Using the latest version?
JFrog Platform User Guide
JFrog Artifactory 6.x Documentation
To get the latest version, go to the JFrog Unified Platform
The Distribution Flow
The high-level distribution flow has two main steps:
- Creating a Release Bundle
A REST API call on JFrog Distribution specifies a variety of parameters including the files comprising the release bundle, and different properties associated with it. - Distributing a Release Bundle
The distribution is itself split into three steps:- Start a distribution transaction - query JFrog Mission Control for details on the distribution target nodes, and provide the target nodes with information about distributed files such as their checksum.
- Transfer files with smart replication - JFrog Distribution invokes the Replicator which distributes files by replicating them from the source Artifactory instance over to the target node.
- End a distribution transaction - JFrog Distribution notifies the Edge node that the transaction is complete. In turn, the Edge node validates the integrity of the transferred files through their checksum and hosts them in the correct place as specified in the release bundle.
- Start a distribution transaction - query JFrog Mission Control for details on the distribution target nodes, and provide the target nodes with information about distributed files such as their checksum.
Installing an Edge Node
The process of installing an Edge node is identical to installing any other Artifactory instance. For details, please refer to Installing Artifactory.
Make sure to activate the Replicator
The primary purpose of an Edge node is to receive release bundles for deployment to a runtime which requires the use of the Replicator. Therefore, once your Edge node is installed, you need to ensure its Replicator has been activated and is ready for use as described in Installation and Activation.
Circle of Trust
An Edge node can only receive release bundles from an Artifactory service if they are both within the same circle of trust. Once you have completed the installation of the Edge node, make sure to add it to the circle of trust for any Artifactory service from which it should receive release bundles. To learn how to establish a circle of trust, please refer to Establishing a Circle of Trust in the JFrog Access User Guide.
Deploying Artifacts
The artifactory-edge-uploads repository is automatically created and cannot be removed. Deploying artifacts to this repository can be done using the UI or REST API.
All repositories in an Artifactory Edge are read-only. This is the only repository that's available for deploying files to.
Pulling Artifacts
From version 6.12, an Artifactory Edge node can be configured to pull artifacts using a Smart Remote Repository. Artifacts can be pulled from other Artifactory instances (ones with Enterprise+ or Edge licenses, just like any remote repository.
When pulling data from a smart remote repository, the Edge node will first attempt to pull the data from cache. If it does not exist, it will continue to try and fetch it from the remote repository on the target instance.
Support for remote repositories (that are not Smart Remote) is not available. For example, creating a remote repository pointing to Docker hub is not supported.
This feature is available as a JFrog Artifactory On-Premise installation and requires a JFrog Enterprise+ or JFrog Artifactory Edge license.
Pull replication is not available.
Setting a GPG Key
To enable a secure distribution flow, an Edge node must be able to validate the contents of any Release Bundles that it receives. This is done by furnishing the Edge node with the GPG signing key of any Distribution service that will be uploading Release Bundles as a one-time action before any Distribution flows are invoked.
Updating GPG Keys
Note that if you change the GPG signing keys on any Distribution service that is uploading Release Bundles to an Edge node, the Edge node must be updated with the new public key.
To upload the GPG key of a Distribution service to an Edge node, use the following REST API endpoint:
Set Distribution Public Key
Description: Sets the public GPG key of a JFrog Distribution service that needs to upload Release Bundles to an Edge node.
Security: Requires a valid admin user
Usage: POST /api/security/keys/trusted
Note that when the GPG key is provided as part of the JSON payload and not in the request header, you need to add the --data-binary flag to the call.
Consumes: application/json
Since: 6.0
Sample Usage:
API URL: http://<EdgeNode>:<Port>/artifactory/api/security/keys/trusted Method : POST Content-Type: application/json Authorization : Basic XXXXXXXXX Body : { "alias" : "distribution key 1.0.0", "public_key" : "-----BEGIN PGP PUBLIC KEY BLOCK----- Version: BCPG C# v1.6.1.0 mQENBFpDamEBCACrrAoudjlwnrRqqjdrCgPwEPyHqYddXPLDHViOVZfiREp9ENkq 2PIThlj79Cj+60ePaE4Kxaze+uH1ckTxhCNIblHWiGUluKxH8Cpy7huCBdwqkD/y ... x4w+26u0BNxE+4xlWaJ3NUb4CWtXLERfr8aKdkf1RXdMF3c96EXCBtGzLJbhrw== =D24P -----END PGP PUBLIC KEY BLOCK-----" } Expected Response:{ "kid": "46635b", "fingerprint": "f5:80:6a:1b:08:35:e7:8c:fa:a8:a0:fc:b4:fd:30:87:93:7d:19:22", "key": "-----BEGIN PGP PUBLIC KEY BLOCK----- Version: BCPG C# 1.6.1.0\n\nmQENBFpDamEBCACrrAoudjlwnrRqqjdrCgPwEPyHqYddXPLDHViOVZfiREp9ENkq 2PIThlj79Cj+60ePaE4Kxaze+uH1ckTxhCNIblHWiGUluKxH8Cpy7huCBdwqkD/y ... x4w+26u0BNxE+4xlWaJ3NUb4CWtXLERfr8aKdkf1RXdMF3c96EXCBtGzLJbhrw== =D24P -----END PGP PUBLIC KEY BLOCK-----", "issued_on": "2017-12-27T09:39:45.000Z", "issued_by": "alen@alen.com", "valid_until": "1970-01-01T00:00:00.000Z" }
NGINX Configuration
As part of the distribution flow, Artifactory needs to interact with JFrog Distribution which relies on HTTP/1.1 protocol functionalities, such as chunked transfer encoding. To support these functionalities, you need to add the following settings to your NGINX configuration:
proxy_http_version 1.1; chunked_transfer_encoding on;