Categories
gcp JFrog Kubernetes

JFrog Xray on GKE with Google SQL

Series

This is part of a series of JFrog blogs that will help guide you through installing their new Unified Platform.

General

https://github.com/jfrog/charts/tree/master/stable/xray

Add Repo

helm repo add jfrog https://charts.jfrog.io

Update repo

helm repo update

Join Key & JFrog URL

https://www.jfrog.com/confluence/display/JFROG/General+Security+Settings#GeneralSecuritySettings-ViewingtheJoinKey

In order to install Xray, you will need at least one Join Key and JFrog URL from an Artifactory installation.

Go to Artifactory.

Security → Settings

Under Connection details, enter your password and click Unlock.

Copy the Join Key.

Create Join Key.

export JOIN_KEY=[JOIN_KEY]

Helm

--set xray.joinKey=${JOIN_KEY} \
--set xray.jfrogUrl=${JFROG_URL} \

Master Key

Create Master Key.

export MASTER_KEY=$(openssl rand -hex 32)

Helm

--set xray.masterKey=${MASTER_KEY} \

Google SQL

Create a Google PostgreSQL 9.6 database with a user and database named xray.

export POSTGRESQL_USER=xray
export POSTGRESQL_HOST=[POSTGRES_IP]
export POSTGRESQL_PORT=5432
export POSTGRESQL_DATABASE=xray
export POSTGRESQL_PASSWORD=[POSTGRES_PASSWORD]
export XRAY_POSTGRESQL_CONN_URL="postgres://${POSTGRESQL_HOST}:${POSTGRESQL_PORT}/${POSTGRESQL_DATABASE}?sslmode=disable"

Helm

--set postgresql.enabled=false \
--set database.url="${XRAY_POSTGRESQL_CONN_URL}" \
--set database.user=${POSTGRESQL_USER}\
--set database.password=${POSTGRESQL_PASSWORD} \

RabbitMQ

Create password.

export RABBITMQ_PASSWORD=`openssl rand -base64 32`

Helm

--set rabbitmq-ha.rabbitmqPassword=${RABBITMQ_PASSWORD} \

Resources & Limits

Add recommended resources and limits

I’m using the values-large.yaml option as the recommended resources and limits. You can choose from values-small.yaml, values-medium.yaml or values-large.yaml.

Download values-large.yaml.

wget https://raw.githubusercontent.com/jfrog/charts/master/stable/xray/values-large.yaml

Install

helm install xray \
  --set xray.joinKey=${JOIN_KEY} \
  --set xray.jfrogUrl=${JFROG_URL} \
  --set xray.masterKey=${MASTER_KEY} \
  --set postgresql.enabled=false \
  --set database.url="${XRAY_POSTGRESQL_CONN_URL}" \
  --set database.user=${POSTGRESQL_USER}\
  --set database.password=${POSTGRESQL_PASSWORD} \
  --set rabbitmq-ha.rabbitmqPassword=${RABBITMQ_PASSWORD} \
  --set server.replicaCount=4 \
  -f values-large.yaml \
  -n jfrog \
  --version 3.3.2 \
  jfrog/xray

rabbitmq-ha

The replicaCount within the values-large.yaml did not take, so I had to do it manually.

kubectl scale statefulsets xray-xray-server --replicas=4 -n jfrog

Uninstall

helm uninstall xray -n jfrog && sleep 180 && kubectl delete pvc -l release=xray -n jfrog

Delete SQL database.

gcloud sql instances delete [INSTANCE_NAME]
Comments

By Tommy Elmesewdy

DevOps Engineer