Install Artifactory single node with Docker Compose

JFrog Installation & Setup Documentation
ft:sourceType
Paligo

Review the system requirements before you proceed with the installation.

Artifactory System Requirements
Operating Systems and Platform Support

The following table lists the supported operating systems and the versions.

Product

Debian

Centos*

RHEL

Ubuntu

Windows Server

SLES

Amazon Linux

Artifactory

10.x, 11.x

7.x

7.x, 8.x, 9.x

18.04, 20.04, 22.04

2016 or 2019

12 SP5

Amazon Linux 2023, Amazon Linux 2

Breaking Change Affecting RPM/Yum/Linux Archive Installations on Centos 7.x*

As part of our commitment to our customers to maintain the security and reliability of your JFrog Platform, from Artifactory version v7.43.x, JFrog Artifactory will officially run with JDK 17 and Tomcat 9.x on all installation types. Note that JDK 17 and Tomcat 9.x are not supported on all Centos 7.x versions.

CentOS 8.x Support

CentOS 8.x reached its end-of-life in December 2021. CentOS 8.x support for JFrog products has been deprecated by the end of June 2022.

Supported Platforms

The following table lists the supported platforms.

Product

x86-64

ARM64

Kubernetes

OpenShift

Artifactory

1.19+

4.13

Installation on Kubernetes environments is through Helm Charts. Supported Helm version is Helm 3+.

ARM64 Support

From version 7.41.4, Artifactory supports installation on ARM64 architecture through Helm and Docker installations. You must set up an external database as the Artifactory database since Artifactory does not support the bundled database with the ARM64 installation. Artifactory installation pulls the ARM64 image automatically when you run the Helm or Docker installation on the ARM64 platform.

ARM64 support is also available for Xray, Distribution, and Insight. ARM64 support is not available for Pipelines.

Artifactory Database Requirements

You can configure your own database from the following list.

Artifactory supports the following databases.

  • PostgreSQL

  • Oracle

  • MySQL

  • Microsoft SQL Server

  • MariaDB

Artifactory HA requires an external database, which is fundamental to management of binaries and is also used to store cluster wide configuration files.

Since Artifactory HA contains multiple Artifactory cluster nodes, your database must be powerful enough to service all the nodes in the system. Moreover, your database must be able to support the maximum number of connections possible from all the Artifactory cluster nodes in your system.

If you are replicating your database you must ensure that at any given point in time all nodes see a consistent view of the database, regardless of which specific database instance they access. Eventual consistency, and write-behind database synchronization is not supported.

Artifactory File Store

The filestore is where binaries are physically stored.

Artifactory provides the following options to store binaries.

  • Local file system in which binaries are stored with redundancy using a binary provider, which manages synchronizing files between the cluster nodes according to the redundancy defined.

  • Cloud storageAmazon S3 and Google Cloud Storage

  • Network File System (NFS)

For detailed information, see Filestore Configuration.

Binary Storage

While Artifactory can use a Networked File System (NFS) for its binary storage, you should do not install the application itself on an NFS. The Artifactory application needs very fast, reliable access to its configuration files. Any latency from an NFS will result in poor performance when the application fails to read these files. Therefore, install Artifactory on a local disk mounted directly to the host.

To use an NFS to store binaries, use the "file-system" binarystore.xml configuration with the additional "<baseDataDir>" setting.

Working with Very Large Storage

In most cases, our recommendation is for storage that is at least 3 times the total size of stored artifacts in order to accommodate system backups.Backups

However, when working with a very large volume of artifacts, the recommendation may vary greatly according to the specific setup of your system. Therefore, when working with over 10 TB of stored artifacts, contact JFrog support, who will work with you to provide a recommendation for storage that is customized to your specific setup.

Allocated storage space may vary

Xray downloads and then deletes fetched artifacts after indexing. However, in order to have more parallel indexing processes, and thereby more temporary files at the same time would require more space.

This is especially applicable for large BLOBs such as Docker images.

Artifactory Network Ports

Artifactory uses external network ports to communicate with services outside Artifactory and internal networks to communicate with Artifactory and other JFrog Platform microservices.

External Network Ports

Artifactory uses the following external network ports by default.

  • 8081

  • 8082

Internal Network Ports

Artifactory uses the following internal network ports.

Microservice

Port

Artifactory

8081

Access

8040 and 8045

Web

8070

Replicator

8048 and 9092

Metadata

8086

Router

8082, 8046, 8047, 8049, and 8091

Events

8061, and 8062

Integration

8071 and 8072

JFConnect

8030

Observability

8036

gRPC

8037

Additionally, review Docker specific requirements.

Docker Requirements

For Docker and Docker Compose installations, JFrog services require Docker 20.10.10 and above, and Docker Compose v1.24 and above to be installed on the machine on which you want to run on.

For install instructions, refer to the Docker and the Docker Compose documentation.

Installation Steps

Complete the following steps to install the product.

Redhat UBI Micro base image

In an effort to provide a more secure Artifactory image, Artifactory now uses the Redhat UBI Micro base image. Some of the tools that were available in the Artifactory image are not available in this more secure image. For more information, see JFrog Products Container Base Image.

  1. Go to the download page, click the green arrow to download Docker Compose. Extract the contents of the compressed archive (.tar.gz file) and then go to the extracted folder.

    tar -xvf jfrog-artifactory-<pro|oss|jcr|cpp-ce>-<version>-compose.tar.gz

    .env file included within the Docker-Compose archive

    This .env file is used by docker-compose and is updated during installations and upgrades.

    Notice that some operating systems do not display dot files by default. If you make any changes to the file, remember to backup before an upgrade.

  2. Run the interactive script to setup folders with required ownership.

    bash ./config.sh

  3. Customize the product configuration (optional) including database, Java Opts, and filestore.

    Depending on your choices, a selected docker-compose.yaml will be available in the extracted folder. However, there are a few docker-compose templates in the directory templates. You can choose any template and copy it to the extracted folder as docker-compose.yaml.

    Note

    For Docker installations, verify that the host's IDshared.node.id and IPshared.node.ipare added to thesystem.yaml.

    If these are not manually added, they are automatically resolved as the container's IP, meaning other nodes and services will not be able to reach this instance.

    Docker for Mac

    When you use Docker Compose in Mac, /etc/localtime might not work as expected since it might not be a shared location in the docker-for-mac settings.

    You can remove the following line from the selected docker-compose.yaml file to avoid installation issues.

  4. Manage Artifactory using native Docker Compose commands, docker-compose -p rt <action> command.

    Run these commands from the extracted folder.

    # Starting from 7.8.x, PostgreSQL needs to be started before starting the other services.
docker-compose -p rt-postgres -f docker-compose-postgres.yaml up -d
docker-compose -p rt up -d
docker-compose -p rt ps
docker-compose -p rt down

  5. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/ . For example, on your local machine: http://localhost:8082/ui/.

  6. Check Artifactory Log.

    docker-compose -p rt logs

    Configure log rotation of the console log

    The console.log file can grow quickly since all services write to it. For more information, see configure the log rotation.Logging

Docker Compose Installation using Docker Volumes

  1. Create Docker volumes.

    docker volume create --name=artifactory_data
docker volume create --name=postgres_data

  2. Extract the contents of the compressed archive and go to the extracted folder.

    tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-compose.tar.gz

  3. Copy the docker-compose-volumes.yaml to the extracted folder.

    cp templates/docker-compose-volumes.yaml docker-compose.yaml

  4. Add the entries in the .env file.

    Avoid adding duplicate entries in the .env file.

    echo -e "JF_SHARED_NODE_IP=$(hostname -i)" >> .env
echo -e "JF_SHARED_NODE_ID=$(hostname -s)" >> .env
echo -e "JF_SHARED_NODE_NAME=$(hostname -s)" >> .env

  5. Manage Artifactory using native Docker Compose commands: docker-compose -p rt <action> command.

    Run these commands from the extracted folder.

    docker-compose -p rt up -d
docker-compose -p rt ps
docker-compose -p rt down
Artifactory Product Configuration

After installing and before running Artifactory, you may set the following configurations.

  • System YAML Configuration File

    Where to find system.yaml?

    You can configure all your system settings using the system.yaml file located in the $JFROG_HOME /artifactory/var/etc folder. For more information, see Artifactory YAML Configuration.

    If you don't have a System YAML file in your folder, copy the template available in the folder and name it system.yaml.

    For the Helm charts, the system.yaml file is managed in the chart’s values.yaml.

  • Database

    Artifactory comes with an embedded Derby Database out-of-the-box. If you're planning to use it in production, it is highly recommended to first Configure the Database, and then start Artifactory.

  • Customize Java Opts (optional)Remember to modify your JVM Parameters as needed by setting JAVA_OPTIONS in Shared Configurations. The property to pass extra Java opts is artifactory.extraJavaOpts. It is highly recommended to set your Java memory parameters as follows:

    Tip

    The larger your repository or number of concurrent users, the larger you need to make the -Xms and -Xmx values accordingly. If you can reserve at least 512MB for Artifactory, the recommended minimal values are:

    -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC

    For more recommendations about your hardware configuration (especially the -Xmx parameter), see System Requirements

  • Additional Settings

    These include: customizing ports, joinKey (join.key), masterKey (master.key).

  • Configuring the Filestore

    By default, Artifactory is configured to use the local file system as its filestore. Artifactory supports a variety of additional filestore configurations to meet a variety of needs for binary storage providers, storage size and redundancy.

Enable TLS 1.0 and 1.1 for Connectivity with Older Databases

Artifactory version 7.25.2 onwards includes OpenJDK version 11.0.11 and later. TLS 1.0 and TLS 1.1 are disabled by default from OpenJDK 11.0.11 onwards. If your database version does not support TLS 1.2, the Artifactory startup fails.

If you are unable to upgrade your database to a version that supports TLS 1.2 or later, perform the following steps to run Artifactory.

  1. Download the java.security file that has TLS 1.0 and 1.1 enabled.

  2. Create the directory, ${JFROG_HOME}/artifactory/var/bootstrap/artifactory/java.

  3. Copy the java.security file into ${JFROG_HOME}/artifactory/var/bootstrap/artifactory/java.

  4. Provide the appropriate permissions to the directory.

    Note

    Artifactory startup takes a backup of the existing java.security file and bootstraps custom java.security into the ${JFROG_HOME}/artifactory/app/third-party/java/conf/security folder.

Configure Java Security File for Helm Installations

  1. Create the following local directory.

    mkdir -p java/configmap

  2. Download the java.security file that has TLS 1.0 and 1.1 enabled.

  3. Copy the java.security file to java/configmap.

  4. Run the following command to create a custom config map. For more information, see Using Config Maps.

    kubectl create configmap java-security-config --from-file=java/configmap/java.security

  5. Pass the following custom config map to your Helm install. For more information, see Using Config Maps.

    artifactory:
  preStartCommand: "mkdir -p /opt/jfrog/artifactory/var/bootstrap/artifactory/java && cp -Lrf /tmp/java/* /opt/jfrog/artifactory/var/bootstrap/artifactory/java/"
  customVolumes: |
   - name: java-security-config
     configMap:
       name: java-security-config
  customVolumeMounts: |
    - name: java-security-config
      mountPath: /tmp/java/java.security
      subPath: java.security
Artifactory Manual Docker Compose Installation

  1. Go to the download page, click the green arrow to download Docker Compose. Extract the contents of the compressed archive (.tar.gz file) and then go to the extracted folder.

    tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-compose.tar.gz

    .env file included within the Docker-Compose archive

    This .env file is used by docker-compose and is updated during installations and upgrades.

    Notice that some operating systems do not display dot files by default. If you've made any changes to the file, remember to backup before an upgrade.

  2. Create the following folder structure under $JFROG_HOME/artifactory

    -- [1030     1030    ]  var
    |-- [1030     1030 ]  data
    |   |--   [104    107]    nginx                     - Necessary if you want to add nginx
    |   `--   [999    999]    postgres                  - Necessary if you want to add postgres
    |-- [1030     1030 ]  etc

    Enter the following commands in order so that you can set the ownership correctly.

    chown -R 1030:1030 $JFROG_HOME/artifactory/var
chown -R 1030:1030 $JFROG_HOME/artifactory/var/data
chown -R 1030:1030 $JFROG_HOME/artifactory/var/etc
chown -R 104:107 $JFROG_HOME/artifactory/var/data/nginx
chown -R 999:999 $JFROG_HOME/artifactory/var/data/postgres

  3. Copy the appropriate docker-compose templates from the templates folder to the extracted folder. Rename it as docker-compose.yaml

    Requirement

    Template

    Artifactory + Derby (inbuilt database)

    docker-compose.yaml

    Artifactory + Postgres

    docker-compose-postgres.yaml

    Artifactory + Nginx

    docker-compose-nginx.yaml

  4. Update the .env file with the installation directory.

    ROOT_DATA_DIR=$JFROG_HOME/artifactory
##Enter the exact value of $JFROG_HOME. For example, /root/.jfrog.

  5. Customize the product configuration.

    1. Customize the PostgreSQL Database connection details. (optional)

    2. Set any additional configurations (for example: ports, node id) using the Artifactory system.yaml configuration file .

      Note

      Ensure the host's ID "shared.node.id" and IP "shared.node.ip" are added to the system.yaml. If these are not added, the container's IP will be used and other Platform Deployments, products will be unable to reach this instance

  6. Start Artifactory using docker-compose commands.

    docker-compose -p rt logs
docker-compose -p rt ps
docker-compose -p rt up -d
docker-compose -p rt down

  7. Access Artifactory from your browser at:http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

  8. Check Artifactory Log.

    docker-compose -p rt logs

    Configure log rotation of the console log

    The console.log file can grow quickly since all services write to it. For more information, see configure the log rotation.Logging