Using the latest JFrog products?
JFrog Platform User Guide
JFrog Mission Control 3.x Documentation
To get the latest version, go to the JFrog Unified Platform
Once you have downloaded Mission Control, follow these steps:
Extract the contents of the compressed archive, and remove the version number, operating system and architecture from the extracted folder.
Load ElasticSearch and Postgres which can be preinstalled. Binaries for both these databases are also available in the zip-dependencies folder.
For more instructions, see the 3rd Party Binaries or commands to setup manually on running Postgres section.
Edit the jfmc/scripts/setEnvDefaults.sh environment file and provide the relevant environment variables for your ElasticSearch and Postgres installations.
New Environment File
mc.keyThe mc key is an internal secret, used by Mission Control to encrypt sensitive data and must be synced between the Mission Control cluster nodes. After the application is started, the mc key can be found in the following path: <JFMC_DATA>/security/mc.key.
Start Mission Control.
New Environment File
Upon completing the ZIP installation, Mission Control creates a new environment file, jfmc/data/setenv.sh.
This is the environment file that will be used from here on. Any further changes that may need to be made in environment variables should be made in this file.
The Mission Control script installed with the ZIP installation can be used for a variety of actions using the following syntax:
Where <action> can take one of the following values:
Start the Mission Control services in the background. Corresponding process IDs will be stored as jfmc/run/<service_name>.pid.
Stops the Mission Control services. This command gets the process ID from the jfmc/run/<service_name>.pid file, stop the process and remove the file.
Checks if the Mission Control services are running as follows:
Obtain the process ID from jfmc/run/<service_name>.pid and check if the process is running
If the pid file exists, but the process is not running, check if any other processes are running for this service. This will show any processes that are out of sync ( for example, if a pid file was removed or modified).
Out of sync processes
Any processes that are out of sync should manually be removed.
Restarts Mission Control services by calling stop and start sequentially.
Mission Control uses certificates for secure internal communications between it services. Normally, this call is automatically run on every start action to make sure the services are all furnished with the required certificates. You can make this call manually if, for any reason, automatic generation of certificates failed.
The ZIP file installation requires a set of environment variables in order to run. These are provided through the environment file. Note that some of the variables in the environment file() are for internal use and should not be modified. Following are the environment variables (with default values) you should modify to match your own installation:
Ports used by the Mission Control Service:
export JFMC_INSIGHT_SERVER_SSL_PORT=8089 (removed in 3.3.0)
High Availability related variables:
- export NODEHEALTHCHECK_KILL_ONMAXFAILURES=true
- export JFMC_ES_CLUSTER_SETUP="YES"
- export JFMC_HOST_IP = <Publish IP of this server, for connecting from other nodes>
- export JFIS_ELASTIC_UNICAST_HOST_FILE =<Elasticsearch conf location/unicast_hosts.txt>
Options for each Java service:
Changing Port Settings
The following table describes the different Mission Control services, the default port allocated to the service, and the environment variable through which the port can be modified:
8089 (removed in 3.3.0)
If port conflicts are detected, you can change the port allocated as follows:
If the Mission Control services are running, stop them.
In $MC_HOME/data/setenv.sh, modify the environment variable corresponding to the service with the port conflict as described in the table above.
Start the Mission Control services.
3rd Party Binaries
Binaries for ElasticSearch and Postgres are included in the archive and can be used if needed. The instructions below are specific to these binaries.
The binary is available in the folder: "zip-dependencies". Copy to a suitable folder (<elastic_search_location> and unzip.
Install search guard plugin. This is an optional step if you want to secure your ElasticSearch with authentication.
The binary for search guard plugin (search-guard-6-6.6.0-24.zip) will be available in the folder: "zip-dependencies". Copy this file to a suitable location <search_guard_location>
Generate search guard certificates. This is applicable if you are configuring non-HA or first node of HA setup.
The tool to generate search guard certificates will be available in the folder: "zip-dependencies". Copy this tar ball to a suitable location <search_guard_cert_tool_location>
For nodes other than first node in HA setup, copy the certificates from the first node to the corresponding location.
Configure ElasticSearch for search guard by updating the following properties in <elastic_search_location>/elasticsearch-6.6.0/config
For HA setup ,add the following in elasticsearch.yml
Start ElasticSearch in detached mode.
Initialize Search Guard. This is applicable if you are configuring non-HA or first node of HA setup.
The binary is available in the folder: "zip-dependencies". Untar to a suitable folder as in the example below (which is extracting to the user's home directory).
As a sudo user, create the data folders to be used by Postgres and make this user (<user_name>) the owner
For your convenience and to avoid Postgres failing to startup because of path issues, set the path and locale.
Enabling Postgres connectivity from remote servers
Add the following line to /usr/local/pgsql/data/pg_hba.conf
Add the following line to /usr/local/pgsql/data/postgresql.conf
Initialize the data directory and start Postgres
Create the psql database (the script "jfmc/scripts/createPostgresUsers.sh" , responsible for seeding Postgres assumes this database exists)