Devops_CICD/Artifactory2020. 8. 19. 17:43

Installing JFrog Artifactory on CentOS / RHEL 7

 

Artifactory is a universal repository manager created by JFrog. A repository manager is software application designed to manage binary components related to an application. Being a universal repository manager, Artifactory supports all major packaging formats like Apache Maven, Gradle, Docker and many more.

In DevOps environments, Artifactory is used by build tools such as Apache Ant, Maven and Gradle to serve as the local repository for their respective artifacts. Although using Artifactory is not mandatory in DevOps environment, but it can be used to accelerate the CI/CD process.

JFrog Artifactory is a commercial product. However, there is an OSS (Open Source Software) version is available with limited features. We will use this OSS version in our article. We will install JFrog Artifactory OSS on CentOS / RHEL 7 server and deploy and use MariaDB database as the backend database for Artifactory.

For more information on DevOps best practices and CI/CD implementation, please read Continuous Delivery for Java Apps by Leanpub.

 

This Article Provides:

 

1. System Specification

We have used a CentOS 7 virtual machine with following specification for this article.

  • Hostname - artifactory-01.example.com
  • IP Address - 192.168.116.130/24
  • Operating System - CentOS 7.6

 

2. Installing Java Development Kit on CentOS 7

JFrog Artifactory requires Java Development Kit (JDK) 8 update 45 or above.

In CentOS 7, the OpenJDK (an open-source Java Development Kit) can be installed using yum command. However, if you are using a Red Hat Enterprise Linux (RHEL) 7 then you have to configure a Local yum Repository and then you will be able to install OpenJDK using yum command.

yum list java*jdk-devel

yum install java-1.8.0-openjdk-devel.x86_64

# ln -s /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.242.b08-0.el7_7.x86_64 /usr/lib/jvm/java-1.8.0

 

ls -l /usr/bin/javac

/usr/bin/javac -> /etc/alternatives/javac

ls -l /etc/alternatives/javac

/etc/alternatives/javac -> /usr/lib/jvm/java-1.8.0/bin/javac

 

alternatives --config java

alternatives --config javac

java -version

Set JAVA_HOME environment variable.

echo "export JAVA_HOME=/usr/lib/jvm/java-1.8.0" >> ~/.bashrc

echo "PATH=$PATH:$JAVA_HOME/bin:$HOME/bin" >> ~/.bashrc

echo "export PATH" >> ~/.bashrc

 

source ~/.bashrc

env | grep JAVA

JAVA_HOME=/usr/lib/jvm/java-1.8.0

 

3. Installing JFrog Artifactory OSS on CentOS 7

Install preqrequisite packages using yum command.

yum install -y net-tools rsync

Download latest JFrog Artifactory OSS RPM and copy it to the home directory of root user.

https://jfrog.com/open-source/#artifactory

wget https://bintray.com/jfrog/artifactory-rpms/rpm -O /etc/yum.repos.d/bintray-jfrog-artifactory-oss-rpms.repo;

yum install jfrog-artifactory-oss

 

# vi /etc/yum.repos.d/bintray-jfrog-artifactory-oss-rpms.repo

[bintray--jfrog-artifactory-rpms]

name=bintray--jfrog-artifactory-rpms

baseurl=https://jfrog.bintray.com/artifactory-rpms

gpgcheck=0

repo_gpgcheck=0

enabled=1

rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7

# Install Jfrog Artifactory RPM

yum localinstall -y jfrog-artifactory-oss-7.4.3.rpm

 

# download tar.gz

https://api.bintray.com/content/jfrog/artifactory/org/artifactory/oss/jfrog-artifactory-oss/$latest/jfrog-artifactory-oss-$latest-linux.tar.gz?bt_package=jfrog-artifactory-oss

mkdir -p /opt/jfrog

tar -xvf jfrog-artifactory-oss-7.4.3-linux.tar.gz -O /opt/jfrog/

ln -s /opt/jfrog/artifactory-oss-7.4.3 /opt/jfrog/artifactory

chown -R artifactory:artifactory /opt/jfrog/artifactory

 

Set ARTIFACTORY_HOME environment variable.

echo "export ARTIFACTORY_HOME=/opt/jfrog/artifactory" >> ~/.bashrc

source ~/.bashrc

env | grep ARTIFACTORY_HOME

JFrog Artifactory has been installed on CentOS 7.

 

4. Installing MariaDB Database on CentOS 7

It is recommended to use JFrog Artifactory with an external database. Being a hardcore FOSS (Fan of Open Source Software), we selected MariaDB Database for this purpose.

Install MariaDB Server from CentOS yum repository.

yum install -y mariadb-server

 

Start and Enable MariaDB Service.

systemctl start mariadb

systemctl enable mariadb

systemctl status mariadb

cat /usr/lib/systemd/system/mariadb.service

 

mysql_secure_installation

NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB

      SERVERS IN PRODUCTION USE!  PLEASE READ EACH STEP CAREFULLY!

 

In order to log into MariaDB to secure it, we'll need the current

password for the root user.  If you've just installed MariaDB, and

you haven't set the root password yet, the password will be blank,

so you should just press enter here.

 

Enter current password for root (enter for none):

OK, successfully used password, moving on...

 

Setting the root password ensures that nobody can log into the MariaDB

root user without the proper authorisation.

 

Set root password? [Y/n] Y

New password:

Re-enter new password:

Password updated successfully!

Reloading privilege tables..

 ... Success!

 

By default, a MariaDB installation has an anonymous user, allowing anyone

to log into MariaDB without having to have a user account created for

them.  This is intended only for testing, and to make the installation

go a bit smoother.  You should remove them before moving into a

production environment.

 

Remove anonymous users? [Y/n] Y

 ... Success!

 

Normally, root should only be allowed to connect from 'localhost'.  This

ensures that someone cannot guess at the root password from the network.

 

Disallow root login remotely? [Y/n] Y

 ... Success!

 

By default, MariaDB comes with a database named 'test' that anyone can

access.  This is also intended only for testing, and should be removed

before moving into a production environment.

 

Remove test database and access to it? [Y/n] Y

 - Dropping test database...

 ... Success!

 - Removing privileges on test database...

 ... Success!

 

Reloading the privilege tables will ensure that all changes made so far

will take effect immediately.

 

Reload privilege tables now? [Y/n] Y

 ... Success!

 

Cleaning up...

 

All done!  If you've completed all of the above steps, your MariaDB

installation should now be secure.

 

Thanks for using MariaDB!

cat /opt/jfrog/artifactory/var/etc/system.yaml

cat /opt/jfrog/artifactory/var/etc/security/master.key

cat /opt/jfrog/artifactory/var/etc/security/join.key

 

systemctl restart mariadb

systemctl status mariadb

 

● Create and configure Artifactory database

# Edit artifactory.service and add the user and group who own the service.

/opt/jfrog/artifactory/app/bin/installService.sh

vi  /usr/lib/systemd/system/artifactory.service

[Unit]

Description=Artifactory service

After=network.target

 

[Service]

Type=forking

User=artifactory

Group=artifactory

GuessMainPID=yes

PIDFile=/var/run/artifactory.pid

ExecStart=/opt/jfrog/artifactory/app/bin/artifactoryManage.sh start

ExecStop=/opt/jfrog/artifactory/app/bin/artifactoryManage.sh stop

LimitNOFILE=65536

LimitNPROC=8192

Restart=always

RestartSec=60

 

[Install]

WantedBy=multi-user.target

Alias=artifactory.service

 

Set open file limits for the artifactory user.

echo "artifactory soft nofile 32000" >> /etc/security/limits.conf

echo "artifactory hard nofile 32000" >> /etc/security/limits.conf

 

# start artifactory service

systemctl daemon-reload

systemctl restart artifactory

systemctl enable artifactory

systemctl status artifactory

tail -f /opt/jfrog/artifactory/var/log/console.log

 

# SELinux 활성화 시

chmod -R +r /opt/jfrog/artifactory/app/artifactory/tomcat/webapps

restorecon -vR /opt/jfrog/artifactory/app/artifactory/tomcat/webapps

 

#  SELinux 비활성화(disabled or permissive)

setenforce 0

sed -i 's/^SELINUX=enforcing$/SELINUX=permissive/' /etc/selinux/config

 

# firewall setting

firewall-cmd --permanent --add-port=8081/tcp

firewall-cmd --reload

 

Browse URL http://artifactory-01.example.com:8081 from a client browser. ( default: admin / password )

Click on Next.

Set the password for default admin user of Artifactory and click on Next.

If this server access the Internet through a proxy, then configure it here or click on Skip.

Select the package types for which you want to create repositories. The default repositories for the selected package types will be created by the Artifactory. Or click on Skip.

The initial configuration of Artifactory has been completed. Click on Finish.

You have reached at the Dashboard of Jfrog Artifactory Web UI. This dashboard is enriched with links to guides and documentation related to JFrog Artifactory. You can browse these links and start using JFrog Artifactory accordingly.

JFrog Artifactory has been successfully installed and configured on CentOS / RHEL 7 server.

 

https://www.centlinux.com/2019/01/install-jfrog-artifactory-on-centos-rhel-7.html

https://www.jfrog.com/confluence/display/JFROG/Installing+Artifactory

Posted by sonorous34