Series
This is part of a series of JFrog blogs that will help guide you through installing their new Unified Platform.
General
https://github.com/jfrog/charts/tree/master/stable/artifactory-ha
Installing Edge is the exact same steps as installing Artifactory. The only difference is the license.
Add repo
helm repo add jfrog https://charts.jfrog.ioUpdate repo
helm repo updateGoogle Cloud Storage
Go to https://console.cloud.google.com/storage/settings and click the Interoperability tab.
Storage → Settings
Scroll down and click Create a key. This will provide you with an Access key and Secret.
GCP_ID=[ACCESS_KEY]
GCP_KEY=[SECRET]This will create a bucket called artifactory-ha-edge.
Helm
--set artifactory.persistence.type=google-storage \
--set artifactory.persistence.googleStorage.bucketName=artifactory-ha-edge \
--set artifactory.persistence.googleStorage.identity=${GCP_ID} \
--set artifactory.persistence.googleStorage.credential=${GCP_KEY} \Google SQL
Create a Google PostgreSQL 11 database with a user and database named artifactory-ha-edge.
Create a secret
Create a secret including your database username, password, and URL.
kubectl create secret generic artifactory-ha-edge-db \
--from-literal=user=artifactory-ha-edge \
--from-literal=password='${PASSWORD}' \
--from-literal=url=jdbc:postgresql://${POSTGRESQL_IP}:5432/artifactory-ha-edge \
-n jfrogHelm
--set postgresql.enabled=false \
--set database.type=postgresql \
--set database.driver=org.postgresql.Driver \
--set database.secrets.url.name=artifactory-ha-edge-db \
--set database.secrets.url.key=url \
--set database.secrets.user.name=artifactory-ha-edge-db \
--set database.secrets.user.key=user \
--set database.secrets.password.name=artifactory-ha-edge-db \
--set database.secrets.password.key=password \SSL Certificate
I use Cert-Manager to manage my SSL Certificates.
cat <<EOF | kubectl create -f -
apiVersion: certmanager.k8s.io/v1alpha1
kind: Certificate
metadata:
name: edge-your-domain-com-tls
namespace: jfrog
spec:
secretName: edge-your-domain-com-tls
commonName: edge.yourdomain.com
dnsNames:
- '*.edge.yourdomain.com'
issuerRef:
name: letsencrypt
kind: ClusterIssuer
EOFHelm
--set nginx.tlsSecretName=edge-your-domain-com-tls \Master Key
Create master key
export MASTER_KEY=$(openssl rand -hex 32)Helm
--set artifactory.masterKeySecretName=artifactory-ha-edge-master-key \Join Key
You should be using the same join key as Artifactroy HA. In my case, the secret has already been generated within the same namespace, so there is no reason for me to create another one.
Helm
--set artifactory.joinKeySecretName=artifactory-ha-join-key \Nginx conf
Download my nginx config and update yourdomain.com to your domain.
wget https://raw.githubusercontent.com/itsmetommy/jfrog/master/artifactory-ha-edge/artifacory.confCreate custom nginx configmap.
kubectl create configmap artifactory-ha-nginx-custom-edge-artifactory-conf \
--from-file artifactory.conf \
-n jfrogHelm
--set nginx.customArtifactoryConfigMap=artifactory-ha-nginx-custom-edge-artifactory-conf \Resources & Limits
Add recommended resources and limits
I’m using the values-large.yaml option as the recommended resources and limits. You can choose from values-small.yaml, values-medium.yaml or values-large.yaml.
Download values-large.yaml.
wget https://raw.githubusercontent.com/jfrog/charts/master/stable/artifactory-ha/values-large.yamlHelm
-f values-large.yaml \Install
Update the version.
helm install artifactory-ha-edge \
--set initContainers.resources.requests.cpu="10m" \
--set initContainers.resources.limits.cpu="250m" \
--set initContainers.resources.requests.memory="64Mi" \
--set initContainers.resources.limits.memory="128Mi" \
--set nginx.resources.requests.cpu="100m" \
--set nginx.resources.limits.cpu="250m" \
--set nginx.resources.requests.memory="250Mi" \
--set nginx.resources.limits.memory="500Mi" \
--set postgresql.enabled=false \
--set database.type=postgresql \
--set database.driver=org.postgresql.Driver \
--set database.secrets.url.name=artifactory-ha-edge-db \
--set database.secrets.url.key=url \
--set database.secrets.user.name=artifactory-ha-edge-db \
--set database.secrets.user.key=user \
--set database.secrets.password.name=artifactory-ha-edge-db \
--set database.secrets.password.key=password \
--set artifactory.persistence.type=google-storage \
--set artifactory.persistence.googleStorage.bucketName=artifactory-ha-edge \
--set artifactory.persistence.googleStorage.identity=${GCP_ID} \
--set artifactory.persistence.googleStorage.credential=${GCP_KEY} \
--set artifactory.masterKeySecretName=artifactory-ha-edge-master-key \
--set artifactory.joinKeySecretName=artifactory-ha-join-key \
--set nginx.tlsSecretName=edge-salescloud-dev-sap-tls \
--set nginx.replicaCount=3 \
--set nginx.customArtifactoryConfigMap=artifactory-ha-nginx-custom-edge-artifactory-conf \
-f values-large.yaml \
--namespace jfrog \
--version 2.4.10 \
jfrog/artifactory-haDNS
Add DNS entries from the artifactory-ha-edge-nginx service external IP.
kubectl get svc artifactory-ha-edge-nginx -n jfrog- edge.yourdomain.com
- *.edge.yourdomain.com
Connect
open https://edge.yourdomain.com
Add License
Go to jfrog.yourdomain.com
Go to Artifactory.
Administration tab → Platform Deployments → + Register Platform Deployment
Go to edge.yourdomain.com
Go to Edge and get the Join Key.
Go back to jfrog.yourdomain.com
Go to Artifactory and enter in the details of your Edge instance.
Now that you’ve added your Edge instance, attach the license.
Add the Edge License Bucket: Administration → License Buckets → + Add New Bucket.
Attach the licenses: Administration → License → Click the down arrow within the EDGE license → Attach License.
Choose the number of licenses you’d like to add and click Attach License.
Go to edge.yourdomain.com
Go to your Edge instance and confirm that the licenses have been added.
Administration → Licenses → Licenses.
Uninstall
helm uninstall artifactory-ha-edge -n jfrog && \
sleep 90 && \
for h in `kubectl get pvc -l app=artifactory-ha -n jfrog | grep volume-artifactory-ha-edge | awk '{print $1}'`;do kubectl delete pvc $h -n jfrog;done
gsutil rm -r gs://[BUCKET_NAME]
gcloud sql instances delete [INSTANCE_NAME]