The RPM installation bundles Xray and all its dependencies. It is provided as native RPM packages, where Xray and its dependencies must be installed separately. Use this, if you are automating installations.
Before you proceed with the installation, review the system requirements.
Install/Upgrade Xray 3.70.0 to 3.74.0 with RPM
Xray installation/upgrade might fail because of the missing package libltdl. If you face the error, you can download and install the package, and proceed with the installation/upgrade of Xray.
Follow these steps to install the product:
Extract the contents of the compressed archive, and go to the extracted folder.
tar -xvf jfrog-xray-<version>-rpm.tar.gz cd jfrog-xray-<version>-rpm
Install PostgreSQL.
You can choose to install any compatible PostgreSQL version, or use the PostgreSQL RPM bundled with the Xray installer located under
/third-party/postgresql
.PostgreSQL is required and must be installed before continuing with the next installation steps.
Set your PostgreSQL connection details in the Shared Configurations section of the $JFROG_HOME
xray/etc/system.yaml
file.Install
db-util
.You can use the bundled db-utils found under
/third-party/misc/
.db-util allows Xray to interact with the Berkley DB that contains information about RPM-based Docker images. This way, Xray can index OS packages for these images.
# This will install db-util if db_dump is not available hash db_dump 2>/dev/null || rpm -ivh --replacepkgs ./third-party/misc/<db-utils version>.x86_64.rpm
Install RabbitMQ dependencies.
# Note : Use el8 with RHEL8, and el9 with RHEL9 and Amazon Linux 2023 # Run the following from the extracted folder. rpm -ivh --replacepkgs ./third-party/rabbitmq/socat-<version>.x86_64.rpm rpm -ivh --replacepkgs ./third-party/rabbitmq/erlang-<version>.x86_64.rpm
Install Xray.
You must run as a root user.
rpm -Uvh --replacepkgs ./xray/xray.rpm
Customize the product configuration.
Set the Artifactory connection details.
Customize the PostgreSQL Database connection details. (optional)
Set any additional configurations (for example: ports, node id) using the Xray system.yaml configuration file.
Warning
Verify that a large file handle limitis specified before you start Xray.
Start and manage the Xray service.
systemd OS
systemctl start|stop xray.service
systemv OS
service xray start|stop|status|restart
Access Xray from your browser at:
http://<jfrogUrl>/ui/:port
.Go to the Xray Security & Compliance tab in the Administration module in the UI.
Check the Xray Log.
tail -f $JFROG_HOME/xray/var/log/console.log
Configure log rotation of the console log
The
console.log
file can grow quickly since all services write to it. For more information, see configure the log rotation.
Third Party Applications for Xray
Ensure that you install the third party application for Xray before run the Xray service.
PostgreSQL for Xray
Using Microsoft Azure PostgreSQL
Some managed databases, such as Azure, have a different username for accessing the database than the actual one inside the database. For Azure-managed PostgreSQL, the username
will be, for example xray@mycompany
and the actualUsername
will be xray
. For more information, see Xray System YAML.
Prior to Xray version 3.30
If you install an Xray version prior to 3.30, do not use a password for PostgreSQL that has special characters.Xray may not work if you configure a password that has special characters, such as~ = # @ $ /
.
PostgreSQL RPM Installation
Install PostgreSQL.
# Run the following commands from the extracted jfrog-xray-<version>-rpm directory. # Note : Use PostgreSQL el8 with RHEL8, el9 with RHEL 9, amzn2023 for Amazon Linux 2023 mkdir -p /var/opt/postgres/data # For RHEL 8 rpm -ivh --replacepkgs ./third-party/postgresql/libicu-60.3-2.el8_1.x86_64.rpm (only AWS instance) rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-libs-13.10-1PGDG.rhel8.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-13.10-1PGDG.rhel8.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-server-13.10-1PGDG.rhel8.x86_64.rpm # For RHEL 9 rpm -ivh --replacepkgs ./third-party/postgresql/libicu-67.1-9.el9.x86_64.rpm (only AWS instance) rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-libs-13.10-1PGDG.rhel9.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-13.10-1PGDG.rhel9.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql13-server-13.10-1PGDG.rhel9.x86_64.rpm # For Amazon Linux 2023 rpm -ivh --replacepkgs ./third-party/postgresql/libicu-67.1-7.amzn2023.0.3.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql15-private-libs-15.6-1.amzn2023.0.1.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/libxslt-1.1.34-5.amzn2023.0.2.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/uuid-1.6.2-50.amzn2023.0.2.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql15-15.6-1.amzn2023.0.1.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql15-server-15.6-1.amzn2023.0.1.x86_64.rpm rpm -ivh --replacepkgs ./third-party/postgresql/postgresql15-contrib-15.6-1.amzn2023.0.1.x86_64.rpm chown -R postgres:postgres /var/opt/postgres export PGDATA="/var/opt/postgres/data" export PGSETUP_INITDB_OPTIONS="-D /var/opt/postgres/data" # For RHEL 8,9 and Amazon Linux 2023 sed -i "s~^Environment=PGDATA=.*~Environment=PGDATA=/var/opt/postgres/data~" /lib/systemd/system/postgresql-13.service systemctl daemon-reload /usr/pgsql-13/bin/postgresql-13-setup initdb Replace "ident" and "peer" with "trust" in postgres hba configuration file, /var/opt/postgres/data/pg_hba.conf. This configuration is for creating the initial users and database, once this is done, change "trust" to md5 in pg_hba.conf and restart PostgreSQL.
Configure PostgreSQL to allow external IP connections.
By default PostgreSQL only allows localhost clients communications. To enable different IPs to communicate with the database you will need to configure the pg_hba.conf file.
File location according to installation Docker-compose:
$JFROG_HOME/xray/var/data/postgres/data
Native installations:
/var/opt/postgres/data
To grant all IPs access add the following entry under the IPv4 local connections section.
host all all 0.0.0.0/0 md5
Add the following entries to
/var/opt/postgres/data
/postgresql.conf.listen_addresses='*' port=5432
Start PostgreSQL.
systemctl start postgresql-<version>.service or service postgresql-<version> start
Setup the database and user.
## run the script to seed the tables and schemas needed by Xray cp -f ./third-party/postgresql/createPostgresUsers.sh /tmp source /etc/locale.conf cd /tmp && su postgres -c "POSTGRES_PATH=/usr/pgsql-13/bin PGPASSWORD=postgres DB_PASSWORD=password bash /tmp/createPostgresUsers.sh"
Xray PostgreSQL Upgrade
Xray 3.x supports PostgreSQL versions 10, 11, 12, 13, 14, and 15.
To learn about the process and requirements for upgrading PostgreSQL 9.x, see JFrog Xray PostgreSQL Upgrade - PostgreSQL 9.x EoS.
PostgreSQL Performance Improvements
We recommend that you increase the maximum connections setting in the PostgreSQL configuration file.
Open the $JFROG_HOME/xray/var/lib/pgsql/data/postgresql.conf
configuration file, and add or edit the max_connections
property.
Restart the database to enable this change.
Erlang for Xray
Erlang RPM Installation
Use RPMs with el7 when installing on Centos 7 and RHEL 7, and el8 with CentOS 8 and RHEL8
Use el8 with CentOS 8 and RHEL8, and el9 with RHEL9 & Amazon Linux 2023 rpm -ivh --replacepkgs xray/app/third-party/rabbitmq/socat-<version>.rpm rpm -ivh --replacepkgs xray/app/third-party/rabbitmq/erlang-<version>.rpm Note: Socat is no longer required starting Xray version 3.109.x
db-util for Xray
db-util allows Xray to interact with the Berkley DB that contains information about RPM-based Docker images. This way, JFrog Xray can index OS packages for these images.
db-util RPM Installation
# This will install db-util if db_dump is not available hash db_dump 2>/dev/null || rpm -ivh --replacepkgs xray/app/third-party/misc/db4-utils-<version>.rpm