The following is an example of a complete Xray system YAML file showing all the different parameters that you may configure.
Example Templates
It is recommended to use the templates available under $JFROG_HOME/xray/var/etc/
system.basic-template.yaml
includes most commonly used system configurationssystem.full-template.yaml
includes a list of all available configurations
Xray YAML File Format
The YAML file is constructed with keys and entities, using the following key: [entity]
format.
Shared configurations specified under the shared section, are used by all micro-services.
Micro-service specific configuration are set under each micro-service section and override similar shared configurations for the specific micro-service.
Xray Supported Configurations
The following shared configurations are available in the Xray system YAML.
## JFROG XRAY SYSTEM CONFIGURATION FILE ## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character. configVersion: 1 ## NOTE: JFROG_HOME is a place holder for the JFrog root directory containing the deployed product, the home directory for all JFrog products. ## Replace JFROG_HOME with the real path! ## For example, in RPM install, JFROG_HOME=/opt/jfrog ## NOTE: Sensitive information such as passwords and join key are encrypted on first read. ## NOTE: The provided commented key and value is the default. ## SHARED CONFIGURATIONS ## A shared section for keys across all services in this config shared: ## Base URL of the JFrog Platform Deployment (JPD) ## This is the URL to the machine where JFrog Artifactory is deployed, or the load balancer pointing to it. It is recommended to use DNS names rather than direct IPs. ## Examples: "http://jfrog.acme.com" or "http://10.20.30.40:8082" #jfrogUrl: ## Security Configuration security: ## Join key value for joining the cluster (takes precedence over 'joinKeyFile') #joinKey: "<Your joinKey>" ## Join key file location #joinKeyFile: "<For example: JFROG_HOME/xray/var/etc/security/join.key>" ## Master key file location ## Generated by the product on first startup if not provided #masterKeyFile: "<For example: JFROG_HOME/xray/var/etc/security/master.key>" ## Maximum time to wait for key files (master.key and join.key) #bootstrapKeysReadTimeoutSecs: 120 ## Health Check probes: readiness: samplers: database: #enabled: true rabbitmq: #enabled: true centraldb: #enabled: true indexerDataFolderDiskUsage: #enabled: true #threshold: 95 ## Logging Configuration logging: consoleLog: ## If true, all services' console logs willl be redirected to a common console.log #enabled: true ## Log rotation settings rotation: ## The max file size at which enforce rotation #maxSizeMb: 25 ## The number of backup files to maintain #maxFiles: 10 ## Whether to compress the backup file #compress: true ## Node Configuration node: ## A unique id to identify this node. ## Default: auto generated at startup. #id: "<For example: xray1>" ## Default: auto resolved by startup script #ip: ## Default: auto resolved by startup script #name: "" ## Database Configuration ## PostgreSQL database used by all xray services database: #type: postgresql #driver: org.postgresql.Driver #url: "postgres://<your db url, for example: localhost:5432>/xraydb?sslmode=disable" #username: xray #password: xray ## Some managed databases like Azure have a different username for accessing the database than the actual one inside the database ## for Azure managed postgres for example username will be xray@mycompany and the actualUsername will be xray #actualUsername: "" ## RabbitMQ Configuration ## RabbitMQ messaging system used by all xray services rabbitMq: ## Enable this to stop rabbitmq along with other services of xray ## By default rabbitmq will always be running #autoStop: true node: ## RabbitMQ custom configuration ## You can set/override RabbitMQ configuration parameters (set in rabbitmq.conf) by setting a yaml array of name/value in the below rabbitmqConf section. ## List of all RabbitMQ configuration keys can be found in https://www.rabbitmq.com/configure.html#config-items ## IMPORTANT: "cluster_formation.peer_discovery_backend" and "cluster_formation.classic_config.nodes.1" are set internally by the application and cannot be set here (will be ignored)! #rabbitmqConf: #- name: vm_memory_high_watermark.relative # value: "0.6" #- name: cluster_keepalive_interval # value: 10000 active: node: ## RabbitMQ node name used for rabbitMq initialisation and clusterring - $(hostname -s) #name: ## RabbitMQ node ip used for rabbitMq initialisation and clusterring (required only in docker compose installer) - $(hostname -i) #ip: erlangCookie: ## Erlang cookie used for authentication between RabbitMQ nodes #value: JFXR_RABBITMQ_COOKIE #url: "amqp://<your RabbitMQ url, for example: localhost:5672>/" ## Controls whether to automatically clean up stale nodes #clean: "N" #username: guest #password: guest ## RabbitMQ vhost #vhost: %2F ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## Run as a given user and group ## Note : This is only considered in linux archive installation which is installed as a service ## Make sure to change ownership of JFROG_HOME/xray/app and JFROG_HOME/xray/var directory, if this is modified after install #user: xray #group: xray metrics: ## Use this section to enable logs and metric shipping using filebeat to the mission control or another ELK service filebeat: #enabled: true elasticsearch: #url: "http://<IP of missioncontrol>:8082/elasticsearch/" #username: "" #password: "" ## XRAY SERVER TEMPLATE server: #port: 8000 #maxEntitiesToReindex: 2000 database: #maxOpenConnections: 60 #maxIdleConnections: 5 #maxIdleSecs: 120 #maxLifetimeSecs: deleteMode: #‘gc’/‘eager’ (default- gc) reports: #rowsLimit: 250000 #limit: #maxSaved: 100 ## Xray server logging configuration logging: ## Server log settings application: ## The log level: error, warning, info, debug, trace #level: info ## The log format: jfxr #format: "jfxr" ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 ## Request log settings request: ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 metrics: #enabled: true rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 #intervalSecs: 10 ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 #enableVirtualStorageManager: true ## XRAY ANALYSIS TEMPLATE analysis: #port: 7000 database: #maxOpenConnections: 30 #maxIdleConnections: 5 #maxIdleSecs: 120 #maxLifetimeSecs: ## Xray analysis logging configuration logging: ## Analysis log settings application: ## The log level: error, warning, info, debug, trace #level: info ## The log format: jfxana #format: "jfxana" ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxFiles: 10 metrics: enabled: true rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 #intervalSecs: 10 ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## XRAY INDEXER TEMPLATE indexer: #port: 7002 database: #maxOpenConnections: 30 #maxIdleConnections: 5 #maxIdleSecs: 120 #maxLifetimeSecs: ## Xray indexer logging configuration logging: ## Indexer log settings application: ## The log level: error, warning, info, debug, trace #level: info ## The log format: jfxidx #format: "jfxidx" ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxFiles: 10 metrics: enabled: true rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 #intervalSecs: 10 ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## XRAY PERSIST TEMPLATE persist: #port: 7003 database: #maxOpenConnections: 30 #maxIdleConnections: 5 #maxIdleSecs: 120 #maxLifetimeSecs: ## Xray persist logging configuration logging: ## Persist log settings application: ## The log level: error, warning, info, debug, trace #level: info ## The log format: jfxpst #format: "jfxpst" ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxFiles: 10 metrics: enabled: true rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 #intervalSecs: 10 ## Add any custom environment variables to be passed to all the services ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if ## it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## ROUTER TEMPLATE router: ## Profiling related settings profiling: ## Enable profiling endpoints #enabled: true ## Corporate proxy related settings proxy: ## Proxy url for all outgoing http requests #httpUrl: "" ## Proxy url for all outgoing https requests #httpsUrl: "" ## List of target hosts to communicate with directly, bypassing the proxy. ## "localhost" will always be added to this list automatically. #ignoredHosts: #- "ignore.me.com" #- "ignore.me2.com" ## Router entry points entrypoints: ## The internal port, used by local services to communicate with the router and any other service (local and external) #internalPort: 8046 ## The external port, registered in the service registry, used by external services to communicate with services in this node #externalPort: 8082 ## An internal port used for internal Traefik (and Router) REST API #traefikApiPort: 8049 ## An internal port used for Router's gRPC API #grpcPort: 8047 ## Service registry (Access) communication settings serviceRegistry: ## Service registry (Access) TLS verification skipped if enabled #insecure: false ## Service registry (Access) request timeout #requestTimeout: 15s ## Topology related settings topology: ## Local topology settings local: ## Settings for checking the health of local services healthCheck: ## Duration between health checks #interval: 5s ## Health check request timeout #requestTimeout: 5s ## The number of consecutive successful health checks that must occur before declaring an instance healthy #healthyThreshold: 2 ## The number of consecutive failed health checks that must occur before declaring an instance unhealthy #unhealthyThreshold: 2 ## External topology settings external: ## Settings for refreshing the router with external topology from the service registry refresh: ## Refresh interval #interval: 3s ## The maximum duration a service can be considered as healthy since its last heartbeat #maxStaleHeartbeat: 30s ## Support bundle aggregation settings supportBundle: ## The maximum duration support bundle aggregation is allowed before it is automatically cancelled #aggregationTimeout: 1h ## Logging settings logging: ## Router log settings application: ## The log level: error, warning, info, debug, trace #level: "info" ## The log format: jftext, json #format: "jftext" ## Whether to include the caller information (runtime frame) #caller: false ## Whether to print the log also to stdout #console: true ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 #intervalSecs: 10 ## Traefik log settings traefik: ## The log level: error, warning, info, debug, trace #level: "info" ## The log format: jftext, json #format: "jftext" ## Whether to include the caller information (runtime frame) #caller: false ## Whether to print the log also to stdout #console: true ## Log rotation settings rotation: #compress: true #maxSizeMb: 25 #maxAgeDays: 0 #maxFiles: 10 ## Request log settings request: ## If true, request log will contain additional information ## This may result in a slight performance overhead #verbose: false ## Log rotation settings rotation: #compress: true #maxSizeMb: 100 #maxAgeDays: 0 #maxFiles: 10 ## Add any custom environment variables to be passed to this service ## Environment variables starting with JF_ are not allowed, will be ignored with a warning if it is added env: #EXAMPLE_VAR: example-value #LD_LIBRARY_PATH: /usr/lib64 ## Ephemeral storage is supported from Xray 3.82.10. You can now configure JAS pod resources. executionService: cpuRequest: '1.5' cpuLimit: '3.0' memRequest: '4Gi' memLimit: '16Gi' ephemeralStorageRequest: '20Gi' ephemeralStorageLimit: '40Gi' platformCertificatePath: "/path/to/certificate.pem"