{"id":1402,"date":"2019-03-05T05:29:10","date_gmt":"2019-03-05T05:29:10","guid":{"rendered":"https:\/\/www.appservgrid.com\/paw93\/?p=1402"},"modified":"2019-03-07T21:00:00","modified_gmt":"2019-03-07T21:00:00","slug":"herd-your-rancher-labs-multi-cloud-strategy-with-artifactory","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw93\/index.php\/2019\/03\/05\/herd-your-rancher-labs-multi-cloud-strategy-with-artifactory\/","title":{"rendered":"Herd your Rancher Labs multi-cloud strategy with Artifactory"},"content":{"rendered":"<p>DevOps engineers have grown so reliant on the power and scalability of Kubernetes (K8s) clusters that one server platform can seldom accommodate them all. More and more enterprises now run their containerized applications in clusters across multiple platforms at once, in public clouds and on-prem servers.<\/p>\n<p>That can fuel a chaotic stampede in an enterprise-class system &#8211; who has control, and which builds do you trust?<\/p>\n<p>Rancher offers a solution for managing multiple K8s clusters, and an enhanced Kubernetes distribution with additional features for central control of those clusters. Rancher\u2019s multi-cluster operations management features provide a unified experience across public and private providers, VMware clusters, and bare metal servers that run in production across your organization, with common policies for provisioning and upgrades.<\/p>\n<h2>Kubernetes registry enables trust<\/h2>\n<p>While containerized applications help provide great stability through features like immutability and declarative configuration, they don\u2019t guarantee that the software they contain is trusted. Without full control of and visibility into the source and dependencies that go into your containers, elements you don\u2019t want or need can sneak into your builds.<\/p>\n<p>JFrog Artifactory can provide the hybrid Kubernetes registry you need that gives you full visibility into your containers. Artifactory enables trust by giving you insight into your code-to-cluster process while providing visibility into each layer of each application. Moreover, a hybrid K8s registry will help you run applications effectively and safely across all clusters in all of the infrastructure environments you use.<\/p>\n<h2>Installing Artifactory with Rancher<\/h2>\n<p>Rancher makes it easy for you to install a high-availability instance of Artifactory through <a href=\"https:\/\/rancher.com\/docs\/rancher\/v2.x\/en\/catalog\/\">its catalog of applications<\/a> directly into <a href=\"https:\/\/jfrog.com\/integration\/kubernetes-docker-registry\/\">a Kubernetes cluster that you create for Artifactory<\/a>. In this way, Artifactory instances can run in any of the infrastructure types you use, either on a public cloud or an on-prem server.<\/p>\n<p>To start, <a href=\"https:\/\/rancher.com\/docs\/rancher\/v2.x\/en\/installation\/\">install the Rancher Kubernetes Engine (RKE)<\/a> onto a server and set up an admin account.<\/p>\n<h3>Step 1: Add a Cluster<\/h3>\n<p>From Rancher\u2019s UI, <a href=\"https:\/\/rancher.com\/docs\/rancher\/v2.x\/en\/cluster-provisioning\/\">add a new K8s cluster<\/a> in the platform where your Artifactory instance will run.<\/p>\n<ul>\n<li>You can use a node template for nodes hosted by an infrastructure provider such as <a href=\"https:\/\/jfrog.com\/artifactory\/cloud-native-gcp\/\">Google Cloud Platform (GCP)<\/a>, <a href=\"https:\/\/jfrog.com\/artifactory\/cloud-native-aws\/\">Amazon Web Services (AWS)<\/a> or <a href=\"https:\/\/jfrog.com\/artifactory\/cloud-native-azure\/\">Azure<\/a>, or set up a custom node for a local on-prem server.<\/li>\n<li>For a cluster on a hosted service like GKE, you may need to have a service account created by your support team that provides the privileges that you need.<\/li>\n<li>When you create the cluster, select a machine type powerful enough to support Artifactory (recommended minimum is 2 vCPUs, 7.5 Gb RAM)<\/li>\n<li>When you have completed your settings, provision the cluster. This may take several minutes to complete.<\/li>\n<\/ul>\n<h3>Step 2: Create a Project and Namespace<\/h3>\n<p>You can install Artifactory into the Default Rancher project that is automatically created when adding a cluster. However, it\u2019s a good practice to create a <a href=\"https:\/\/rancher.com\/docs\/rancher\/v2.x\/en\/k8s-in-rancher\/projects-and-namespaces\/#namespaces\">Rancher project and namespace<\/a> for Artifactory to run in,<\/p>\n<p>For example, a project my-project and a namespace my-project-artifactory:<\/p>\n<p>![Rancher Namespaces](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Namespaces.jpg<\/p>\n<h3>Step 3: Create a Certificate<\/h3>\n<p>The NGINX server used by Artifactory requires a certificate to run.<br \/>\nFrom the main menu, select Resources &gt; Certificates. In the resulting page, supply the Private Key and Certificate, and assign the Name as <em>artifactory-ha-tls<\/em>.<\/p>\n<p>![Rancher Certificate](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Certificate.png<\/p>\n<p>When complete, click Save.<\/p>\n<h3>Step 4: Add a ConfigMap<\/h3>\n<p>Artifactory will require a <a href=\"https:\/\/rancher.com\/docs\/rancher\/v2.x\/en\/k8s-in-rancher\/configmaps\/\">ConfigMap<\/a> for general configuration information needed by its load balancer.<\/p>\n<p>The following example ConfigMap should be used for a standard setup:<\/p>\n<p>## add HA entries when ha is configure.<br \/>\nupstream artifactory {<br \/>\nserver artifactory-ha-artifactory-ha-primary:8081;<br \/>\nserver artifactory-ha:8081;<br \/>\n}<br \/>\n## add ssl entries when https has been set in config<br \/>\nssl_certificate \/var\/opt\/jfrog\/nginx\/ssl\/tls.crt;<br \/>\nssl_certificate_key \/var\/opt\/jfrog\/nginx\/ssl\/tls.key;<br \/>\nssl_session_cache shared:SSL:1m;<br \/>\nssl_prefer_server_ciphers on;<br \/>\n## server configuration<br \/>\nserver {<br \/>\nlisten 443 ssl;<br \/>\nlisten 80 ;<br \/>\nserver_name ~(?&lt;repo&gt;.+).jfrog.team jfrog.team;<\/p>\n<p>if ($http_x_forwarded_proto = &#8221;) {<br \/>\nset $http_x_forwarded_proto $scheme;<br \/>\n}<br \/>\n## Application specific logs<br \/>\n## access_log \/var\/log\/nginx\/jfrog.team-access.log timing;<br \/>\n## error_log \/var\/log\/nginx\/jfrog.team-error.log;<br \/>\nrewrite ^\/$ \/artifactory\/webapp\/ redirect;<br \/>\nrewrite ^\/artifactory\/?(\/webapp)?$ \/artifactory\/webapp\/ redirect;<br \/>\nrewrite ^\/(v1|v2)\/(.*) \/artifactory\/api\/docker\/$repo\/$1\/$2;<br \/>\nchunked_transfer_encoding on;<br \/>\nclient_max_body_size 0;<br \/>\nlocation \/artifactory\/ {<br \/>\nproxy_read_timeout 2400s;<br \/>\nproxy_pass_header Server;<br \/>\nproxy_cookie_path ~*^\/.* \/;<br \/>\nif ( $request_uri ~ ^\/artifactory\/(.*)$ ) {<br \/>\nproxy_pass http:\/\/artifactory\/artifactory\/$1;<br \/>\n}<br \/>\nproxy_pass http:\/\/artifactory\/artifactory\/;<br \/>\nproxy_next_upstream http_503 non_idempotent;<br \/>\nproxy_set_header X-Artifactory-Override-Base-Url $http_x_forwarded_proto:\/\/$host:$server_port\/artifactory;<br \/>\nproxy_set_header X-Forwarded-Port $server_port;<br \/>\nproxy_set_header X-Forwarded-Proto $http_x_forwarded_proto;<br \/>\nproxy_set_header Host $http_host;<br \/>\nproxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br \/>\n}<br \/>\n}<\/p>\n<p>From the main menu, select Resources &gt; Config Maps, then click Add Config Map.<\/p>\n<p>![Rancher ConfigMap](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-ConfigMap.jpg<\/p>\n<ol>\n<li>In the Name field, enter <em>art-nginx-conf<\/em><\/li>\n<li>In the Namespace field, enter the name of the created namespace.<\/li>\n<li>In the Key field, enter <em>artifactory-ha.conf<\/em><\/li>\n<li>Copy the example ConfigMap and paste it into the Value field.<\/li>\n<li>Click Save<\/li>\n<\/ol>\n<p>The ConfigMap will be used when Artifactory is installed.<\/p>\n<h3>Step 5: Install Artifactory<\/h3>\n<p>Once you have a cluster, project, and namespace that Artifactory can run in, you can install it easily through Rancher\u2019s catalog of applications.<\/p>\n<ol>\n<li>In the Rancher UI, click on Catalog Apps, then click the Launch button.<\/li>\n<\/ol>\n<p>![Launch Rancher Catalog](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Catalog_Launch.jpg<\/p>\n<ol>\n<li>In the catalog, find the JFrog <em>artifactory-ha<\/em> template marked \u201cPartner\u201d<\/li>\n<\/ol>\n<p>![Rancher JFrog Catalog Item](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Catalog_JFrog.jpg<\/p>\n<ol>\n<li>Click View Details<\/li>\n<\/ol>\n<p>![Rancher JFrog Catalog Details](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Catalog_Install.jpg<\/p>\n<p>Scroll down to set the Configuration Options. Set the name, <a href=\"https:\/\/www.jfrog.com\/confluence\/display\/RTF\/Configuring+the+Filestore\">enable persistent storage<\/a>, and set the persistent volume size to a value large enough to accommodate your expected needs.<\/p>\n<p>Set the Container Images to use the Default Image, and the Services and Load Balancing settings to use the NGINX server, assign the <em>artifactory-ha-tls<\/em> secret and the <em>art-nginx-conf<\/em> ConfigMap that were created in the prior steps.<\/p>\n<p>![Rancher JFrog Catalog Details](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Settings.jpg<\/p>\n<p>Set the Database Settings to enable and configure PostgreSQL.<\/p>\n<p>![Rancher JFrog Database Settings](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Settings-Database.jpg<\/p>\n<p>![Rancher JFrog Storage Settings](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-artifactory-storage.png<\/p>\n<p>Click Launch to perform the installation.<\/p>\n<p>![Rancher JFrog Install Launched](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Install_Launch.png<\/p>\n<ol>\n<li>The installation will likely take several minutes to complete. When finished, it will present the JFrog artifactory-ha app as <em>Active<\/em>. The URL for the Artifactory HA installation is presented as a hotlink (for example, 443\/tcp, 80\/tcp). Click on the link to access the Artifactory HA application.<\/li>\n<\/ol>\n<p>![Rancher JFrog Install Completed](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Install_Complete.png<\/p>\n<h2>Give it a try<\/h2>\n<p>Rancher and Artifactory both bring many pieces that would be challenging to manage independently into a single system, bringing control and visibility to the process. Together, they help enforce uniform policies, promotion flow, and more under a set of universal managers, quelling the risk of disorder.<\/p>\n<p>Rancher\u2019s integration of Artifactory through its catalog makes it especially easy to deploy and manage a hybrid Kubernetes Registry across all of the clusters you need across your organization.<\/p>\n<p>If you\u2019re already a Rancher user, you can install Artifactory immediately through the catalog of applications.<\/p>\n<p>![Rancher JFrog Activate](https:\/\/rancher.com\/img\/blog\/2018\/Jfrog-Rancher-Activate.png<\/p>\n<p>If you are new to Artifactory, you can request a set of three Artifactory Enterprise licenses for a free trial by emailing <a href=\"mailto:rancher-jfrog-licenses@jfrog.com\">rancher-jfrog-licenses@jfrog.com<\/a>.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/rancher.com\/img\/bio\/bio-user.jpg\" alt=\"Jainish Shah\" width=\"100\" height=\"100\" \/><\/p>\n<p>Jainish Shah<\/p>\n<p>JFrog Software Engineer<\/p>\n<p><a href=\"https:\/\/rancher.com\/blog\/2018\/2019-01-02-herd-multi-cloud-kubernetes-strategy-with-artifactory\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>DevOps engineers have grown so reliant on the power and scalability of Kubernetes (K8s) clusters that one server platform can seldom accommodate them all. More and more enterprises now run their containerized applications in clusters across multiple platforms at once, in public clouds and on-prem servers. That can fuel a chaotic stampede in an enterprise-class &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw93\/index.php\/2019\/03\/05\/herd-your-rancher-labs-multi-cloud-strategy-with-artifactory\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Herd your Rancher Labs multi-cloud strategy with Artifactory&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1402","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1402","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/comments?post=1402"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1402\/revisions"}],"predecessor-version":[{"id":1476,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1402\/revisions\/1476"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/media?parent=1402"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/categories?post=1402"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/tags?post=1402"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}