Installing Xray

JFrog Installation & Setup Documentation

Content Type
Installation & Setup
ft:sourceType
Paligo

Subscription Information

This feature is supported on the Self-Hosted platform, with Pro X, Enterprise X, and Enterprise+ licenses.

You can install and configure JFrog Xray, single node and high availability. For additional information on high availability, see high availability

Before installing Xray 3.x, you must first install JFrog Artifactory 7.x.

Note

Use a dedicated server with no other software running to alleviate performance bottlenecks, avoid port conflicts, and avoid setting uncommon configurations.

Warning

If you install Xray on the same server as Artifactory, you might have port conflicts and performance issues. Artifactory and Xray use port 8082 for communication with the external network. In addition, the ports 8082, 8046, 8047, and 8049 are used by both Xray and Artifactory for the Router microservice.

To learn about the JFrog Platform Deployment, see System Architecture.

Before you proceed, see System Requirements for information on supported platforms, supported browsers, and other requirements.

Xray Node Recommendations

Use a dedicated node for Xray with no other software running to alleviate performance bottlenecks, avoid port conflicts, and avoid setting uncommon configurations.

Xray Storage Recommendations

In most cases, our recommendation is to use an SSD drive for Xray to have better performance and it is not recommended to use an NFS drive, as it is a disk I/O-intensive service, a slow NFS server can suffer from I/O bottlenecks and NFS is mostly used for storage replication.

Xray stores node-specific files, such as configuration and temporary files, to the disk. These files are exclusively used by Xray and not shared with other services. Since the local storage used for Xray services is temporary, it does not require replication between the different nodes in a multi-node/HA deployment.

Xray File Handle Allocation Limit

Use the following command to determine the current file handle allocation limit.

cat /proc/sys/fs/file-max

Then, set the following parameters in your /etc/security/limits.conf file to the lower of 100,000 or the file handle allocation limit determined above.

The example shows how the relevant parameters in the /etc/security/limits.conf file are set to 100000. The actual setting for your installation may be different depending file handle allocation limit in your system.

root hard nofile 100000
root soft nofile 100000
xray hard nofile 100000
xray soft nofile 100000
postgres hard nofile 100000
postgres soft nofile 100000
Operating Systems and Platform Support

The following table lists the supported operating systems and their versions:

Product

Debian

RHEL

Ubuntu

Amazon Linux

Windows Server

Xray

10.x, 11.x

8.x, 9.x

20.04, 22.04

Amazon Linux 2023

For more information about the supported operating systems for Insights and Pipelines, see Insights System Requirements and Pipelines System Requirements.

Note

Debian 12.x and Ubuntu 24.04 are supported from Artifactory 7.104.x and Distribution 2.28.

Supported Platforms

The following table lists the supported platforms:

Product

x86-64

ARM64

Kubernetes

OpenShift

Xray

1.27+

4.14+

For more information about the supported platforms for Insights and Pipelines, see Insights System Requirements and Pipelines System Requirements.

Installation on Kubernetes environments is through Helm Charts. Supported Helm version is Helm 3+.

Kubernetes Sizing Requirements

We have included YAML files with different sizing configurations for Artifactory , Xray, and Distribution in our GitHub pages. You can use these YAML files when you set up your cluster.

ARM64 Support for Container-Based Installations

Starting from version 7.41.4, Artifactory supports installation on ARM64 architecture specifically through Helm and Docker installations. When deploying Artifactory on an ARM64 platform, an external database must be set up as Artifactory does not support the bundled database for ARM64 installations. The appropriate ARM64 Container Image is automatically pulled during the Helm or Docker installation process.

Additionally, ARM64 support is available for Xray and Distribution all through container-based Installations.

Database and Third-Party Applications in Xray

Every artifact and build indexed by Xray is broken down into multiple components. These components and the relationships between each other are represented in a checksum based components graph. Xray uses PostgreSQL to store and query this components graph.

Xray supports the following versions of PostgreSQL:

  • 16.x (from version 3.107)

  • 15.x (from version 3.78.9)

  • 14.x

  • 13.x (from version 3.18)

RabbitMQ is installed as part of the Xray installation for every node. In case of HA architecture, Xray uses queue mirroring between the different RabbitMQ nodes. External RabbitMQ instances are not officially supported; the recommended method of installation is to use the bundled RabbitMQ.

Xray has multiple flows, such as scanning, impact analysis, and database sync. These flows require processing completed by the different Xray microservices. Flows contain multiple steps that are completed by the Xray services. Xray uses RabbitMQ to manage these different flows and track synchronous and asynchronous communication between the microservices.

Xray also uses Erlang and DB-Util third-party applications. These packages are bundled with all Xray installers except Linux Archive. You need to use Erlang version 25.x and you can use the latest available version db-util.

Xray Network Ports

Xray uses the 8082 port by default for external communication.

Xray uses the following internal ports by default for communication with JFrog Platform microservices.

Microservice

Port

Xray Server

8000

Analysis

7000

Indexer

7002

Persist

7003

Router

HTTP: 8082, 8046, 8049

gRPC: 8047

RabbitMQ

4369, 5671, 5672, 15672, and 25672

PostgreSQL (if you use the bundled PostgreSQL database)

5432

Observability

HTTP: 8036

gRPC: 8037

Admin Permissions for Installation

We recommend that you run the installation as a root user or provide sudo access to a non-root user.

You need to have admin permissions on the installation machine in the following cases.

  • Native installer - always requires admin permissions

  • Archive installer - requires admin permissions only during installation

  • Docker installer - does not require admin permissions

Installation Steps

The installation procedure involves the following main steps.

  1. Download Xray as per your required installer type (Docker Compose, RPM, Debian).

  2. Install Xray either as a single node installation, or high availability cluster.

    1. Install third party dependencies (PostgreSQL database, included in the archive)

    2. Install Xray

  3. Configure Xray basic settings.

    1. Connect to an Artifactory instance (requires a joinKey and a jfrogUrl in the XRay system.yaml file).

    2. Optional: Configure the PostgreSQL database connection details if you have set Postgres as an external database.

  4. Start the Service using the start scripts or OS service management.

  5. Check the Service Log to check the status of the service.

Default Home Directory / $JFROG_HOME

The default home directory is defined according to the installation type. For more information, see System Directories.

$JFROG_HOME represents the JFrog root directory containing the deployed product.