The following is an example of a complete Xray system YAML file showing all the different parameters that you may configure.
Example Templates
It is recommended to use the templates available under $JFROG_HOME/xray/var/etc/
system.basic-template.yamlincludes most commonly used system configurationssystem.full-template.yamlincludes a list of all available configurations
Xray YAML File Format
The YAML file is constructed with keys and entities, using the following key: [entity] format.
Shared configurations specified under the shared section, are used by all micro-services.
Micro-service specific configuration are set under each micro-service section and override similar shared configurations for the specific micro-service.
Xray Supported Configurations
The following shared configurations are available in the Xray system YAML.
## JFROG XRAY SYSTEM CONFIGURATION FILE
## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
configVersion: 1
## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products.
## Replace JFROG_HOME with the real path!
## For example, in RPM install, JFROG_HOME=/opt/jfrog
## NOTE: Sensitive information such as passwords and join key are encrypted on first read.
## NOTE: The provided commented key and value is the default.
## SHARED CONFIGURATIONS
## A shared section for keys across all services in this config
shared:
## Base URL of the JFrog Platform Deployment (JPD)
## This is the URL to the machine where JFrog Artifactory is deployed, or the load balancer pointing to it. It is recommended to use DNS names rather than direct IPs.
## Examples: "http://jfrog.acme.com" or "http://10.20.30.40:8082"
#jfrogUrl:
## Security Configuration
security:
## Join key value for joining the cluster (takes precedence over 'joinKeyFile')
#joinKey: "<Your joinKey>"
## Join key file location
#joinKeyFile: "<For example: JFROG_HOME/xray/var/etc/security/join.key>"
## Master key file location
## Generated by the product on first startup if not provided
#masterKeyFile: "<For example: JFROG_HOME/xray/var/etc/security/master.key>"
## Maximum time to wait for key files (master.key and join.key)
#bootstrapKeysReadTimeoutSecs: 120
## Health Check
probes:
readiness:
samplers:
database:
#enabled: true
rabbitmq:
#enabled: true
centraldb:
#enabled: true
indexerDataFolderDiskUsage:
#enabled: true
#threshold: 95
## Logging Configuration
logging:
consoleLog:
## If true, all services' console logs willl be redirected to a common console.log
#enabled: true
## Log rotation settings
rotation:
## The max file size at which enforce rotation
#maxSizeMb: 25
## The number of backup files to maintain
#maxFiles: 10
## Whether to compress the backup file
#compress: true
## Node Configuration
node:
## A unique id to identify this node.
## Default: auto generated at startup.
#id: "<For example: xray1>"
## Default: auto resolved by startup script
#ip:
## Default: auto resolved by startup script
#name: ""
## Database Configuration
## PostgreSQL database used by all xray services
database:
#type: postgresql
#driver: org.postgresql.Driver
#url: "postgres://<your db url, for example: localhost:5432>/xraydb?sslmode=disable"
#username: xray
#password: xray
## Some managed databases like Azure have a different username for accessing the database than the actual one inside the database
## for Azure managed postgres for example username will be xray@mycompany and the actualUsername will be xray
#actualUsername: ""
## RabbitMQ Configuration
## RabbitMQ messaging system used by all xray services
rabbitMq:
## Enable this to stop rabbitmq along with other services of xray
## By default rabbitmq will always be running
#autoStop: true
node:
## RabbitMQ custom configuration
## You can set/override RabbitMQ configuration parameters (set in rabbitmq.conf) by setting a yaml array of name/value in the below rabbitmqConf section.
## List of all RabbitMQ configuration keys can be found in https://www.rabbitmq.com/configure.html#config-items
## IMPORTANT: "cluster_formation.peer_discovery_backend" and "cluster_formation.classic_config.nodes.1" are set internally by the application and cannot be set here (will be ignored)!
#rabbitmqConf:
#- name: vm_memory_high_watermark.relative
# value: "0.6"
#- name: cluster_keepalive_interval
# value: 10000
active:
node:
## RabbitMQ node name used for rabbitMq initialisation and clusterring - $(hostname -s)
#name:
## RabbitMQ node ip used for rabbitMq initialisation and clusterring (required only in docker compose installer) - $(hostname -i)
#ip:
erlangCookie:
## Erlang cookie used for authentication between RabbitMQ nodes
#value: JFXR_RABBITMQ_COOKIE
#url: "amqp://<your RabbitMQ url, for example: localhost:5672>/"
## Controls whether to automatically clean up stale nodes
#clean: "N"
#username: guest
#password: guest
## RabbitMQ vhost
#vhost: %2F
## Add any custom environment variables to be passed to all the services
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
## Run as a given user and group
## Note : This is only considered in linux archive installation which is installed as a service
## Make sure to change ownership of JFROG_HOME/xray/app and JFROG_HOME/xray/var directory, if this is modified after install
#user: xray
#group: xray
metrics:
## Use this section to enable logs and metric shipping using filebeat to the mission control or another ELK service
filebeat:
#enabled: true
elasticsearch:
#url: "http://<IP of missioncontrol>:8082/elasticsearch/"
#username: ""
#password: ""
## XRAY SERVER TEMPLATE
server:
#port: 8000
#maxEntitiesToReindex: 2000
database:
#maxOpenConnections: 60
#maxIdleConnections: 5
#maxIdleSecs: 120
#maxLifetimeSecs:
deleteMode:
#‘gc’/‘eager’ (default- gc)
reports:
#rowsLimit: 250000
#limit:
#maxSaved: 100
## The maximum number of rows allowed in PDF reports. Default is 10000.
## An error occurs if the report you want to export exceeds this value.
## Increase this limit to avoid the error and generate the report.
#maxPdfRows: 10000
## Xray server logging configuration
logging:
## Server log settings
application:
## The log level: error, warning, info, debug, trace
#level: info
## The log format: jfxr
#format: "jfxr"
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
## Request log settings
request:
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
metrics:
#enabled: true
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
#intervalSecs: 10
## Add any custom environment variables to be passed to all the services
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
#enableVirtualStorageManager: true
## XRAY ANALYSIS TEMPLATE
analysis:
#port: 7000
database:
#maxOpenConnections: 30
#maxIdleConnections: 5
#maxIdleSecs: 120
#maxLifetimeSecs:
## Xray analysis logging configuration
logging:
## Analysis log settings
application:
## The log level: error, warning, info, debug, trace
#level: info
## The log format: jfxana
#format: "jfxana"
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxFiles: 10
metrics:
enabled: true
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
#intervalSecs: 10
## Add any custom environment variables to be passed to all the services
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
## XRAY INDEXER TEMPLATE
indexer:
#port: 7002
database:
#maxOpenConnections: 30
#maxIdleConnections: 5
#maxIdleSecs: 120
#maxLifetimeSecs:
## Xray indexer logging configuration
logging:
## Indexer log settings
application:
## The log level: error, warning, info, debug, trace
#level: info
## The log format: jfxidx
#format: "jfxidx"
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxFiles: 10
metrics:
enabled: true
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
#intervalSecs: 10
## Add any custom environment variables to be passed to all the services
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
## XRAY PERSIST TEMPLATE
persist:
#port: 7003
database:
#maxOpenConnections: 30
#maxIdleConnections: 5
#maxIdleSecs: 120
#maxLifetimeSecs:
## Xray persist logging configuration
logging:
## Persist log settings
application:
## The log level: error, warning, info, debug, trace
#level: info
## The log format: jfxpst
#format: "jfxpst"
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxFiles: 10
metrics:
enabled: true
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
#intervalSecs: 10
## Add any custom environment variables to be passed to all the services
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if
## it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
## ROUTER TEMPLATE
router:
## Profiling related settings
profiling:
## Enable profiling endpoints
#enabled: true
## Corporate proxy related settings
proxy:
## Proxy url for all outgoing http requests
#httpUrl: ""
## Proxy url for all outgoing https requests
#httpsUrl: ""
## List of target hosts to communicate with directly, bypassing the proxy.
## "localhost" will always be added to this list automatically.
#ignoredHosts:
#- "ignore.me.com"
#- "ignore.me2.com"
## Router entry points
entrypoints:
## The internal port, used by local services to communicate with the router and any other service (local and external)
#internalPort: 8046
## The external port, registered in the service registry, used by external services to communicate with services in this node
#externalPort: 8082
## An internal port used for internal Traefik (and Router) REST API
#traefikApiPort: 8049
## An internal port used for Router's gRPC API
#grpcPort: 8047
## Service registry (Access) communication settings
serviceRegistry:
## Service registry (Access) TLS verification skipped if enabled
#insecure: false
## Service registry (Access) request timeout
#requestTimeout: 15s
## Topology related settings
topology:
## Local topology settings
local:
## Settings for checking the health of local services
healthCheck:
## Duration between health checks
#interval: 5s
## Health check request timeout
#requestTimeout: 5s
## The number of consecutive successful health checks that must occur before declaring an instance healthy
#healthyThreshold: 2
## The number of consecutive failed health checks that must occur before declaring an instance unhealthy
#unhealthyThreshold: 2
## External topology settings
external:
## Settings for refreshing the router with external topology from the service registry
refresh:
## Refresh interval
#interval: 3s
## The maximum duration a service can be considered as healthy since its last heartbeat
#maxStaleHeartbeat: 30s
## Support bundle aggregation settings
supportBundle:
## The maximum duration support bundle aggregation is allowed before it is automatically cancelled
#aggregationTimeout: 1h
## Logging settings
logging:
## Router log settings
application:
## The log level: error, warning, info, debug, trace
#level: "info"
## The log format: jftext, json
#format: "jftext"
## Whether to include the caller information (runtime frame)
#caller: false
## Whether to print the log also to stdout
#console: true
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
#intervalSecs: 10
## Traefik log settings
traefik:
## The log level: error, warning, info, debug, trace
#level: "info"
## The log format: jftext, json
#format: "jftext"
## Whether to include the caller information (runtime frame)
#caller: false
## Whether to print the log also to stdout
#console: true
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 25
#maxAgeDays: 0
#maxFiles: 10
## Request log settings
request:
## If true, request log will contain additional information
## This may result in a slight performance overhead
#verbose: false
## Log rotation settings
rotation:
#compress: true
#maxSizeMb: 100
#maxAgeDays: 0
#maxFiles: 10
## Add any custom environment variables to be passed to this service
## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added
env:
#EXAMPLE_VAR: example-value
#LD_LIBRARY_PATH: /usr/lib64
## Ephemeral storage is supported from Xray 3.82.10. You can now configure JAS pod resources.
executionService:
cpuRequest: '1.5'
cpuLimit: '3.0'
memRequest: '4Gi'
memLimit: '16Gi'
ephemeralStorageRequest: '20Gi'
ephemeralStorageLimit: '40Gi'
platformCertificatePath: "/path/to/certificate.pem"