/opt/postgres
      
    sed -i "s~^data_directory =.*~data_directory = '/var/opt/postgres/data'~" "/etc/postgresql/13/main/postgresql.conf"
    sed -i "s~^hba_file =.*~hba_file = '/var/opt/postgres/data/pg_hba.conf'~" "/etc/postgresql/13/main/postgresql.conf"
    sed -i "s~^ident_file =.*~ident_file = '/var/opt/postgres/data/pg_ident.conf'~" "/etc/postgresql/13/main/postgresql.conf"
      
    su postgres -c "/usr/lib/postgresql/12/bin/initdb --pgdata=/var/opt/postgres/data"
  5. Configure PostgreSQL to allow external IP connections.

  6. By default PostgreSQL will only allow localhost clients communications. To enable different IPs to communicate with the database you need to configure the pg_hba.conf file.

    The file is available at /var/opt/postgres/data.

    To grant all IPs access add the following entry under the IPv4 local connections section:

    host    all             all             0.0.0.0/0               trust

    Add the following entry to /etc/postgresql/13/main/postgresql.conf.

    listen_addresses='*'
    port=5432
  7. Start PostgreSQL.

    systemctl start postgresql-<version>.service
       
    or   
    
    service postgresql-<version> start
  8. Set up the database and user.

    Run the following commands to seed the tables and schemas needed by Distribution

    sudo -u postgres psql -c "CREATE USER distribution WITH PASSWORD 'password';"
    sudo -u postgres psql -c "CREATE DATABASE distribution WITH OWNER=distribution ENCODING='UTF8';"
    sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE distribution TO distribution;"
    
    cp -f ./third-party/postgresql/createPostgresUsers.sh /tmp
    source /etc/default/locale
    cd /tmp && su postgres -c "POSTGRES_PATH=/usr/lib/postgresql/13/bin PGPASSWORD=postgres DB_PASSWORD=password bash /tmp/createPostgresUsers.sh"
  9. Put back the original pgdg.list.

    mv /etc/apt/sources.list.d/pgdg.list /etc/apt/sources.list.d/pgdg.list.tmp &&
    cp -f /etc/apt/sources.list.d/pgdg.list.origfile /etc/apt/sources.list.d/pgdg.list
  10. Remove the backup files.

    rm -f /etc/apt/sources.list.d/pgdg.list.tmp
    rm -f /etc/apt/sources.list.d/pgdg.list.origfile
  11. Put back the originalsources.list .

    mv /etc/apt/sources.list /etc/apt/sources.list.tmp &&
    cp -f /etc/apt/sources.list.origfile /etc/apt/sources.list
  12. Remove the backup files.

    rm -f /etc/apt/sources.list.tmp &&
    rm -f /etc/apt/sources.list.origfile
PostgreSQL for Linux Archive

PostgreSQL binaries are no longer bundled with Linux archive installer. You need to install PostgreSQL manually.

Run the following commands to seed the tables and schema needed by Distribution.

<pgsql bin path>/psql template1
<postgres prompt>: CREATE DATABASE <user_name>;
<postgres prompt>: \q
   
## run the script to seed the tables and schemas needed by Distribution
POSTGRES_PATH=<pgsql bin path> distribution/app/third-party/postgresql/createPostgresUsers.sh
Redis for Distribution

Redis Password Restrictions

Redis password should contain only alphanumeric characters and should not contain any special characters.

Redis RPM Installation

Run the following commands from the extracted jfrog-distribution-<version>-rpm directory.

Use Redis RPMs with el6 when installing on Centos 6 and RHEL 6
Use Redis RPMs with el8 when installing on Centos 8 and RHEL 8
  
semodule -i ./third-party/redis/distribution-redis.pp
rpm -ivh --replacepkgs ./third-party/redis/jemalloc-3.6.0-1.el7.x86_64.rpm
rpm -ivh --replacepkgs ./third-party/redis/redis-6.0.5-1.el7.remi.x86_64.rpm
service redis start
   
# To verify if Redis is working. The command should return PONG.

redis-cli -a password ping
   
sed -i "s|# requirepass foobared|requirepass password|g" /etc/redis.conf
   
echo "appendonly yes" >> /etc/redis.conf
echo "appendfsync everysec" >> /etc/redis.conf
sysctl vm.overcommit_memory=1
   
service redis restart
Redis Debian Installation

Run the following commands from the extracted jfrog-distribution-<version>-deb directory.

dpkg -i ./third-party/redis/redis-tools_6.0.5-1chl1_xenial1_amd64.deb
dpkg -i ./third-party/redis/redis-server_6.0.5-1chl1_xenial1_amd64.deb
service redis-server start
    
# To verify if Redis is working. The command should return PONG.

redis-cli -a password ping
    
sed -i "s|# requirepass foobared|requirepass password|g" /etc/redis/redis.conf
   
echo "appendonly yes" >> /etc/redis/redis.conf
echo "appendfsync everysec" >> /etc/redis/redis.conf
   
sysctl vm.overcommit_memory=1
    
service redis-server restart
Redis Linux Archive Installation

Redis binaries are available in jfrog-distribution-<version>-linux/app/third-party/redis/bin. You must setup the Redis server before you install Distribution.