Installing Artifactory Edge

JFrog Installation & Setup Documentation

Content Type
Installation & Setup
ft:sourceType
Paligo

Subscription Information

This feature is supported with the Enterprise+ license.

JFrog Artifactory Edge (an "Edge node") is an edition of JFrog Artifactory whose available features have been customized to serve the primary purpose of distributing software to a runtime such as a data center, a point-of-sale or even a mobile device. All packages hosted in an Edge node are part of a Release Bundle which is a secure and immutable collection of software packages that make up a release to be provisioned or can be uploaded using direct file upload through the UI or REST API.Distribute Release Bundles (v1)

Note

Distributing Release Bundles REST API can be found here.Distribute Release Bundle v1 Version

Before you get started - Establish a circle of trust

An Edge node can only receive Release Bundles from an Artifactory service if they are both within the same circle of trust. Once you have completed the installation of the Edge node, make sure to add it to the circle of trust for any Artifactory service from which it should receive Release Bundles. To learn how to establish a circle of trust, see Establishing the Circle of Trust.Circle of Trust (Cross-Instance Authentication)

Edge Installation Options

The process of installing an Edge node is identical to installing any other Artifactory instance. The following section details the process of installing Artifactory using Linux Archive a popular installation option. For other Artifactory installation options, see Installing Artifactory.

Install Artifactory Single Node with Linux Archive

Before you proceed with the installation, review the system requirements.

Operating Systems and Platform Support

The following table lists the supported operating systems and the versions.

Product

Debian

RHEL

Ubuntu

Windows Server

Amazon Linux

Artifactory

10.x, 11.x

8.x, 9.x

20.04, 22.04

2016 or 2019

Amazon Linux 2023

Operating Systems - End of Support

As part of JFrog commitment to maintain the security and reliability of the JFrog Platform, Artifactory will officially run with Node.js 20.x on all installation types from Artifactory 7.77.3.

Node.js 20.x provided with Linux Archive/Debian/RPM installations (non-containerized distributions) is not supported on the following operating systems.

Hence, these operating systems will no longer supported from Artifactory version 7.77.3.

Supported Platforms

The following table lists the supported platforms.

Product

x86-64

ARM64

Kubernetes

OpenShift

Artifactory

1.19+

4.13+

Installation on Kubernetes environments is through Helm Charts. Supported Helm version is Helm 3+.

ARM64 Support

From version 7.41.4, Artifactory supports installation on ARM64 architecture through Helm and Docker installations. You must set up an external database as the Artifactory database since Artifactory does not support the bundled database with the ARM64 installation. Artifactory installation pulls the ARM64 image automatically when you run the Helm or Docker installation on the ARM64 platform.

ARM64 support is also available for Xray, Pipelines (in Helm installation), and Insight. ARM64 support is not available for Distribution.

Artifactory Database Requirements

You can configure your own database from the following list.

Artifactory supports the following databases.

  • PostgreSQL

  • Oracle

  • MySQL

  • Microsoft SQL Server

  • MariaDB

Artifactory HA requires an external database, which is fundamental to management of binaries and is also used to store cluster wide configuration files.

Since Artifactory HA contains multiple Artifactory cluster nodes, your database must be powerful enough to service all the nodes in the system. Moreover, your database must be able to support the maximum number of connections possible from all the Artifactory cluster nodes in your system.

If you are replicating your database you must ensure that at any given point in time all nodes see a consistent view of the database, regardless of which specific database instance they access. Eventual consistency, and write-behind database synchronization is not supported.

Artifactory File Store

The filestore is where binaries are physically stored.

Artifactory provides the following options to store binaries.

  • Local file system in which binaries are stored with redundancy using a binary provider, which manages synchronizing files between the cluster nodes according to the redundancy defined.

  • Cloud storageAmazon S3 and Google Cloud Storage

  • Network File System (NFS)

For detailed information, see Filestore Configuration.

Binary Storage

While Artifactory can use a Networked File System (NFS) for its binary storage, you should do not install the application itself on an NFS. The Artifactory application needs very fast, reliable access to its configuration files. Any latency from an NFS will result in poor performance when the application fails to read these files. Therefore, install Artifactory on a local disk mounted directly to the host.

To use an NFS to store binaries, use the "file-system" binarystore.xml configuration with the additional "<baseDataDir>" setting.

Working with Very Large Storage

In most cases, our recommendation is for storage that is at least 3 times the total size of stored artifacts in order to accommodate system backups.Backups

However, when working with a very large volume of artifacts, the recommendation may vary greatly according to the specific setup of your system. Therefore, when working with over 10 TB of stored artifacts, contact JFrog support, who will work with you to provide a recommendation for storage that is customized to your specific setup.

Allocated storage space may vary

Xray downloads and then deletes fetched artifacts after indexing. However, in order to have more parallel indexing processes, and thereby more temporary files at the same time would require more space.

This is especially applicable for large BLOBs such as Docker images.

Artifactory Network Ports

Artifactory uses external network ports to communicate with services outside Artifactory and internal networks to communicate with Artifactory and other JFrog Platform microservices.

External Network Ports

Artifactory uses the following external network ports by default.

  • 8081

  • 8082

Internal Network Ports

Artifactory uses the following internal network ports.

Microservice

Port

Artifactory

8081

Access

8040 and 8045

Web

8070

Replicator

8048 and 9092

Metadata

8086

Router

8082, 8046, 8047, 8049, and 8091

Events

8061, and 8062

Integration

8071 and 8072

JFConnect

8030

Observability

8036

gRPC

8037

Artifactory Linux Archive Installation Steps

Complete the following steps to install the product.

  1. Create a JFrog Home directory and move the downloaded installer archive into that directory.

    For example:

    mkdir jfrog
    mv jfrog-artifactory-<pro|oss|cpp-ce>-<version>-linux.tar.gz jfrog
    cd jfrog
  2. Set the JFrog Home environment variable.

    export JFROG_HOME=<full path of the jfrog directory>

    To learn more about the system variable JFROG_HOME, see JFrog Home.

  3. Extract the contents of the compressed archive and move it into the artifactory directory.

    tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-linux.tar.gz
    mv artifactory-<pro|oss|cpp-ce>-<version> artifactory
  4. Customize the production configuration (optional) including database, Java Opts, and filestore.

  5. Run Artifactory as a foreground or daemon process, or as a service.

  6. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/ . For example, on your local machine: http://localhost:8082/ui/ .

  7. Check Artifactory Log.

    Configure log rotation of the console log

    The console.log file can grow quickly since all services write to it. For more information, see configure the log rotation.Configuring Log Rotation for Tomcat

Artifactory Post-Installation Steps

Once the installation is complete, complete the following tasks.

Artifactory Linux Archive Install Script Commands

The following are the sequence of commands performed by the Linux Archive install script.

User creation
  • Creates a default user named artifactory ($JF_ARTIFACTORY_USER).

To change the default user, edit the shared.user (and shared.group) parameter in the $JFROG_HOME/artifactory/var/etc/system.yaml .

When running the service with a different user, make sure to update the shared.user and the shared.group parameters in the $JFROG_HOME/artifactory/var/etc/system.yaml file.

artifactory default
  • Modifies the $JFROG_HOME/artifactory/app/bin/artifactory.default file containing the main environment variables needed for Artifactory to run.

    Such as: JF_PRODUCT_HOME, TOMCAT_HOME, JAVA_OPTIONS.

To modify your JVM parameters, modify the artifactory.extraJavaOpts parameter in the $JFROG_HOME/artifactory/var/etc/system.yaml .

systemd or init
  • Installs the Artifactory service on systemd if supported, or init.d.

    • systemd is supported: the install script copies the artifactory to /etc/systemd/system/artifactory.service script file

    • systemd is not supported: the install script copies the artifactory script file to /etc/init.d/artifactory

Tomcat Preparation
  • Creates the logs directory $JFROG_HOME/artifactory/var/log folder, with write permissions to the JF_ARTIFACTORY_USER (created at the start of the script).

  • Creates a soft link $JFROG_HOME/artifactory/var/log/artifactory/catalina.

    The $JFROG_HOME/artifactory/app/artifactory/tomcat/logs folder is linked to $JFROG_HOME/artifactory/var/log/artifactory/catalina.

  • Creates a work directory for tomcat $JFROG_HOME/artifactory/var/work/artifactory/tomcat.

chkconfig calls
  • Activates the Artifactory Service and adds it to the chkconfig list.

Set ownership
  • Defines the permissions for the $JFROG_HOME/artifactory/var and $JFROG_HOME/artifactory/app files, for the $JF_ARTIFACTORY_USER.

After installing and before running Artifactory, you may set the following configurations.

  • System YAML Configuration File

    Where to find system.yaml?

    You can configure all your system settings using the system.yaml file located in the $JFROG_HOME /artifactory/var/etc folder. For more information, see Artifactory YAML Configuration.

    If you don't have a System YAML file in your folder, copy the template available in the folder and name it system.yaml.

    For the Helm charts, the system.yaml file is managed in the chart’s values.yaml.

  • Database

    Artifactory comes with an embedded Derby Database out-of-the-box. If you're planning to use it in production, it is highly recommended to first Configure the Database, and then start Artifactory.

  • Customize Java Opts (optional)Remember to modify your JVM Parameters as needed by setting JAVA_OPTIONS in Shared Configurations. The property to pass extra Java opts is artifactory.extraJavaOpts. It is highly recommended to set your Java memory parameters as follows:

    Tip

    The larger your repository or number of concurrent users, the larger you need to make the -Xms and -Xmx values accordingly. If you can reserve at least 512MB for Artifactory, the recommended minimal values are:

    -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC

    For more recommendations about your hardware configuration (especially the -Xmx parameter), see System Requirements

  • Additional Settings

    These include: customizing ports, joinKey (join.key), masterKey (master.key).

  • Configuring the Filestore

    By default, Artifactory is configured to use the local file system as its filestore. Artifactory supports a variety of additional filestore configurations to meet a variety of needs for binary storage providers, storage size and redundancy.

Enable TLS 1.0 and 1.1 for Connectivity with Older Databases

Artifactory version 7.25.2 onwards includes OpenJDK version 11.0.11 and later. TLS 1.0 and TLS 1.1 are disabled by default from OpenJDK 11.0.11 onwards. If your database version does not support TLS 1.2, the Artifactory startup fails.

If you are unable to upgrade your database to a version that supports TLS 1.2 or later, perform the following steps to run Artifactory.

  1. Download the java.security file that has TLS 1.0 and 1.1 enabled.

  2. Create the directory, ${JFROG_HOME}/artifactory/var/bootstrap/artifactory/java.

  3. Copy the java.security file into ${JFROG_HOME}/artifactory/var/bootstrap/artifactory/java.

  4. Provide the appropriate permissions to the directory.

    Note

    Artifactory startup takes a backup of the existing java.security file and bootstraps custom java.security into the ${JFROG_HOME}/artifactory/app/third-party/java/conf/security folder.

Run Artifactory as a process

You can run Artifactory as a foreground or as daemon process. When running as a foreground process, the console is locked and you can stop the process at any time.

To run as a foreground process
$JFROG_HOME/artifactory/app/bin/artifactoryctl

To run as a daemon process
$JFROG_HOME/artifactory/app/bin/artifactoryctl start

To manage the process
$JFROG_HOME/artifactory/app/bin/artifactoryctl check|stop
Run Artifactory as a service

Artifactory is packaged as an archive file with a bundled Tomcat, and a complete install script that you can use to install it as a service running under a custom user. This is currently supported on Linux and Solaris systems.

When running Artifactory as a service, the installation script creates a user called artifactory, which must have run and execute permissions on the installation directory. We recommended that you extract the Artifactory download file into a directory that gives run and execute permissions to all users such as /opt.

To install Artifactory as a service, browse to the $JFROG_HOME/artifactory/app/bin directory and run installService.sh.

The following optional parameters are available with installService.sh.

  • USER - The user that you want to run the application as. The default value is artifactory.

  • GROUP - The group with which the application will run as. The default value is artifactory.

$JFROG_HOME/artifactory/app/bin/installService.sh [USER] [GROUP]
Manage the service

Use systemd or init.d commands depending on your system.

Using systemd
systemctl <start|stop|status> artifactory.service

Using init.d
service artifactory <start|stop|check>

Add licenses according to your license type.

License Key

  • Option 1: Copy the artifactory.cluster.license file to the first node's configuration directory.

    cp artifactory.cluster.license $JFROG_HOME/artifactory/var/etc/artifactory/
  • This can also be done once you start Artifactory using:

Specifying multiple licenses

Whether in the Artifactory UI, using the REST API or in the artifactory.cluster.license file, make sure that the licenses are separated by two newlines.

License Bucket

Applying a license bucket requires JFrog Mission Control.

  1. Complete configuring and starting the first node.

  2. Enable Mission Control microservice in Artifactory.

  3. Apply your license Bucket Management in the UIManage Licenses