Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >



JFrog’s Ansible Collection includes several Ansible roles that allow you to install the latest JFrog Platform in many different configurations-from simple single server installations to redundant and highly available setups-this collection provides the flexibility for any architecture.

In addition, the Ansible Collection includes optional roles for a PostgreSQL database and NGINX, which also allows you to add those components (refer to the example inventory and playbook files that are included in the Collection and that address most of the popular use cases).

Setting up Ansible and the JFrog Ansible Collection

There are several ways to install Ansible depending on your system; Ansible uses SSH to connect to hosts, so the best practice is to set up SSH key pairs and place the public key on the hosts (refer to the Ansible documentation for information on how to set this up). Some cloud providers also make this easier by setting up the SSH keys for you.

The JFrog Ansible Platform Collection consists of the following:

  • ansible_collections directory: This directory contains the Ansible Collection package with the Ansible roles for Artifactory, Xray, Distribution, and Mission Control. 
  • examples directory: This directory contains example playbooks for various architectures

System Requirements

Before installing the JFrog Ansible Collection, refer to System Requirements for information on supported platforms, supported browsers, required ports and other requirements. 

Operating Systems

The JFrog Ansible Collection can be installed on the following operating systems:

  • Ubuntu LTS versions (16.04/18.04/20.4)
  • Centos/RHEL 7.x/8.x
  • Debian  9.x/10.x

For the specific supported versions, see the System Requirements Matrix.

Page Contents


Single Node Installation

The following installation installs the JFrog Platform as single product (single node) installations and not as clusters/HA.

  1. Install the Ansible Collection from the Ansible Galaxy.

    ansible-galaxy collection install jfrog.platform
  2. Verify that you reference the Ansible Collection in your playbook when using these roles.

    - hosts: artifactory_servers
            - jfrog.platform
            - artifactory

    Ansible uses SSH to connect to hosts. Verify that your SSH private key is on your client and that the public keys are installed on your Ansible hosts.

  3. Create an inventory file: Use one of the examples from the examples directory to construct an inventory file (hosts.yml) with the host addresses and variables.

  4. Next, create your playbook: Use one of the examples from the examples directory to construct a playbook using the JFrog Ansible roles. These roles will be applied to your inventory and provision software.

  5. Execute the following command to provision the JFrog software with Ansible. 

    ansible-playbook -vv platform.yml -i hosts.ini

Generating Master and Join Keys

  1. Generate the master and join keys. If you do not provide these keys, they will be set to the defaults in the groupvars/all/vars.yaml file under each role. For production deployments, you may want to generate your master and join keys and to apply them to all the nodes using the following command.

    MASTER_KEY_VALUE=$(openssl rand -hex 32)
    JOIN_KEY_VALUE=$(openssl rand -hex 32)
    ansible-playbook -vv platform.yml -i hosts.ini --extra-vars "master_key=$MASTER_KEY_VALUE join_key=$JOIN_KEY_VALUE"


    Remember to save the generated master and join keys for future upgrades.

Using Ansible Vault to Encrypt Vars

Some vars you may want to keep secret. You may put these vars into a separate file and encrypt them using the Ansible Vault.

Use the following command.

ansible-vault encrypt secret-vars.yml --vault-password-file ~/.vault_pass.txt

Then in your playbook include the secret vars file.

- hosts: artifactory_servers
    - ./vars/secret-vars.yml
    - ./vars/vars.yml
    - artifactory

High Availability (HA) Installation

The Ansible Collection is installed in a single node configuration. To enable HA, set the following to true.

artifactory_ha_enabled: true

By default, all nodes are installed as primary nodes, which means that all nodes in the high availability cluster can perform tasks such as replication, garbage collection, backups, exporting, and importing. Every node in the cluster can serve any of the mentioned tasks and if any node goes down, the different nodes in the cluster will be able to perform these tasks instead. By default, when adding a new node (member) to the cluster, it will be able to perform cluster-wide tasks without user intervention. 

The "taskAffinity": "any" attribute is set by default, on all the nodes in the cluster, when installing an Artifactory version 7.17.4 and above and is configured under the Nodes section in the Artifactory Configuration YAML. To remove this functionality from a node, set  "taskAffinity": "none". For more information, see Cloud-Native High Availability

Building the Collection Archive

  1. Go to the ansible_collections/jfrog/installers directory.
  2. Update the galaxy.yml meta file as needed. Update the version.

  3. Build the archive (this requires Ansible 2.9+).

    ansible-galaxy collection build
  • No labels
Copyright © 2021 JFrog Ltd.