Cloud customer?
Start for Free >
Upgrade in MyJFrog >
What's New in Cloud >

Search





Overview

From JFrog Artifactory 7.9, Peer-to-Peer (P2P) is supported, allowing software clients connected to Artifactory to directly download their Docker and Generic artifacts and packages from local, remote, and virtual repositories through a network of peers instead of directly from Artifactory. 

Downloading files using P2P, improves the download speed and decreases the bandwidth consumption to and from the JFrog Artifactory Edge nodes and supports the need for frequent software deployments from Artifactory Edge to a large number of Production servers.

P2P also promotes scalability and availability of your artifact downloads, while providing a highly secure environment, supported by the JFrog Platform including an authorization and authentication mechanism, bi-directional TLS, and the option to apply unique access tokens for each download. 

JFrog P2P Architecture

The JFrog P2P architecture is based on a network of interconnected peers located between Artifactory and the Docker or HTTP clients. The P2P topology serves as an alternative to the traditional Client/Server file download process that requires performing a direct download request to Artifactory each time a client submits a Pull or Push request.

The JFrog P2P architecture comprises of these main components:

  • Tracker: An Artifactory service responsible for advertising and tracking available artifacts located on the peers and serves as the initial artifact seeder.
  • Peer: A dedicated JFrog standalone application deployed on every host which is interconnected with other peers. The peer communicates with the Tracker to download artifacts and to announce the availability of downloaded artifacts to the Tracker.
  • P2P Swarm: A collection of peers that form a decentralized network for artifact sharing within a cluster.
  • Client: A software client used for interacting with the peer. For example a Docker or an HTTP client.

JFrog Subscription Levels

CLOUD (SaaS) | SELF-HOSTED
ENTERPRISE+
Page Contents

P2P Artifact Download Workflow

JFrog P2P allows users to download artifacts and packages via peers connected to the JFrog peer network. Peers serve both as suppliers and consumers of the packages thereby reducing the load from the Artifactory node since clients can download packages directly from member peers in the network. 

The P2P artifact download process includes the following workflow:

  1. The Peer Application is installed on the hosts connected to the Artifactory.
  2. The peer connects to the Artifactory Edge and the peer is registered within the Tracker that serves as an initial seeder. All download communication is SSL-encrypted using a certificate-chain created by Artifactory. The peer then listens for a client download request or requests from other peers. 
  3. As peers download files on behalf of a client, they regularly advertise information about pieces of their stored files to the Tracker on Artifactory. This information is then stored by the Tracker. 
  4. Once a peer gets a download request from the client, it queries the Tracker regarding which other registered peers may have the file. The Tracker responds and the peer starts downloading the available parts of the file, from the relevant peer. 
  5. As files are cached on a peer, they are advertised to the Tracker and can be downloaded concurrently by other peers, according to user permissions defined in Artifactory. The download file process is performed in parallel from multiple peers thereby distributing the network load between multiple peers to perform fast and efficient downloads from Artifactory.

Setting Up the JFrog P2P Environment

Prior to running the P2P downloads in the JFrog Platform, you need to set up the P2P environment in this order:

  1. Set up Artifactory.
    1. Install an Artifactory/ Artifactory Edge node. For more information, see Installing Artifactory.
    2. Enable the Replicator and the P2P Tracker in Artifactory.
  2. Set up the P2P Swarm.
    1. Copy the dedicated JFrog Peer application bundled in the Artifactory Installer located under the following path: app/replicator/p2p/jfrog-p2p-client.zip.
    2. Customize a Peer configuration YAML with basic static attributes including addresses, ports, certificates, and directories. 
    3. Deploy the peers. 

      Deploying the JFrog Peer Applications

      You need to deploy your peers in the cluster according to your deployment strategies within your organization

      When the Peers connect to the Tracker, they will be populated with the default Peer configurations that are stored in the JFrog Platform. These configurations are dynamically verified each time the Peers connect to the Tracker and can be and can be modified by the pushing an additional Yaml file using the REST API, uploading to the UI, or through the bootstrap from the file system. For more information, see Central Peer Deployment and Management.

  3. Configure the Peer as an /S Proxy.

Stage 1: Set Up Artifactory/ Artifactory Edge

Enable the Replicator and P2P in Artifactory

  1. Enable the Replicator. JFrog P2P is integrated as part of the JFrog Replicator. The Replicator is installed out-of-the-box on every Artifactory and Artifactory Edge but is required to be enabled. For more information, see Installing and Configuring Replication.
  2. Enable the Tracker by setting the following attributes in the Artifactory System YAML Configuration File under the replicator section.

    replicator:
      enabled: true
      p2p:
       tracker:
          enabled: true
          selfAddress: "<Tracker IP Address>:[ port (tracker port)]>" //The external address to be used from outside the Tracker service in order for the          
                        Tracker to be reached. The port must match the Tracker trackerinsecurePort variable.

Once you have enabled the Tracker, the Artifactory System Configuration is populated with the default Tracker settings. To view the list of predefined Tracker attributes and their default values, see Tracker YAML Attributes.

You also have the option to set the environment variables JF_REPLICATOR_ENABLED=true and JF_REPLICATOR_P2P_TRACKER_ENABLED=true

Stage 2: Set Up the P2P Swarm 

RequirementsSettings
Minimal Recommended System Requirements
  • 2 Core CPU
  • 10 GB SSD
Software Requirements
  • JFrog Peer Application: Bundled as part of the Artifactory Installer under the following path: app/replicator/p2p/jfrog-p2p-client.zip.
  • Docker Client
Supported Platforms
  • Linux
  • MacOS

The basic process of setting up the peers comprises of these main steps:

  1. Generate a P2P Access Token.
  2. Download the JFrog Peer App and customize the basic Peer YAML file.
  3. Configure the Peer as an /S Proxy.

Step 1: Generate a P2P Access Token

Generate an access key; The P2P Access Token is required to create trust between the JFrog Platform Deployment (JPD) and the peers.

  1. In the JFrog Platform, generate and copy the P2P Join Key from the Administration module, under Security | Settings | P2P Access Token.
  2. Paste the P2P Join Key in your customized Peer yaml file as the joinKey attribute.

Step 2:  Download the JFrog Peer App and Customize the Peer YAML

Establishing Connectivity between the Peers

Upon startup, the peers need to establish connectivity with the other peers through a secure gRPC connection by applying an access root certificate. The peer can retrieve this certificate using one of the following:

  • A digital envelope through an insecure connection.
  • A certificate located on the peer local machine by setting the p2p.peer.accessRootCertificate attribute.
  1. Copy the Peer Application bundled as part of the Artifactory Installer, located under the following path: app/replicator/p2p/jfrog-p2p-client.zip, to all the Peer machines.

  2. Customize a Peer YAML file with the basic static attributes including addresses, ports, certificates, and directories static . For a complete list of Static attributes, see Static YAML Attributes.

    ## PEER CONFIGURATION FILE##
    ## HOW TO USE: comment-out any field and keep the correct yaml indentation by deleting only the leading '#' character.
     
    ## NOTE: The provided commented key and value is the default.
     
    p2p:
      peer:
        ## Mandatory field
        ## Artifactory URL on which the Tracker accepts secure gRPC connections.
        trackerUrl: "your Artifactory URL, for example: <external host IP>:8852"
     
        ## Mandatory field
        ## Artifactory URL on which the Tracker accepts insecure gRPC connections. Alternately, you can set the accessRootCertificate
        trackerInitialConnectionUrl: "your Artifactory URL, for example: <external host IP:8850>"
     
        ## Mandatory field
        ## Path to the access root certificate. Alternately, you can set the trackerInitialConnectionUrl. The certificate must be Base-64 Encoded X.509.
        accessRootCertificate: "</root certification location/>"
    
        ## Mandatory field
        ## gRPC address to expose for other peers must be aligned with the gRPC port.
        selfGrpcAddress:"<auto resolved if not set>"
             
        ## Mandatory field
        ##  address to expose for external clients.
        selfAddress:"<auto resolved if not set>" 
        
        ## Mandatory field
        ## P2P Join key value generated in the Artifactory node an used for establishing a connection between the Peers to the Tracker
        joinKey: "<Your JoinKey>

    Using Environment Variables

    You can also configure the peer application using the environment variables starting with the JF_P2P_PEER prefix.

  3. Deploy the YAML with the Static attributes and run the JFrog Peer App on all of the Peers.

    When the Peers initially connect to the Tracker, they will automatically be populated with the default Peer configurations that are centrally stored in the JFrog Platform. These configurations are dynamically updated every time the Peers connect to the Tracker and can be modified using the REST API, directly in the UI, or through the bootstrap from the file system. To modify the dynamic Peer attributes, see Central Peer Deployment and Management.

Step 3: Configure the Peer as an /HTTPS Proxy

To provide you with a seamless experience when working opposite Artifactory via the peer you need to set the peer as HTTP/HTTS Proxy. After you have set up the peer as a proxy, all the requests sent from the Docker client will be routed through the peer. For more information, see Getting Started with Artifactory.

  1. Set the location on your peer to the following path.

    $JF_PRODUCT_HOME=[path on your machine]


    1. Copy your customized peer system.yaml to the following path. 

      $JF_PRODUCT_HOME/var/etc/system.yaml

      Recommended Action!

      As the Join Key is displayed in Plain Text in this file, it is highly recommended to limit the permissions of this file to authorized users (for example, using the chmod command).

    2. Run the peer executable. For example: 

      ./peer-<executable_name>
    3. Copy the certificates with a .crt extension located under $JF_PRODUCT_HOME/var/etc/security/certificates to the folder in which your operating system runs the Docker Daemon.
      For example, Alpine users can copy their files to the following location in which the Docker Deamon has been designated to run the files. 

      apk add ca-certificates
      cp ./certificates/jfrog_proxy.crt /usr/local/share/ca-certificates/jfrog_proxy.crt
      cp ./certificates/jfrog_access_root.crt /usr/local/share/ca-certificates/jfrog_access_root.crt
      update-ca-certificates
    4. Start the Docker Daemon with an HTTP proxy pointing the peer self Http address.
      As displayed in the following example, you can run the Docker Daemon directly.

      HTTPS_PROXY=selfHttpAddress dockerd

Working with Docker Strategies Opposite the Peer

To support the different Docker resolution strategies, you will need to apply the following peer rewrite mechanism. For more information, see Using a Reverse Proxy

The following examples illustrate the supported strategies.

Repository Path Mapping

This is the default configuration supported by the peer.
The repository path method allows a single point of entry (URL) to access different repositories. This is done by embedding the name of the repository being accessed into the image path.

If you want to add support for resolving Docker images without specifying a repository path, follow the rewrite rules as displayed.

p2p:
   peer:
     rewrite:
        - 
          from: https://registry-1.docker.io/v2/library/(.*)
          to: https://<myarticatory.com>/v2/<default Docker repository>/$1
Subdomain Mapping
To support subdomain mapping, configure the rewrite tool based on your configuration.
For example, if you are using the Nginx configuration used in Artifactory, follow these rewrite rules.
p2p:
   peer:
     rewrite:
        - 
          from: https://(.*).<myartifactory.com>/(.*)
          to: https://<myartifactory.com>/artifactory/api/docker/$1/$2
Port Mapping

To support port mapping, you will have to map the port to the required repository by following these rewrite rules.

p2p:
   peer:
     rewrite:
        - 
          from: https://<myartifactory.com>:<port1>/(.*)
          to: https://<myartifactory.com>/artifactory/api/docker/<repokey1>/$1 //repokey relates to the port we want to map to this key 
        
        - 
          from: https://myartifactory.com:<port2>/(.*)
          to: https://myartifactory.com/artifactory/api/docker/<repokey2>/$1 //repokey relates to the port we want to map to this key

        - 
          from: https://myartifactory.com:<port3>/(.*)
          to: https://myartifactory.com/artifactory/api/docker/<repokey3>/$1 //repokey relates to the port we want to map to this key

Downloading Files from the Peer Using Docker Client

Validate that you have a Docker repository in Artifactory.

Running Docker commands in the Docker client through the peer is the same as running Docker commands opposite Artifactory.Your permissions and credentials for downloading files are identical to your permissions in Artifactory and are retrieved when performing actions opposite the peer.

Docker Login Request Examples

For the Docker client to connect to the peer and download through it, run docker login to the peer.
Note that HOST_IP refers to your machine IP Address.

Run a Docker login command using the repository path.

$ docker login --username admin --password password1 <artifactory_URL>
Example: Docker Login using the repository path
$ docker login --username admin --password password1 myartifactory.com

Run a Docker login command using the subdomain.

$ docker login --username admin --password password1 <repokey>.<artifactory_URL>
Example: Docker Login using the subdomain
$ docker login --username admin --password password1 docker-local.myartifactory.com

Run a Docker login command using the port.

$ docker login --username admin --password password1 <artifactory_URL>:<port>
Example: Docker login using the port
$ docker login --username admin --password password1 myartifactory.com:9922

Docker Pull Request Examples

Run a Docker Pull command using the repository path.

$ docker pull <artifactory_URL>/<repokey>/<image_name>:<version>
Example: Docker Pull using the repository path
$ docker pull myartifactory.com/docker-local/mysql:latest

Run a Docker Pull command using the subdomain.

$ docker pull <repokey>.<artifactory_URL>/<image_name>:<version>
Example: Docker Pull using the subdomain
$ docker pull docker-local.myartifactory.com/mysql:latest

Run a Docker Pull command using the port.

$ docker pull <artifactory_URL:port>/<image_name>:<version>
Example: Docker Pull using the port
docker pull myartifactory.com:9922/mysql:latest

Docker Push Request Example

Run a Docker Push command using the repository path.

$ docker push <artifactory_URL>/<repokey>/<image_name>:<version> 
Example: Docker Pull using the repository path
$ docker push myartifactory.com/docker-local/mysql:latest

Advanced P2P Configurations

Central Peer Deployment and Management

You can modify and manage all the P2P Peer configurations from a central YAML as all the P2P settings are centrally stored in the JFrog Platform. All that is required is to add your settings to a YAML file and to update the settings using the REST API, directly in the UI, or through the bootstrap from the file system. The next time the Peers connect to the Tracker (Artifactory), they will be populated with the new YAML settings.

Modify the default dynamic default YAML attributes on all your Peers:

  1. Create a yaml file containing the dynamic parameters. To view a list of parameters, see Dynamic Attributes.
  2. Depending on how you want to deploy the Peers, do one of the following:
    • Set up your Peers with customized advanced settings in a yaml to be populated during the initial connection to Artifactory, by copying the yaml to the bootstrap file to the following path.

      /var/etc/p2p/peer/peer.config.import.yaml

      The YAML can only be read once and will be renamed.

      peer.config.bootstrap.<TIMESTAMP>.yaml
    • Upload the YAML to the JFrog Platform webUI under the Administration module | Security Configuration | Peers Configuration.



P2P YAML Configurations

Tracker YAML Attributes

 View a Tracker YAML example
replicator:
 p2p:
  tracker:
    ## The Tracker port number (to be used for the ) of the secure gRPC server, that has to be reachable for external connections
	#port: 8852
	
    ## The peer HTTP server secure port 	
	#internalPort: 8851
	
    ## The port number to exchange root certificate traffic that is signed using P2P join key, and is reachable for external connections
	#insecurePort: 8850
	
    ## The external address to be used from outside the Tracker service in order for it to be reached. Must match the port trackerinsecurePort	
	#:  "<localhost:[ port (tracker port)]>"
	
    ## TLS is enabled by default. When set to True, TLS is disabled.	
	#forceInsecureServer: false
	
    ## Number of times the peer is counted as an "Alive" peer in relation to the last peer availability report	
	#minimumPeerUnavailableLeewayMillis: 30
	
    ## The Tracker upload throttle in KB/S.	
	#uploadRateLimitKBS: 0s
	
    ## Minimal transfer unit in the JFrog P2P protocol in kb	
	#subpieceSize:512 kb
	
    ## A peer request for the location of the piece, returns the maximumPeersToServe URLs
	#maximumPeersToServe: 60

	## The piece metadata cache size which contains the piece checksum
	#fileInfoCacheSize: 100 entries

    ## The number of pieces you can store on your disk
    #piecesDiskCacheSize: 4xMemory entries
    
    ## The number of pieces you can store in the memory in GB
    #piecesInMemoryCacheSize: 1 GB

    ## Expiry of disk items in minutes.
    #piecesDiskCacheExpiryMins: 500 entries

    ## The disk pieces cache file system path
    #piecesDiskCachePath: "JFROG_HOME/artifactory/tracker/data]/tracker/data>"
	
    ## The maximum concurrent downloads from Artifactory
	#maximumPeersPerFile: 20
	
    ## The Artifactory instance address that is associated with the Tracker. Can be the Nginx address or the router.
    #artifactoryUrl: "<http://localhost:8081/artifactory>"
	
    ## The Access instance address associated with the Tracker. Can be the Router URL
    #accessUrl: "<http://localhost:8040/access>"
	
	## The maximum number of connections allowed to connect to the peer
	#httpClientMaxConnections: 50
	
	## When the P2P Join key is provided manually, it will be applied as the peer P2P Join key and attempt to write the P2P Join key to the synced    
    config.  
    ## Recommended for parallel deployment of the Tracker and peers
	#joinKey:"<join_key>"

    ## The Service ID of the Replicator
	#trackerServiceId: "<service_ID>"

	## When the minimal number of peers is met, and the file is full, the Tracker will cease serving as a seeder
	#minimalSeedersToExcludeTracker: 2
         
    ## Artifactory Node ID
	#nodeId: "<artifactory node ID>"
        
    ## Artifactory node Router URL
	#routerUrl: "<artifactory node router URL>"
	
	## Log verbosity control. Supported levels: info | debug | trace
    #logLevel: "info"
    
    ## In an HA environment, where the Tracker is not set as the leader, it will announce it is ready for seeding in millis
    #reportTrackerAvailablePeriodMillis: 5
    
    ## The period set to refresh the peer Token set in seconds
    #refreshPeerTokenPeriodSeconds: 45
	
    ## The CRON expression that indicates the interval to run the call home tasks. By default, it runs every 24 hours. To view the format and examples,       
    ## To view the format and examples, see https://godoc.org/github.com/robfig/cron
    #callHomeCֹronExpression: "< >"
	
    ## The interval for collecting metrics for the next call home message. For example, to count the number of available peers is set to every 30   
    minutes.
    #callHomeMetricsCollectionPeriodMinutes: 30
	
replicator.p2p.tracker.port

[Optional [Default: 8852]

The port number of the secure gRPC server, that has to be reachable for external connections.

replicator.p2p.tracker.internalPort
[Optional [Default: 8851]
The peer HTTP server secure port.
replicator.p2p.tracker.insecurePort
[Optional [Default: 8850]
The port number to exchange root certificate traffic that is signed using P2P Join Key, and is reachable for external connections.
replicator.p2p.tracker.forceInsecureServer

[Optional [Default: false]

TLS is enabled by default. When set to True, TLS is disabled.

replicator.p2p.tracker.minimumPeerUnavailableLeewayMillis

[Optional [Default: 30]

Number of times the peer is counted as an "Alive" peer in relation to the last peer availability report.

replicator.p2p.tracker.uploadRateLimitKBS

[Optional [Default: 0]

The Tracker upload throttle in KB/S.

replicator.p2p.tracker.subpieceSize

[Optional [Default: 512]

Minimal transfer unit in the JFrog P2P protocol in kb.

replicator.p2p.tracker.maximumPeersToServe

[Optional [Default: 60]

A peer request for the location of the piece, returns the maximumPeersToServe URLs.

replicator.p2p.tracker.fileInfoCacheSize

[Optional [Default: 100]

The piece metadata cache size which contains the piece checksum.

replicator.p2p.tracker.piecesDiskCacheSize

[Optional [Default: 4xMemory value]

The number of pieces you can store on your disk.

replicator.p2p.tracker.piecesInMemoryCacheSize

[Optional [Default: 1] 

A piece is always equal or smaller than 2MB. The number of pieces you can store in the memory in GB.

replicator.p2p.tracker.piecesDiskCacheExpiryMins

[Optional [Default: 30] 

Expiry of disk items in minutes.

replicator.p2p.tracker.piecesDiskCachePath
[Optional [Default Path: [JFROG_HOME]/artifactory/tracker/data

The disk pieces cache file system path.

replicator.p2p.tracker.maximumPeersPerFile

[Optional [Default: 20]

The maximum concurrent downloads from Artifactory.

replicator.p2p.tracker.artifactoryUrl

[Optional [Default: http://localhost:8081/artifactory]

The Artifactory instance address that is associated with the Tracker. Can be the Nginx address or the router.

replicator.p2p.tracker.accessUrl

[Optional [Default: http://localhost:8040/access]

The Access instance address associated with the Tracker. Can be the Router URL.

replicator.p2p.tracker.httpClientMaxConnections

[Optional [Default: http://localhost:8040/access]

The maximum number of connections allowed to connect to the peer.

replicator.p2p.tracker.joinKey

[Optional [Default: <P2P Join Key>]

When the P2P Join key is provided manually, it will be applied as the peer P2P Join key and attempt to write the P2P Join key to the synced config. Recommended for parallel deployment of the Tracker and peers.

replicator.p2p.tracker.trackerServiceId

[Optional [Default: <ID>]

The Service ID of the Replicator.

replicator.p2p.tracker.minimalSeedersToExcludeTracker

[Optional [Default: 2]

When the minimal number of peers is met, and the file is full, the Tracker will cease serving as a seeder.

replicator.p2p.tracker.nodeId

[Optional [Default: <ID>]

Artifactory Node ID.

replicator.p2p.tracker.routerUrl

[Optional [Default: <ID>]

Artifactory node Router URL

replicator.p2p.tracker.logLevel

[Optional [Default: info]

Log verbosity control. Supported levels: info | debug | trace.

replicator.p2p.tracker.reportTrackerAvailablePeriodMillis

[Optional [Default: 5]

In an HA environment, where the Tracker is not set as the leader, it will announce it is ready for seeding in milliseconds.

replicator.p2p.tracker.refreshPeerTokenPeriodSeconds

[Optional [Default: 45]

The period set to refresh the peer Token set in seconds.

replicator.p2p.trackercallHomeCֹronExpression

[Optional [Default: ""]

The CRON expression that indicates the interval to run the call home tasks. By default, it runs every 24 hours. To view the format and examples, click here.

replicator.p2p.tracker.callHomeMetricsCollectionPeriodMillis

[Optional [Default: 30]

The interval for collecting metrics for the next call home message. For example, to count the number of available peers is set to every 30 milliseconds.

Peer YAML Attributes

The Peers are configured in two separate yaml files:

Static Peer Attributes

 View a Static Peer YAML example
p2p:
  peer:     
    ## Artifactory URL on which the Tracker was enabled.
    trackerUrl: "<localhost:8852>"
 
	## Insecure Tracker gRPC endpoint URL used for retrieving a certificate for establishing a connection with the secure server.   
	trackerInitialConnectionUrl: "<localhost:8850>" 
	
	## Location of root certificate 
 	accessRootCertificate: "<path to access root certificate>"
    
    ## Peer Join Key. Must match the Tracker P2P Join Key.
    ## Retrieving the P2P Join Key. You can copy the P2P Join Key on the Tracker, from the P2P Access Token section in the JFrog Platform to the   
    ## Administration module under the Security | Settings tab or configure it directly in the system.yaml file.
	joinKey: "<p2p join key>"    
    
	## Peer gRPC server port
	#port: 8088
    
	## Peer HTTP server port
	#httpPort: 8089 
    
    ## Artifactory, load balancer, or router address used for proxy and metadata requests.   
    #artifactoryUrl: "<http://{trackerUrl-noport}:8081/artifactory>" 

    ## gRPC address to expose for other peers must be aligned with the gRPC port.
    selfGrpcAddress: <Auto-resolved if not set>
    
    ## HTTP address to expose for external clients.
    #selfHttpAddress: <Auto-resolved if not set>
   
    ## Path to the watch folder containing files and metadata.
    #watchFolder: "<{servicehome.datadir}/watch>"
        
    ## 
    #httpClientMaxConnections: 50
   
    ## Path in the local file system containing the test runs.
    #testFolderPath: "<{servicehome.datadir}/test>"
    
    ## Path in the local file system containing the access root certificate to support skipping the insecure initial connection phase  
    #certificatesFolderPath: "<{servicehome.securitydir}/certificates>"
    
    ## Peer application log level. Supported levels: info | debug | trace.
    #logLevel: info
        
    ## Enables pprof
    #profilingEnabled: false
   
p2p.peer.trackerUrl

[Mandatory [Default: localhost:8852 ]

Artifactory URL on which the Tracker was enabled.

p2p.peer.trackerInitialConnectionUrl

[Mandatory [Default: localhost:8850]

Insecure Tracker gRPC endpoint URL used for retrieving a certificate for establishing a connection with the secure server.

p2p.peer.accessRootCertificate
[Mandatory [Default: <path to Access Root Certificate]

p2p.peer.joinKey

[Mandatory [Default: "" ]

Peer Join Key. Must match the Tracker P2P Join Key.

Retrieving the P2P Join Key

You can copy the P2P Join Key on the Tracker, from the P2P Access Token section in the JFrog Platform to the Administration module under the Security | Settings tab or configure it directly in the system.yaml file.


p2p.peer.port

[Optional [Default: 8088 ]

Peer gRPC server secure port.

p2p.peer.httpPort

[Optional [Default: 8089 ]

Peer http server secure port.

p2p.peer.artifactoryUrl

[Optional [Default: http://<trackerUrl-noport>:8081/artifactory ]

Artifactory, load balancer, or router address used for proxy and metadata requests.

p2p.peer.watchFolder

[Optional [Default: {servicehome.datadir}/watch

Path to the watch folder containing files and metadata.

p2p.peer.stateFilePath

[Optional [Default: {servicehome.datadir}/state]

Path to the metadata file.

p2p.peer.httpClientMaxConnections
[Optional [Default: 50 ]
p2p.peer.testFolderPath

[Optional [Default: servicehome.datadir}/test]

Path in the local file system containing the test runs.

p2p.peer.certificatesFolderPath
[Optional [Default: servicehome.securitydir}/certificates]

Path in the local file system containing the access root certificate to support skipping the insecure initial connection phase

p2p.peer.LogLevel

[Optional [Default: info]

Peer application log level. Supported levels: info | debug | trace.

p2p.peer.profilingEnabled

[Optional [Default: false]

Enables pprof.

p2p.peer.http
[Optional [Default: false]

Dynamic Peer Attributes

 View a Dynamic Peer YAML example
p2p:
  peer:     
    
    ## Minimal transfer unit in KB.  
 	#subpieceSize: 512KB
    
    ## Download order
    #streamShuffleWindowSize: 80
   
    ## Maximum number of peers that can download files from this peer
    #maximumPeersToServe: 8
        
    ## Download rate limit in kbps
    #downloadRateLimitInKBS: 0
  
    ## Upload rate limit in kbps
    #uploadRateLimitKBS: 0
         
    ## Number of files to store in the file system cache
    #maximumFilesToKeep: 50
         
    ## Size limit in MB to store in the file system cache in GB
    #maximumMbToKeep: 50GB
    
    ## Peer reporting liveness interval in Milliseconds
    #reportAvailabilityIntervalMillis: 5
   
    ## Maximum number of retries in the retry period  
    #maximumNumberOfCallRetries: 100
    
    ## Total time of retries since an error was generated in Milliseconds
    #maximumErrorDelayMillis: 5
    
    ## Number of concurrent pieces to download from another peer
    #numberOfDownloadFromPeerWorkers: 5
    
    ## Number of concurrent pieces to download from another Tracker 
    #numberOfDownloadFromTrackerWorkers: 2

    ## Number of peer searches for new sources, when the stated number of pieces is downloaded   
    #numberOfDownloadToRecalculate: 5
    
    ## Skips checksum verification.
    #skipChecksumVerification: false
    
    ## File system event refresh rate in milliseconds
    #watchFolderScanIntervalMillis: 400
        
    ## Maximum number of http client connections
    #httpClientMaxConnections: 50   

    ##
    #deleteFileWaitMillis: 5
    
    ##  
    #defaultDockerRepositoryKey: "<docker-local>"
        
    ## Docker default repository to download files in Artifactory.
    #http: false
p2p.peer.stateFilePath

[Optional [Default: {servicehome.datadir}/state]

Path to the metadata file.

p2p.peer.subpieceSizeKB

[Optional [Default: 512]

Minimal transfer unit in KB.

p2p.peer.streamShuffleWindowSize: 0

[Optional [Default: 80 ] 

The download order.

p2p.peer.maximumPeersToServe

[Optional [Default: 8 ]

Maximum number of peers that can download files from this peer.

p2p.peer.downloadRateLimitKBS

[Optional [Default: 0 ]

Download rate limit in kbps.

p2p.peer.uploadRateLimitKBS

[Optional [Default: 0 ]

Upload rate limit in kbps.

p2p.peer.maximumFilesToKeep

[Optional [Default: 50 ]

Number of files to store in the file system cache.

p2p.peer.maximumMbToKeep

[Optional [Default: 50 ]

Size limit in MB to store in the file system cache in GB.

p2p.peer.reportAvailabilityIntervalMillis

[Optional [Default: 5 ]

Peer reporting liveness interval in milliseconds.

p2p.peer.maximumNumberOfCallRetries

[Optional [Default: 100 ]

Maximum number of retries in the retry period.

p2p.peer.maximumErrorDelayMillis

[Optional [Default: 5 ]

Total time of retries since an error was generated in milliseconds.

p2p.peer.numberOfDownloadFromPeerWorkers

[Optional [Default: 5 ]

Number of concurrent pieces to download from another peer.

p2p.peer.numberOfDownloadFromTrackerWorkers

[Optional [Default: 2 ]

Number of concurrent pieces to download from another Tracker (Artifactory Edge).

p2p.peer.numberOfDownloadToRecalculate

[Optional [Default: 5 ]

Number of peer searches for new sources, when the stated number of pieces is downloaded.

p2p.peer.skipChecksumVerification

[Optional [Default: false ]

Skips checksum verification.

p2p.peer.watchFolderScanIntervalMillis

[Optional [Default: 400 ]

File system event refresh rate in miliseconds.

p2p.peer.deleteFileWaitMillis
[Optional [Default: 5]
p2p.peer.defaultDockerRepositoryKey

[Optional [Default: docker-local]

Docker default repository to download files in Artifactory.


Troubleshooting

Monitoring the Peers

The JFrog Platform allows you to monitor your P2P download in a Self-Hosted environment within the UI. 
The page lists the Peers, their status, number of files download, and the total consumption out of the total consumption.

In the JFrog Platform, from the Administration module, select Monitoring | P2P Download.

For more information, see Monitoring Peer-to-Peer (P2P) Traffic Consumption.


Debugging P2P Downloads

Artifactory maintains the tracker-service.log containing all the tracker-related  events and all other events generated by the P2P Tracker.

The tracker-service.log is located under $JFROG_HOME/artifactory/var/artifactory/log/tracker-service.log.

Log Structure

Timestamp (UTC) [Trace Id][Reference in code][main-thread]message[log name]

Here is a typical example:

2020-08-31T07:40:22.011Z [track] [INFO ] [Future Implementation] [callhome_service.go:125] [main]-Successfully sent call home message [startupLogger]
Timestamp (UTC)

The date and time the message was logged, in UTC time with the standard format: [yyyy-MM-dd'T'HH:mm:ss.SSSZ] based on RFC-3339

Trace Id

The trace id value. Trace id is used to identify a request across services

Reference in code

Filename and row in the code.

main-thread

The “main” thread printing this log entry. 

message

An optional system message.

Logger name

Log name in Artifactory.

  • No labels
Copyright © 2021 JFrog Ltd.