JFrog’s Artifactory is the first and universal Artifact Repository Manager used for package delivery.

Preamble:

To reach DevOPs Nirvana tools and processes need to be in place to enable agile teams to work efficiently and be more productive. In our past tutorial we have learned how to install Jenkins as our CI/CD tool, now in this tutorial we will learn how to deploy a centralized repository system for package management. JFrog’s Artifactory open source project was created to speed up development cycles using binary repositories. It’s the world’s most advanced repository manager, creating a single place for teams to manage all their binary artifacts efficiently.

alt text

Why use a Binary Repository Manager like Artifactory:

Over the last several years, software development has evolved from deploying products periodically to building them on an ongoing basis using CI servers. A company’s end product may be built on a daily or even hourly basis. This means that DevOps must support the continual flow of code from the individual developer’s machine to the organization’s production environment. Bridging the gap between the development teams’ desktops and the organization’s servers, load balancers and databases hosted on production systems can present several challenges. Some of these are:

  • Providing stable and reliable access to repositories
  • Supporting a large number of common binaries across different environments
  • Security and access control
  • Tracing any action done to a file back to the user
  • Transferring a large number of binaries to a remote location
  • Managing infrastructure configuration across different environments

Installing Pre-requisites

Set hostname and update CentOS 7 Server:

1
2
3
hostnamectl set-hostname artifactory.example.com
yum update
yum upgrade

Install the required repository:

1
2
3
rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-7.rpm
yum install https://downloads.ulyaoth.net/rpm/ulyaoth-latest.centos.x86_64.rpm

Install Artifactory repository:

1
wget -O /etc/yum.repos.d/bintray-jfrog-artifactory-rpms.repo https://bintray.com/jfrog/artifactory-rpms/rpm

Install Vim Editor:

yum install vim

Create artifactory user with sudo Rights:

1
2
3
useradd artifactory
passwd artifactory
usermod -a -G wheel artifactory

Installing OpenSSL:

1
2
3
yum install ulyaoth-openssl1.1.0 (Install the latest in ulyaoth)
vi /etc/profile and paste in the following:
echo 'export PATH=/usr/local/ulyaoth/ssl/openssl1.1.0/bin:$PATH' >> /etc/profile

Steps to install Artifactory

Switch user to the Jenkins user and run all following commands using sudo:

su - artifactory

Installing Java:

sudo yum install java-1.8.0-openjdk

Installing Artifactory Open Source:

sudo yum install jfrog-artifactory-oss

Installing MariaDB Server:

1
2
3
4
sudo yum install mariadb-server
sudo systemctl start mariadb
sudo systemctl enable mariadb
sudo systemctl status mariadb

Create Artifactory Database:

1
2
3
4
5
6
7
8
sudo mysql_secure_installation
sudo mysql -u root -p
create database artifactorydb charset=utf8mb4;
create user [email protected];
set password for [email protected]= password("Mystrongpassword");
grant all privileges on artifactorydb.* to [email protected] identified by 'Mystrongpassword';
flush privileges;
exit;

Configure Artifactory Database:

sudo /opt/jfrog/artifactory/bin/configure.mysql.sh alt text

Configure the Firewall - Optional:

1
2
firewall-cmd --zone=public --add-port=8081/tcp --permanent
firewall-cmd --reload

Start Artifactory:

1
2
3
sudo systemctl enable artifactory
sudo systemctl start artifactory
sudo systemctl status artifactory

With your Browser:

Go to http://ipaddress:8081 Verify that Artifactory UI is displaying.

Install and Configure Nginx as a Reverse Proxy:

Installing Nginx:

1
2
3
4
yum install ulyaoth-nginx
systemctl enable nginx
systemctl start nginx
systemctl status nginx

Lets-Encrypt for Artifactory:

1
2
3
4
5
yum install letsencrypt
which letsencrypt
systemctl stop nginx
systemctl status nginx
/usr/bin/letsencrypt certonly --standalone

Create the DH Key:

sudo openssl dhparam -out /etc/letsencrypt/live/artifactory.example.com/dhparam.pem 2048

Create a Virtual Host:

vim /etc/nginx/conf.d/artifactory.example.com.conf

And paste in the following code snippet et do not forget to adapt it to your system:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
upstream artifactory {
server 127.0.0.1:8081 fail_timeout=0;
}
server {
listen 80 http2;
listen [::]:80 ipv6only=on http2;
server_name artifactory.example.com;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl ipv6only=on http2;
server_name artifactory.example.com;
ssl on;
ssl_certificate /etc/letsencrypt/live/artifactory.example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/artifactory.example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/artifactory.example.com/fullchain.pem;
ssl_dhparam /etc/letsencrypt/live/artifactory.example.com/dhparam.pem;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EECDH+AES";
ssl_ecdh_curve secp384r1;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;
ssl_session_timeout 1d;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 5s;
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; reload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
access_log /var/log/nginx/artifactory.access.log;
error_log /var/log/nginx/artifactory.error.log;
location / {
proxy_set_header Host $host:$server_port;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect http:// https://;
proxy_pass http://artifactory;
# Required for new HTTP-based CLI
proxy_http_version 1.1;
proxy_request_buffering off;
proxy_buffering off; # Required for HTTP-based CLI to work over SSL
}
}

Configure Artifactory from the Wizard:

Go the website and follow the prompt to finish configuring Jenkins UI

https://artifactory.example.com

alt text Next, set the Admin Password alt text Next, skip Configure a Proxy Server alt text Next, skip Create Repositories alt text All done, click on Finish to exit the wizard alt text

Login to Artifactory UI:

1
2
username: admin
password: mystrongpassword

Summary

In this tutorial we learned how-to install JFrog Artifactory on a CentOS 7 Server. We used MariaDB as a database and Nginx as a reverse proxy for Artifactory. Hopefully using Artifactory can help your team increase productivity and maintaining a centralized package management system where binary artifacts (packages) are saved can help alleviate dependencies issues. We are also getting one step closer to DevOps Nirvana.

Comments