Installing Artifactory

Single Node Installation

The following installation methods are supported:

• Linux Archive
• Docker
• Docker Compose
  Docker Compose Volumes
• RPM
• Debian
• Helm
• Mac(Darwin)
• Windows

Linux Archive Installation

1. Create a JFrog Home directory and move the downloaded installer archive into that directory, for example:
   

   mkdir jfrog
   mv jfrog-artifactory-<pro|oss|cpp-ce>-<version>-linux.tar.gz jfrog
   cd jfrog

   
   

2. Set the JFrog Home environment variable

   export JFROG_HOME=<full path of the jfrog directory>

   To learn more about the system variable JFROG_HOME, click below.
   

    JFrog Product Directory Structure

   Product	Environment Variable	Linux/Windows Archive	RPM/Debian	Docker Container	Docker Host
   JFrog Home	JFROG_HOME	<extracted directory>	/opt/jfrog	/opt/jfrog	ROOT_DATA_DIR * Note: Defined and customized in the .env file Default value: ~/.jfrog
   Application	JFROG_HOME/<product>/app	<extracted directory>/<product>/app	/opt/jfrog/<product>/app	/opt/jfrog/<product>/app	-
   Data	JFROG_HOME/<product>/var	<extracted directory>/<product>/var	/var/opt/jfrog/<product>/var * 1. Note: symbolic link	/var/opt/jfrog/<product>/var	ROOT_DATA_DIR/var * Default value: ~/.jfrog/<product>/var

   ^* Directory is customizable

   ^1. Customizing the RPM/Debian JFrog product data

   There are 2 ways to customize the data folder:

   1. Manual Option: Create a symbolic link from your custom folders to the default folders. For example, $JFROG_HOME/artifactory/var → /mnt/artifactory/var .
   2. Environment Variable Option: Set the JF_PRODUCT_VAR environment variable to point to a custom location in your system's environment variables files. See Ubuntu System environment variables for reference.

   Generic Directory Layout

   This is a generic directory layout for all JFrog products.

   JFROG_HOME
     └── <product>
        ├── app
        │   ├── bin
        │   ├── run
        │   ├── doc
        │   ├── <third-party>
        │   │   ├── java
        │   │   ├── yq
        │   │   └── others
        │   └── <service>
        │   │   ├── bin
        │   │   └── lib
        │   └── misc
        │
        └── var
           ├── backup
           │   └── <service>
           ├── bootstrap
           │   └── <service>
           ├── data
           │   └── <service>
           ├── etc
           │   ├── system.yaml
           │   ├── <service>
           │   └── security
           │       └──master.key
           │       └──join.key
           ├── log
           │   └── <service logs>
           │   └── archived
           │       └── <archived service logs>
           └── work
               └── <service>
   
   

3. Extract the contents of the compressed archive and move it into the artifactory directory.
   

   tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-linux.tar.gz
   mv artifactory-<pro|oss|cpp-ce>-<version> artifactory

4. Customize the product configuration (optional) including database, Java Opts, and filestore.

5. Run Artifactory as a foreground, background process, or as a service.
   As a Process
   Run Artifactory as a foreground or daemon process: When when running as a foreground process, the console will be locked and the process can be stopped at any time.

   Foreground Process

   $JFROG_HOME/artifactory/app/bin/artifactoryctl

   Daemon Process

   $JFROG_HOME/artifactory/app/bin/artifactoryctl start

   Manage the process.

   $JFROG_HOME/artifactory/app/bin/artifactoryctl check|stop

   As a Service

   Artifactory is packaged as an archive file with a bundled Tomcat, and a complete install script that can be used to install it as a service running under a custom user. Currently supported on Linux and Solaris systems.

   OS User Permissions

   When running Artifactory as a service, the installation script creates a user called artifactory which must have run and execute permissions on the installation directory.

   It is recommended to extract the Artifactory download file into a directory that gives run and execute permissions to all users such as /opt.

   To install Artifactory as a service, browse to the $JFROG_HOME/artifactory/app/bin directory and execute the following command as root:

   # USER (optional) - the user you want application to run as (default = artifactory)
   # GROUP (optional) - the group with which the application will run as. (default = artifactory)
   $JFROG_HOME/artifactory/app/bin/installService.sh [USER [GROUP]]

   To manage the service, use systemd or init.d commands depending on your system.

   Using systemd

    systemctl <start|stop|status> artifactory.service

   Using init.d

   service artifactory <start|stop|check>

   If Artifactory is running, you should see its pid , if not, you will see a list of environment variables used by the service.

6. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

7. Check Artifactory Log.

   tail -f $JFROG_HOME/artifactory/var/log/console.log

   Configuring the Log Rotation of the Console Log

   The console.log file can grow quickly since all services write to it. Learn more on how to configure the log rotation.

Docker Installation

1. Create your Artifactory home directory and an empty system.yaml file. The user creating the folder should be the user running the docker run.

   The following steps assume that $JFROG_HOME environment variable is created in the system. For the correct location of $JFROG_HOME, see to System Directories - JFrog Product Directory Structure

   mkdir -p $JFROG_HOME/artifactory/var/etc/
   cd $JFROG_HOME/artifactory/var/etc/
   touch ./system.yaml
   chown -R $UID:$GID $JFROG_HOME/artifactory/var
   chmod -R 777 $JFROG_HOME/artifactory/var

2. Customize the product configuration (optional) including database, Java Opts, and filestore.
   

   For Docker installations, verify that the host's ID shared.node.id and IP shared.node.ip are added to the system.yaml. 
   If these are not manually added, they are automatically resolved as the the container's IP, meaning other nodes and services will not be able to reach this instance.

3. Start the Artifactory container using the process that is relevant for your system.

   • Artifactory Pro
   • Artifactory Open Source
   • Artifactory Community Edition for C/C++

   docker run --name artifactory -v $JFROG_HOME/artifactory/var/:/var/opt/jfrog/artifactory -d -p 8081:8081 -p 8082:8082 releases-docker.jfrog.io/jfrog/artifactory-pro:latest

   docker run --name artifactory -v $JFROG_HOME/artifactory/var/:/var/opt/jfrog/artifactory -d -p 8081:8081 -p 8082:8082 releases-docker.jfrog.io/jfrog/artifactory-oss:latest

   docker run --name artifactory -v $JFROG_HOME/artifactory/var/:/var/opt/jfrog/artifactory -d -p 8081:8081 -p 8082:8082 releases-docker.jfrog.io/jfrog/artifactory-cpp-ce:latest

   Exposing Multiple Ports

   The Docker run command exposes more than one port: 8081 for Artifactory REST APIs and 8082 for all other uses.

4. Manage Artifactory using native Docker commands.

   Examples

   docker ps
   docker stop artifactory

5. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

6. Check the Artifactory log.

   docker logs -f artifactory

   Configuring the Log Rotation of the Console Log

   The console.log file can grow quickly since all services write to it. Learn more on how to configure log rotation.

Docker Compose Installation

1. Go to the download page, click the green arrow to download Docker Compose. Extract the contents of the compressed archive (.tar.gz file) and then go to the extracted folder.
   

   tar -xvf jfrog-artifactory-<pro|oss|jcr|cpp-ce>-<version>-compose.tar.gz

   .env file included within the Docker-Compose archive

   This .env file is used by docker-compose and is updated during installations and upgrades.

   Notice that some operating systems do not display dot files by default. If you make any changes to the file, remember to backup before an upgrade.

2.  Run the script to setup folders with required ownership. This is an interactive script.

   ./config.sh

3. Customize the product configuration (optional) including database, Java Opts, and filestore. Depending on your choices, a selected docker-compose.yaml will be available in the extracted folder. However, there are a few docker-compose templates in the directory templates. You can choose any template and copy it to the extracted folder as docker-compose.yaml. 
   

   For Docker installations, verify that the host's ID shared.node.id and IP shared.node.ip are added to the system.yaml. 

   If these are not manually added, they are automatically resolved as the the container's IP, meaning other nodes and services will not be able to reach this instance.

   
   

4. Manage Artifactory using native Docker Compose commands, docker-compose -p rt <action> command.
   Run this command from the extracted folder.

   Examples

   # Starting from 7.8.x, PostgreSQL needs to be started before starting the other services.
   docker-compose -p rt-postgres -f docker-compose-postgres.yaml up -d
   docker-compose -p rt up -d
   docker-compose -p rt ps
   docker-compose -p rt down

5. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/. 
   

6. Check Artifactory Log.

   docker-compose -p rt logs

   Configuring the Log Rotation of the Console Log

   The console.log file can grow quickly since all services write to it. This file is not log rotated for Darwin installations. Learn more on how to configure the log rotation.

Docker Compose Installation Using Docker Volumes

1. Create Docker volumes.

   docker volume create --name=artifactory_data
   docker volume create --name=postgres_data

2. Extract the contents of the compressed archive and go to the extracted folder.

   tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-compose.tar.gz

3. Copy the docker-compose-volumes.yaml to the extracted folder.

   cp templates/docker-compose-volumes.yaml docker-compose.yaml

4. Add the entries in the .env file.       
   Avoid adding duplicate entries in the .env file.

   echo -e "JF_SHARED_NODE_IP=$(hostname -i)" >> .env
   echo -e "JF_SHARED_NODE_ID=$(hostname -s)" >> .env
   echo -e "JF_SHARED_NODE_NAME=$(hostname -s)" >> .env

5. Manage Artifactory using native Docker Compose commands: docker-compose -p rt <action> command.
   Run this command from the extracted folder.

   Examples

   docker-compose -p rt up -d
   docker-compose -p rt ps
   docker-compose -p rt down

RPM Installation

1. Install Artifactory as a service on Red Hat compatible Linux distributions, as a root user.
   

   yum install -y jfrog-artifactory-<pro|oss|cpp-ce>-<version>.rpm

2. Customize the product configuration (optional) including database, Java Opts, and filestore.

3. Manage Artifactory using the following commands.

   service artifactory start|stop

4. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

5. Check Artifactory Log.

   tail -F $JFROG_HOME/artifactory/var/log/console.log

Debian Installation

1. Install Artifactory as a service on compatible Linux distributions, as a root user.

   dpkg -i jfrog-artifactory-<pro|oss|cpp-ce>-<version>.deb

2. Customize the product configuration (optional) including database, Java Opts, and filestore.

3. Manage Artifactory using the following commands.

   service artifactory start|stop|status

4. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

5. Check Artifactory Log.

   tail -F $JFROG_HOME/artifactory/var/log/console.log

Helm Installation 

1. Add the ChartCenter Helm repository to your Helm client.
   

   helm repo add jfrog https://charts.jfrog.io
   

2. Update the repository.
   

   helm repo update

3. Create a unique Master Key (Artifactory requires a unique master key) pass it to the template during installation.
   

   Custom Master Key in Production Installations

   For production grade installations it is strongly recommended to use a custom master key. If you initially use the default master key it will be very hard to change the master key at a later stage. Therefore, generate a unique key and pass it to the template at install/upgrade time.

   # Create a key
   export MASTER_KEY=$(openssl rand -hex 32)
   echo ${MASTER_KEY}

   Alternatively, you can manually create a secret containing the master key and pass it to the template during installation.

   # Create a key
   export MASTER_KEY=$(openssl rand -hex 32)
   echo ${MASTER_KEY}
   
   # Create a secret containing the key. The key in the secret must be named master-key
   kubectl create secret generic my-masterkey-secret -n artifactory --from-literal=master-key=${MASTER_KEY}

   In either case, make sure to pass the same master key on all future calls to Helm install and Helm upgrade. This means always passing --set artifactory.masterKey=${MASTER_KEY} (for the custom master key) or --set artifactory.masterKeySecretName=my-masterkey-secret (for the manual secret) and verifying that the the contents of the secret remain unchanged.

4. Next, create a unique join key: By default the chart has one set in the values.yaml (artifactory.joinKey). However, this  key is for demonstration purposes only and should not be used in a production environment. Generate a unique key and pass it to the template during installation.

   # Create a key
   export JOIN_KEY=$(openssl rand -hex 32)
   echo ${JOIN_KEY}

   Alternatively, you can manually create a secret containing the join key and pass it to the template during installation.
   
   

   # Create a key
   export JOIN_KEY=$(openssl rand -hex 32)
   echo ${JOIN_KEY}
   
   # Create a secret containing the key. The key in the secret must be named join-key
   kubectl create secret generic my-joinkey-secret -n artifactory --from-literal=join-key=${JOIN_KEY}

   In either case, make sure to pass the same join key on all future calls to Helm install and Helm upgrade. This means always passing --set artifactory.joinKey=${JOIN_KEY} (for the custom join key) or --set artifactory.joinKeySecretName=my-joinkey-secret (for the manual secret) and verifying that the the contents of the secret remain unchanged.

5. Install the chart with the release name artifactory and with master key and join key.


   helm upgrade --install artifactory --set artifactory.masterKey=${MASTER_KEY} --set artifactory.joinKey=${JOIN_KEY} --namespace artifactory jfrog/artifactory

   If you are using an internal PostgreSQL, it is recommended to change the PostgreSQL password. For more information, see Helm Charts for Advanced Users - Auto-generated Passwords (Internal PostgreSQL).

6. Connect to Artifactory.
   

   It may take a few minutes for Artifactory's public IP to become available. Follow the instructions that are output by the install command above to get the Artifactory IP to access it. Below you will find a sample instruction of what to look for to pick the URL to reach Artifactory (in the example below, art77 is the release name and art is the namespace).
   

   Congratulations. You have just deployed JFrog Artifactory.
   1. Get the Artifactory URL by running these commands:
      NOTE: It may take a few minutes for the LoadBalancer IP to be available.
            You can watch the status of the service by running 'kubectl get svc --namespace art -w art77-artifactory-nginx'
      export SERVICE_IP=$(kubectl get svc --namespace art art77-artifactory-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
      echo http://$SERVICE_IP/
   2. Open Artifactory in your browser
      Default credential for Artifactory:
      user: admin
      password: password

7. To access the logs, find the name of the pod using this command.

   kubectl --namespace <your namespace> get pods

8. To get the container logs, run the following command.

   kubectl --namespace <your namespace> logs -f <name of the pod>

9. Optional Steps

   1. Customize the product configuration including database, Java Opts, and filestore.
      

      Filestore Options

      Helm filestore (storage) installations require certain modifications; for more information, see Advanced Storage Options.

      Unlike other installations, Helm Chart configurations are made to the values.yaml and are then applied to the system.yaml.

      Follow these steps to apply the configuration changes.

      1. Make the changes to values.yaml. 

      2. Run the command.
         

         helm upgrade --install artifactory -n artifactory -f values.yaml

   2. To configure Artifactory for Helm, you will need to override the default system.yaml configuration. For more information, see Overriding the Default System YAML File.

   3. By default, Helm deploys Artifactory with PostgreSQL (running in a separate pod). It is possible to deploy Artifactory without PostgreSQL (or any other external database), which will default to the embedded Derby database.

      # Disable the default postgresql
      helm upgrade --install artifactory --set postgresql.enabled=false -n artifactory center/jfrog/artifactory

Mac (Darwin) Installation

1. Create a JFrog Home directory and move the downloaded installer archive into that directory, for example:
   

   mkdir jfrog
   mv jfrog-artifactory-<pro|oss|cpp-ce>-<version>-darwin.tar.gz jfrog
   cd jfrog

2. Set the JFrog Home environment variable
   

   export JFROG_HOME=<full path of the jfrog directory>

3. Extract the contents of the compressed archive and move it into artifactory directory.
   

   tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-darwin.tar.gz
   mv artifactory-<pro|oss|cpp-ce>-<version> artifactory
   chmod -R 777 $JFROG_HOME/artifactory/var

4. Customize the product configuration (optional) including database, Java Opts, and filestore.

5. Run Artifactory as a foreground or a background process.

   When running as a foreground process, the console will be locked and the process can be stopped at any time.

   Foreground Process

   $JFROG_HOME/artifactory/app/bin/artifactoryctl

   Daemon Process

   $JFROG_HOME/artifactory/app/bin/artifactoryctl start

   Manage the process.

   $JFROG_HOME/artifactory/app/bin/artifactoryctl check|stop

6. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

7. Check Artifactory Log.

   tail -f $JFROG_HOME/artifactory/var/log/console.log

   Configuring the Log Rotation of the Console Log

   The console.log file can grow quickly since all services write to it. This file is not log rotated for Darwin installations. Learn more on how to configure log rotation.

Windows Installation

1. Create a JFrog Home directory and move the downloaded installer archive into that directory, for example:
   

   mkdir jfrog
   move jfrog-artifactory-<pro|oss|cpp-ce>-<version>-windows.zip jfrog
   cd jfrog

2. Set the JFrog Home environment variable
   

   set JFROG_HOME=<full path of the jfrog directory>

3. Extract the contents of the compressed archive and go to the extracted folder. Define the path to this folder as an environment variable called JFROG_HOME.
   

   # Extract jfrog-artifactory-<pro|oss|cpp-ce>-<version>-windows.zip into jfrog folder
   move artifactory-<pro|oss|cpp-ce>-<version> artifactory

4. Install Artifactory manually or as a service.
   Manual Installation
   Browse to %JFROG_HOME%\artifactory\app\bin and execute the file artifactory.bat.
   

   Security settings

   Depending on the security settings under Windows, you might need to run artifactory.bat using 'Run as administrator'

   Service Installation
   Browse to %JFROG_HOME%\artifactory\app\bin, and execute the file InstallService.bat.
   

   Security

   Windows 8 implements strict User Account Control (UAC). You must either disable UAC or right-click on cmd.exe and select "Run as administrator" in order to run this script.

   Firewall Alerts for first time Artifactory Windows Installation

   When starting Artifactory, you may get some firewall exception messages. Please select private networks and allow access to continue working.

5. Customize the product configuration (optional) including database, Java Opts, and filestore.

6. Manage Artifactory using the following commands, in a Command Prompt window.

   sc start|stop|query artifactory

7. Check Artifactory Log in the %JFROG_HOME%\artifactory\var\log\artifactory-service.log file.

HA Installation

The following describes how to set up an Artifactory HA cluster with more than one node. For more information about HA, see JFrog High Availability.

Prerequisites

All nodes within the same Artifactory HA installation must be running the same Artifactory version.

Database

Artifactory HA requires an external database, and currently supports the following databases: Oracle, MySQL, MS SQL and PostgreSQL.

Make sure you have completed setting up your external database before proceeding to install the cluster nodes. The database connection details are used for each node installation.

Licensing

Artifactory HA is supported with an Enterprise License. Each node in the cluster must be activated with a different license.

Before adding any additional node, please add each additional node's license using the node that is already running.

Load Balancer

Artifactory HA requires a dedicated Load Balancer. The load balancer should be installed once all of the cluster nodes are up and running. It is the responsibility of your organization to manage and configure it correctly.

Network

• All the Artifactory HA components (Artifactory cluster nodes, database server and load balancer) must be within the same fast LAN.
• All the HA nodes must communicate with each other through dedicated TCP ports.
• Network communications between the cluster nodes must be enabled for each of the nodes.

The following installation methods are supported:

• Linux Archive / Docker / RPM / Debian / Windows HA Installation
• Docker Compose HA Installation
• Helm HA Installation

HA is not supported for Mac (Darwin) installation

Linux Archive/Docker/RPM/Debian/Windows HA Installation

1. Install the cluster nodes according to the single node installation. Important: make sure not to start Artifactory.

2. Configure the system.yaml file with the database and node configuration details. For example: 
   

   Node system.yaml

   shared: 
     database: 
       driver: org.postgresql.Driver
       password: password
       type: postgresql
       url: "jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory"
       username: artifactory
     node: 
       haEnabled: true
       taskAffinity: any

3. Optional: You can now configure the binarystore.xml in $JFROG_HOME/artifactory/var/etc/artifactory. If the directory and file do not exist, you can create them yourself.

   <config version="2">
       <chain template="cluster-file-system"/>
   </config>

4. Start the node.

   service artifactory start

   Docker

   $ docker run --name artifactory -v $JFROG_HOME/artifactory/var/:/var -d -p 8081:8081 -p 8082:8082 releases-docker.jfrog.io/jfrog/artifactory-<pro|oss|cpp-ce>:latest    

   Windows

   sc start artifactory

   For a node to join a cluster, the nodes must have the same database configuration and the Master Key.

5. Install the additional nodes following the steps above.
6. Copy the master.key from the first node to the additional nodes located at $JFROG_HOME/artifactory/var/etc/security/master.key.

7. Start the additional nodes.

8. Check the Artifactory log.

shared:
  node:
    id: "MyNodeID"
    ip: "10.1.2.3"

shared: 
  database: 
    driver: org.postgresql.Driver
    password: password
    type: postgresql
    url: "jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory"
    username: artifactory
  node: 
    haEnabled: true
    taskAffinity: none

Docker Compose HA Installation

Use the Docker Compose script with the following commands to easily set up your HA instance. Make sure to install the database and each Artifactory cluster node on different nodes.

1. Go to the download page, click the green arrow to download Docker Compose. Extract the contents of the compressed archive (.tar.gz file) and then go to the extracted folder.
   

   tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-compose.tar.gz

   .env file included within the Docker-Compose archive

   This .env file is used by docker-compose and is updated during installations and upgrades.

   Notice that some operating systems do not display dot files by default. If you make any changes to the file, remember to backup before an upgrade.

2. Run the config.sh script to setup folders with required ownership. This is an interactive script.

   ./config.sh

3. Configure the system.yaml file with the node's configuration details.

   Node system.yaml

   shared:
     node:
       haEnabled: true
       taskAffinity: any

4. Customize any additional product configuration (optional) including, Java Opts and filestore.

5. Start Artifactory using docker-compose commands. 
   Run this command only from the extracted folder.

   # Starting from 7.8.x, PostgreSQL needs to be started before starting the other services.
   docker-compose -p rt-postgres -f docker-compose-postgres.yaml up -d
   docker-compose -p rt up -d
   docker-compose -p rt ps
   docker-compose -p rt down

6. Access Artifactory from your browser at: http://SERVER_HOSTNAME/ui/. For example, on your local machine: http://localhost/ui/.
   For a node to join a cluster, the nodes must have the same database configuration and the Master Key.

7. Install the additional nodes following the steps above.
8. Copy the master.key from the first node to the additional nodes located at $JFROG_HOME/artifactory/var/etc/security/master.key.

9. Start the additional nodes.

10. Check the Artifactory log.
    

    docker-compose  -p rt logs

shared:
  node:
    id: "MyNodeID"
    ip: "10.1.2.3"

shared: 
  database: 
    driver: org.postgresql.Driver
    password: password
    type: postgresql
    url: "jdbc:postgresql://<your db url, for example: localhost:5432>/artifactory"
    username: artifactory
  node: 
    haEnabled: true
    taskAffinity: none

Helm HA Installation

The Helm HA installation can be installed so that each node you install can run all tasks in the cluster.

1. Add the ChartCenter Helm repository to your Helm client.
   

   helm repo add jfrog https://charts.jfrog.io 
   

2. Create a unique Master Key (Artifactory requires a unique master key) pass it to the template during installation.

   Custom Master Key in Production Installations

   For production grade installations it is strongly recommended to use a custom master key. If you initially use the default master key it will be very hard to change the master key at a later stage. Therefore, generate a unique key and pass it to the template at install/upgrade time.

   # Create a key
   export MASTER_KEY=$(openssl rand -hex 32)
   echo ${MASTER_KEY}

   Alternatively, you can create a secret containing the master key manually and pass it to the template during installation.

   # Create a secret containing the key. The key in the secret must be named master-key
   kubectl create secret generic my-masterkey-secret -n artifactory --from-literal=master-key=${MASTER_KEY}

   In either case, make sure to pass the same master key on all future calls to Helm install and Helm upgrade. This means always passing --set artifactory.masterKey=${MASTER_KEY} (for the custom master key) or --set artifactory.masterKeySecretName=my-masterkey-secret (for the manual secret) and verifying that the the contents of the secret remain unchanged.

3. Next, create a unique join key: By default the chart has one set in the values.yaml (artifactory.joinKey). However, this  key is for demonstration purposes only and should not be used in a production environment. Generate a unique key and pass it to the template during installation.

   # Create a key
   export JOIN_KEY=$(openssl rand -hex 32)
   echo ${JOIN_KEY}

   Alternatively, you can manually create a secret containing the join key and pass it to the template during installation.

   # Create a key
   export JOIN_KEY=$(openssl rand -hex 32)
   echo ${JOIN_KEY}
   
   # Create a secret containing the key. The key in the secret must be named join-key
   kubectl create secret generic my-joinkey-secret -n artifactory --from-literal=join-key=${JOIN_KEY}

   In either case, make sure to pass the same join key on all future calls to Helm install and Helm upgrade. This means always passing --set artifactory.joinKey=${JOIN_KEY} (for the custom join key) or --set artifactory.joinKeySecretName=my-joinkey-secret (for the manual secret) and verifying that the the contents of the secret remain unchanged.

4. Update the repository.

   helm repo update

5. Install the chart with the release name artifactory-ha and with the master key and join key.

   helm upgrade --install artifactory-ha --set artifactory.masterKey=${MASTER_KEY} --set artifactory.joinKey=${JOIN_KEY} --namespace artifactory-ha jfrog/artifactory-ha

   If you are using an internal PostgreSQL, it is recommended to change the PostgreSQL password. For more information, see Helm Charts for Advanced Users - Auto-generated Passwords (Internal PostgreSQL).

6. Connect to Artifactory.
   

   It might take a few minutes for Artifactory's public IP to become available. Follow the instructions that are output by the install command above to get the Artifactory IP to access it. Below you will find a sample instruction of what to look for to pick the URL to reach Artifactory (in the example below, art77 is the release name and art is the namespace).

   Congratulations. You have just deployed JFrog Artifactory HA.
   SETUP:
   1. Get the Artifactory IP and URL
      NOTE: It may take a few minutes for the LoadBalancer public IP to be available!
      You can watch the status of the service by running 'kubectl get svc -w artha77-nginx'
      export SERVICE_IP=$(kubectl get svc --namespace art artha77-nginx -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
      echo http://$SERVICE_IP/
   2. Open Artifactory in your browser
      Default credential for Artifactory:
      user:     admin
      password: password

7. Install the Artifactory HA license using one of three methods: REST API, Artifactory UI, or a Kubernetes Secret. For more information, click the link below.
   

    Adding Licenses

   To activate Artifactory HA, you must install an appropriate license as part of the installation. There are three ways to manage the license: via Artifactory UI, REST API, or a Kubernetes Secret.

   Specifying multiple licenses

   Whether in the Artifactory UI, using the REST API or in the artifactory.cluster.license file, make sure that the licenses are separated by a newline.

   The easiest and recommended way is by using Artifactory UI. Using the Kubernetes Secret or REST API is for advanced users and is better suited for automation.

   You should use only one of these methods. Switching between them while a cluster is running might disable your Artifactory HA cluster.

   
   Option A: Using REST API

   You can add licenses via REST API. Note that the REST API uses "\n" for the newlines in the licenses (this is currently recommended method).

   Option B: Using the Artifactory UI

   Once the primary cluster is running, open Artifactory UI and insert the license(s) in the UI. See HA installation and setup for more details.

   Enter all of the licenses at once, with each license separated by a newline. If you add the licenses one at a time, you may get redirected to a node without a license and the UI will not load for that node.

   Option C: Using a Kubernetes Secret

   Important

   This method is relevant for initial deployment only. Once Artifactory is deployed, you should not keep passing these parameters, since the license is already persisted into Artifactory's storage (and they will be ignored). Updating the license should be done via Artifactory UI or REST API.

   
   You can deploy the Artifactory license(s) as a Kubernetes Secret. You will need to prepare a text file with the license(s) written in it. If adding multiple licenses, they are added in the same file. Remember to add two new lines between each license block.

   1. Create the Kubernetes secret (assuming the local license file is 'art.lic').
      

      kubectl create secret generic artifactory-cluster-license --from-file=./art.lic
      

   2. Create a license-values.yaml.

      artifactory:
        license:
          secret: artifactory-cluster-license
          dataKey: art.lic

   3. Install with the license-values.yaml.

      helm upgrade --install jfrog-platform --namespace jfrog-platform center/jfrog/jfrog-platform -f license-values.yaml

   Create the Kubernetes Secret as Part of the Helm Release

   1. Create a license-values.yaml.

      artifactory:
        license:
          licenseKey: |-
            <LICENSE_KEY1>
      
      
            <LICENSE_KEY2>
      
      
            <LICENSE_KEY3>

   2. Install with the license-values.yaml.

      helm upgrade --install jfrog-platform --namespace jfrog-platform center/jfrog/jfrog-platform -f license-values.yaml

   This method is relevant for initial deployment only. Once Artifactory is deployed, you should not keep passing these parameters, since the license is already persisted into Artifactory's storage (and they will be ignored). Updating the license should be done via Artifactory UI or REST API.

   If you want to keep managing the Artifactory license using the same method, you can use the copyOnEveryStartup example shown in the values.yaml file.

8. To access the logs, find the name of the pod using this command.

   kubectl --namespace <your namespace> get pods

9. To get the container logs, run the following command.

   kubectl --namespace <your namespace> logs -f <name of the pod>

10. Optional steps

    1. Customize the product configuration (optional) including database, Java Opts, and filestore.
       

       Filestore Options

       Helm filestore (storage) installations require certain modifications; for more information, see Advanced Storage Options.

       Unlike other installations, Helm Chart configurations are made to the values.yaml and are then applied to the system.yaml.

       Follow these steps to apply the configuration changes.

       1. Make the changes to values.yaml. 

       2. Run the command.
          

          helm upgrade --install artifactory-ha --namespace artifactory-ha -f values.yaml

       Alert: Use a PVC when Using an External Blob Storage

       When using external blob storage (for example, AWS S3, Azure blob storage, or Google storage), there is still a need to persist temporary eventual storage in a PVC (Persistent Volume Claims) in cases of loss of connection to the external storage or if the Artifactory pod crashes.

       Avoiding the usage of a PVC can lead to data loss in case of unplanned pod termination.

    2. To configure Artifactory for Helm, you will need to override the default system.yaml configuration. For more information, see Overriding the Default System YAML File.

    3. By default, Helm deploys Artifactory with PostgreSQL (running in a separate pod). It is possible to deploy Artifactory without PostgreSQL (or any other external database), which will default to the embedded Derby database.

       # Disable the default postgresql
       helm upgrade --install artifactory-ha --set postgresql.enabled=false --namespace artifactory-ha center/jfrog/artifactory-ha

Adding Licenses

Add licenses according to your license type:
License Key

• Option 1: Copy the artifactory.cluster.license file to the first node's configuration directory.

  cp artifactory.cluster.license $JFROG_HOME/artifactory/var/etc/artifactory/

• This can also be done once you start Artifactory using:

  • Option 2: License Management in the UI

  • Option 3: Install License REST API

License Bucket

Applying a license bucket requires installing JFrog Mission Control. To apply the license bucket:

1. Complete configuring and starting the first node (steps 4 and 5)
2. Install JFrog Mission Control

3. Apply your license Bucket Management in the UI

Post-Installation Steps

Once the installation is complete, you will need to validate these items:

• Change the default admin password. The default user will have the following credentials predefined in the system:
• User: admin, Password: password
• Make sure you have applied your licenses
• Continue to configure the system using the Administration guide
• Configure a reverse proxy (optional for Docker Registry)
• You can run Artifactory with one of the supported HTTP servers set up as a front end of each node.

Product Configuration

After installing and before running Artifactory, you may set the following configurations:

• System YAML Configuration File
  

  Where to find system.yaml?

  You can configure all your system settings using the system.yaml file located in the $JFROG_HOME/artifactory/var/etc folder. For more information, see Artifactory YAML Configuration.

  If you don't have a System YAML file in your folder, copy the template available in the folder and name it system.yaml.

  For the Helm charts, the system.yaml file is managed in the chart’s values.yaml.

• Database
  Artifactory comes with an embedded Derby Database out-of-the-box. If you're planning to use it in production, it is highly recommended to first configure any alternate supported databases, and then start Artifactory. 

  
  

• Customize Java Opts (optional)
  Remember to modify your JVM Parameters as needed by setting JAVA_OPTIONS in $JFROG_HOME/artifactory/var/etc/system.yaml. The property to pass extra Java opts is artifactory.extraJavaOpts. It is highly recommended to set your Java memory parameters as follows:
  

  The larger your repository or number of concurrent users, the larger you need to make the -Xms and -Xmx values accordingly. If you can reserve at least 512MB for Artifactory, the recommended minimal values are:

  -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC

  For more recommendations about your hardware configuration (especially the -Xmx parameter), please refer to System Requirements

• Additional Settings
  These include: customizing ports, joinKey (join.key), masterKey (master.key).
  
  
• Configuring the Filestore
  By default, Artifactory is configured to use the local file system as its filestore. Artifactory supports a variety of additional filestore configurations to meet a variety of needs for binary storage providers, storage size and redundancy.

For Advanced Users

Linux Archive

Install Script Commands

The following are the sequence of commands performed by the Linux Archive install script.

Manual Docker Compose Installation

1. Go to the download page, click the green arrow to download Docker Compose. Extract the contents of the compressed archive (.tar.gz file) and then go to the extracted folder.
   

   tar -xvf jfrog-artifactory-<pro|oss|cpp-ce>-<version>-compose.tar.gz

   .env file included within the Docker-Compose archive

   This .env file is used by docker-compose and is updated during installations and upgrades.

   Notice that some operating systems do not display dot files by default. If you've made any changes to the file, remember to backup before an upgrade.

2. Create the following folder structure under $JFROG_HOME/artifactory_HOME
   

   -- [1030     1030    ]  var
       |-- [1030     1030    ]  data
       |   |-- [104   107 ]  nginx 						- Necessary if you want to add nginx
       |   `-- [999     999  ]  postgres					- Necessary if you want to add postgres
       |-- [1030     1030    ]  etc

3. Copy the appropriate docker-compose templates from the templates folder to the extracted folder. Rename it as docker-compose.yaml

   Requirement	Template
   Artifactory + Derby (inbuilt database)	docker-compose.yaml
   Artifactory + Postgres	docker-compose-postgres.yaml
   Artifactory + Nginx	docker-compose-nginx.yaml

4. Update the .env file with the Installation directory.

   ROOT_DATA_DIR=/root/.jfrog/artifactory

5. Customize the product configuration.
   1. Customize the PostgreSQL Database connection details. (optional)

   2. Set any additional configurations (for example: ports, node id) using the Artifactory system.yaml configuration file.
      

      Ensure the host's ID "shared.node.id" and IP "shared.node.ip" are added to the system.yaml. If these are not added, the container's IP will be used and other Platform Deployments, products will be unable to reach this instance

6. Customize any additional product configuration (optional) including, Java Opts and filestore.

7. Start Artifactory using docker-compose commands.
   

   docker-compose -p rt logs
   docker-compose -p rt ps
   docker-compose -p rt up -d
   docker-compose -p rt down

8. Access Artifactory from your browser at: http://SERVER_HOSTNAME:8082/ui/. For example, on your local machine: http://localhost:8082/ui/.

9. Check Artifactory Log.
   

   docker-compose -p rt logs

   Configuring the Log Rotation of the Console Log

   The console.log file can grow quickly since all services write to it. The installation scripts add a cron job to log rotate the console.log file every hour.

   This is not  done for manual Docker Compose installations. Learn more on how to configure log rotation.

Watch the Screencast