ARTIFACTORY: How to Use an AWS Application Load Balancer in Front of an Artifactory Docker Repository

Joey Naor
2021-01-31 07:56

ARTIFACTORY: How to Use an AWS Application Load Balancer in Front of an Artifactory Docker Repository

To properly handle heavy traffic in certain architectures, it’s recommended to use a load balancer in front of your Docker repositories. Following are setup and configuration instructions for an AWS Application Load Balancer (ALB) in front of an Artifactory virtual Docker repository, using the Port Method.

User-added image

Configuring “Port Method” in order to access our virtual Docker repository via a designated port:

In order to use a Load Balancer in front of our Docker repository, we will first need to configure a reverse proxy between the two.

The first thing you’ll need to do is to configure a reverse proxy between your Docker repository and the AWS ALB:

  1. In Artifactory 7.x, navigate to Administration > Artifactory > General > HTTP Settings > Docker Access Method (in Artifactory 6.x and under navigate to Admin > Configuration > HTTP Settings), choose the Port Method, and save the settings.
  2. Navigate to Administration (in 6.x and under, Admin) > Repositories > Virtual > {Docker repo} > Advanced Tab > Registry Port and enter a port of your choosing (for this example, we’ll be using port 7777), and save the settings.
  3. Go back to the HTTP settings, select your desired reverse proxy (for this example, we’ll be using Nginx), click Save, and choose either View or DownloadUser-added image
  4. Make sure that the snippet contains your designated Docker port before applying it to the reverse proxy settings:User-added image
  5. After applying the changes to the reverse proxy (and restarting it), test to see if you have a direct connection between your Docker client and the Docker repository. Don’t forget to add an inbound rule for your desired port in the AWS's EC2 instance Security Group, which will thus allow incoming connections to that port.

For the sake of this example, we’ll conduct a test using a simple login: $ docker login <Artifactory's IP>:7777followed by pulling an image called hello-world:$ docker pull <Artifactory's IP>:7777/hello-world
Creating & Configuring Your Load Balancer
In the AWS Dashboard, navigate to Resources > Load Balancers > Create Load Balancer > Application Load Balancer > Create and follow these configuration steps:

Step 1: Configure Your Load Balancer
Unless your load balancer is only for internal users, under Scheme, make sure you choose Internet-facing and that your chosen Virtual Private Cloud (VPC) includes your EC2 Artifactory instance. Additionally, under Listeners, choose the same port as the one you configured for your virtual Docker repository.

Step 2: Configure Your Security Settings
If, in Step 1, you chose SSL for your port, configure your certificate, accordingly.

Step 3: Configure Your Security Groups
Make sure that you choose a Security Group that allows inbound traffic to your Docker port.

Step 4: Configure Your Routing
Under Target Groups, create a new group that will later include the EC2 instance where your reverse proxy and Artifactory are hosted, and enter your Docker port:

User-added image

Step 5: Register Your Targets
Add your EC2 instance along with your designated port:
User-added image

Published: Sept. 29, 2020
Last updated: Jan. 25, 2021

Keywords: Docker, port method, AWS ALB, reverse proxy