Artifactory is a repository manager created by JFrog. A repository manager is a dedicated server application designed to manage binary components for the application that we build.
Using a repository manager is one of the best practice for using any build tools, whether we use maven, Gradle, or Ant.
Several benefits of using a repository manager accroding to the maven website:
Reduce number of downloads from remote repositories, this can save not only bandwidth but also time.
Improve build stability since you are less dependent on external repositories.
Increase performance for interaction with remote SNAPSHOT repositories.
Potential for control consumed and provided artifacts.
Create a central storage and access to artifacts and metadata that can be used by another developer, even another projects. QA and operations team also get the benefits by using the same binary.
Become effective platform for exchanging binary artifact within and beyond your organization without the need of building the source.
Sharing source code of the components might seems easier and can easily be done but with large number of developers and projects it will be difficult to track which application use which version of components since the component source code can also be updated by the developers of specific project.
Using an artifact repository manager will make sure which (binary) component is being used on an application.
Several features of JFrog Artifactory :
Reliability : As a local proxy to the outside world, Artifactory guarantees consistent access to the components needed by your build tools.
Efficiency : Remote artifacts are cached locally for reuse, so that you don’t have to download them over and over again.
Security : Advanced security features give you control over who can access your artifacts, and where they can deploy them.
Stability : Supports large load bursts with extremely high concurrency and unmatched data integrity.
Automation :Automate all aspects of artifact management using a powerful REST API.
There are SaaS version and also self hosted version of artifactory.
The self-hosted version divided into three versions: OSS, Pro and Enterprise. The Pro and Enterprise versions have features that is not available on OSS version. Features that supported on Artifactory OSS versions are:
Oracle JDK 8. Artifactory is Java software, so we will use Oracle Java 8 to run Artifactory.
MySQL 5.6. Artifactory comes with built in Derby database. It's not a strict requirement but highly recommended to use external database. Artifactory support MySQL, PostgreSQL, Oracle and MSSQL Server. In this tutorial we'll setup MySQL server as external database but on the same server with Artifactory. When needed in the future you can easily migrate the database to dedicated MySQL instance.
Nginx. Artifactory run on top of Tomcat as application server. We can access artifactory directly but we will use Nginx as reverse proxy for Tomcat / Artifactory. We will also setup SSL on Nginx so SSL termination will happen on Nginx instead of on Tomcat.
Update Base System
This tutorial assume we have clean minimalist install of Ubuntu Server 14.04 Trusty Tahr.
Before we install JFrog Artifactory and the components needed, let's update the base system by running command below
$ sudo apt-get update
$ sudo apt-get -y upgrade
Installing Oracle JDK 8
Now, let's install Java Development Kit 8. We will use Oracle JDK instead of OpenJDK version of JDK 8.
We'll also use webupd8team ppa repository instead of installing JDK manually.
Add webupd8team PPA repository.
$ sudo add-apt-repository ppa:webupd8team/java
Oracle Java (JDK) Installer (automatically downloads and installs Oracle JDK7 / JDK8 / JDK9). There are no actual Java files in this PPA.
More info (and Ubuntu installation instructions):
- for Oracle Java 7: http://www.webupd8.org/2012/01/install-oracle-java-jdk-7-in-ubuntu-via.html
- for Oracle Java 8: http://www.webupd8.org/2012/09/install-oracle-java-8-in-ubuntu-via-ppa.html
Important!!! For now, you should continue to use Java 8 because Oracle Java 9 is available as an early access release (it should be released in 2016)! You should only use Oracle Java 9 if you explicitly need it, because it may contain bugs and it might not include the latest security patches! Also, some Java options were removed in JDK9, so you may encounter issues with various Java apps. More information and installation instructions (Ubuntu / Linux Mint / Debian): http://www.webupd8.org/2015/02/install-oracle-java-9-in-ubuntu-linux.html
More info: https://launchpad.net/~webupd8team/+archive/ubuntu/java
Press [ENTER] to continue or ctrl-c to cancel adding it
gpg: keyring `/tmp/tmpaz5gxp9d/secring.gpg' created
gpg: keyring `/tmp/tmpaz5gxp9d/pubring.gpg' created
gpg: requesting key EEA14886 from hkp server keyserver.ubuntu.com
gpg: /tmp/tmpaz5gxp9d/trustdb.gpg: trustdb created
gpg: key EEA14886: public key "Launchpad VLC" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
$ java -version
java version "1.8.0_91"
Java(TM) SE Runtime Environment (build 1.8.0_91-b14)
Java HotSpot(TM) 64-Bit Server VM (build 25.91-b14, mixed mode)
Install MySQL 5.6
We will install and use MySQL 5.6 as database for Artifactory. We will use MySQL Server 5.6
$ sudo apt-get -y install mysql-server-5.6
We need to setup MySQL root password. Please
Verify root password.
Securing the MySQL Installation
We will secure MySQL installation by running mysql_secure_installation.
Enter the root password that we set on installation
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MySQL
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
In order to log into MySQL to secure it, we'll need the current
password for the root user. If you've just installed MySQL, and
you haven't set the root password yet, the password will be blank,
so you should just press enter here.
Enter current password for root (enter for none):
OK, successfully used password, moving on...
Since we already have root password set, answer this part with n
Setting the root password ensures that nobody can log into the MySQL
root user without the proper authorisation.
You already have a root password set, so you can safely answer 'n'.
Change the root password? [Y/n] n
Remove anonymous user to improve security. This will make sure people or application have correct username and password to login to MySQL. Answer with Y
By default, a MySQL installation has an anonymous user, allowing anyone
to log into MySQL without having to have a user account created for
them. This is intended only for testing, and to make the installation
go a bit smoother. You should remove them before moving into a
Remove anonymous users? [Y/n] Y
We also want remove root login from remote machine. Answer with Y
Normally, root should only be allowed to connect from 'localhost'. This
ensures that someone cannot guess at the root password from the network.
Disallow root login remotely? [Y/n] Y
Previously the test database created automatically by MySQL installation, but MySQL 5.6 does not create test database. We can still choose Y, it will throw error but that's fine.
By default, MySQL comes with a database named 'test' that anyone can
access. This is also intended only for testing, and should be removed
before moving into a production environment.
Remove test database and access to it? [Y/n] Y
- Dropping test database...
ERROR 1008 (HY000) at line 1: Can't drop database 'test'; database doesn't exist
... Failed! Not critical, keep moving...
- Removing privileges on test database...
The last step is to reload MySQL privilege table.
Reloading the privilege tables will ensure that all changes made so far
will take effect immediately.
Reload privilege tables now? [Y/n] Y
All done! If you've completed all of the above steps, your MySQL
installation should now be secure.
Thanks for using MySQL!
Create a Database for Artifactory
Now we have a secure MySQL installation, it's time to create database and user for Artifactory itself.
Login to MySQL using root credentials
$ mysql -u root -p
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 58
Server version: 5.6.30-0ubuntu0.14.04.1 (Ubuntu)
Copyright (c) 2000, 2016, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
Create new database named artdb using the command below
Now we have nginx installed, we can check it by checking the status of the service :
$ sudo service nginx status
Configure Nginx Sites For Artifactory
In this tutorial we'll learn how to configure Nginx to serve as an http only proxy and https only proxy.
The configuration directory structure created by nginx package from nginx.org repository is a little bit different with the configuration of the Nginx package from Ubuntu repository. We will reconfigure Nginx configuration directory to make it easier to enable and disable site configuration.
Create two new directories named sites-available and sites-enabled with commands below:
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
Add JFrog repository to source list file. We put the repository configuration under /etc/apt/sources.list.d/ instead of putting the configuration on /etc/apt/sources.list to make it easier to manage the repository.
$ echo "deb https://bintray.com/artifact/download/jfrog/artifactory-debs trusty main" | sudo tee -a /etc/apt/sources.list.d/artifactory-oss.list
Update metadata and install JFrog Artifactory OSS.
Even though we already create database and user for Artifactory we will use configure.mysql.sh script that Artifactory provides. This will create MySQL user, create database, and changing contents of Artifactory configuration files.
Now we're ready to start Artifactory service. We can use command below:
$ sudo service artifactory start
Artifactory will take some time to start for the first time. You can monitor the startup process by looking at log file. Artifactory log file is located at /opt/jfrog/artifactory/tomcat/logs/catalina.out. I quote some lines below that I found interesting.
The Artifactory startup process will include creating database schema, default super user admin and also starting the application itself to listen on specific ports. Once we get INFO: Starting ProtocolHandler message, it means the application is ready.
Make sure that our password contain both upper case and lower case, number, and special charaters. Click Save after changing the password.
Password successfully updated.
Accessing System Info
We can access System Info from sidebar menu Admin -> Advanced -> System Info
Accessing System Logs
We can access System Logs from sidebar menu Admin -> Advanced -> System Logs
Artifactory Maintenance Configuration
We can access the Artifactory maintenance configuration from sidebar menu Admin -> Advanced -> Maintenance. In this page we can configure garbage collection schedule, storage quota, cleanup unused cached artifacts and also clean up virtual repositories.
We can also clean up storage by compress internal database and prune unreferenced data.
Artifactory Storage Summary
We can access Artifactory storage summary from sidebar menu Admin -> Advanced -> Storage.
We can access Artifactory backup management from sidebar menu Admin -> Serices -> Backups.
Artifactory General Configuration
We can access Artifactory backup management from sidebar menu Admin -> Configuration -> General.
In this page we can set server name, custom base url, max size for file upload and also date format.
Setting Artifactory Custom Message
We can create custom message for our users. The setting is still located on General configuration page. We can input title and the message itself and also title color.
Choose whether to put the custom message on all pages or only on the home page. Don't forget to click Save after creating custom message.
The new custom message is shown on the top of the page below header.
We can set Artifactory to use a proxy. This can be useful if we are on strict network where outgoing traffic is limited and we have to use proxy to access the internet. To add new proxy, click New on top right of the form.
Input detail of our proxy. We can also use authenticated proxy by supplying username and password.
New proxy listed on the page.
We can access Artifactory mail configuration from sidebar menu Admin -> Configuration -> Mail. We can use any mail server available, either locally installed mail server or third party service like Amazon SES or SendGrid.
We can access Artifactory user management from sidebar menu Admin -> Security -> Users.
This page list all user available on the system. Click New on top right to create new user.
Add detail for the new user, we can give admin or non-admin privileges.
Set the password
And assign the user to specific group(s).
In this tutorial we learned how-to install JFrog Artifactory on Ubuntu Server 14.04. We used MySQL as database and Nginx as reverse proxy for Artifactory. We also learn the basic usage of Artifactory.
Hopefully using Artifactory can help your team to increase productivity.
Facebook0TwitterReddit0StumbleUpon0 Do you need to increase the memory limit in WordPress? Getting an error about memory Exhausted? The memory limit is one of the most common WordPress errors as the default limit of memory in WordPress is only set to 64mb! But there’s good news! The Memory Exhausted error is...
Facebook0TwitterReddit0StumbleUpon0 A vulnerability has been discovered in the “All In One WordPress Migration” WordPress plugin. All versions earlier than, and including 6.97 contain a vulnerability which allows Cross-Site Scripting (XSS).With over 2 million active installations, this vulnerability has the potential to be high impact, however, this is lessened by the...
Facebook0TwitterReddit0StumbleUpon0HostPresto will be launching a European point of presence in the coming weeks, specifically in Amsterdam. For customers needing their data located within the EU still please contact support to request migration to this location with ticket subject ‘EU Migration’. We will ensure this is actioned well before the Brexit...