{"id":1493,"date":"2019-03-08T06:09:48","date_gmt":"2019-03-08T06:09:48","guid":{"rendered":"https:\/\/www.appservgrid.com\/paw93\/?p=1493"},"modified":"2019-04-06T00:20:09","modified_gmt":"2019-04-06T00:20:09","slug":"deploying-jfrog-artifactory-with-rancher-part-one","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw93\/index.php\/2019\/03\/08\/deploying-jfrog-artifactory-with-rancher-part-one\/","title":{"rendered":"Deploying JFrog Artifactory with Rancher, Part One"},"content":{"rendered":"<p><a href=\"https:\/\/jfrog.com\/artifactory\/\">JFrog Artifactory<\/a> is a universal artifact repository that supports all major packaging formats, build tools and continuous integration (CI) servers. It holds all of your binary content in a single location and presents an interface that makes it easy to upload, find, and use binaries throughout the application development and delivery process.<\/p>\n<p>In this article we\u2019ll walk through using Rancher to deploy and manage JFrog Artifactory on a Kubernetes cluster. When you have finished reading this article, you will have a fully functional installation of <a href=\"https:\/\/jfrog.com\/open-source\/\">JFrog Artifactory OSS<\/a>, and you can use the same steps to install the OSS or commercial version of Artifactory in any other Kubernetes cluster. We\u2019ll also show you how to create a generic repository in Artifactory and upload artifacts into it.<\/p>\n<p>Artifactory has many more features besides the ones presented in this article, and a future article will explore those in greater detail.<\/p>\n<p>Let\u2019s get started!<\/p>\n<h2><strong>Software Used<\/strong><\/h2>\n<p>This article uses the following software:<\/p>\n<ul>\n<li>Rancher v2.0.8<\/li>\n<li>Kubernetes cluster running on Google Kubernetes Engine version 1.10.7-gke.2<\/li>\n<li>Artifactory helm chart version 7.4.2<\/li>\n<li>Artifactory OSS version 6.3.2<\/li>\n<\/ul>\n<p>If you\u2019re working through the article at a future date, please use the versions current for that time.<\/p>\n<p>As with all things Kubernetes, there are multiple ways to install Artifactory. We\u2019re going to use the <a href=\"https:\/\/helm.sh\/\">Helm chart<\/a>. Helm provides a way to package application installation instructions and share them with others. You can think of it as a package manager for Kubernetes. Rancher integrates with Helm via the Rancher Catalog, and through the Catalog you can deploy any Helm-backed application with only a few clicks. Rancher has other features, including:<\/p>\n<ul>\n<li>an easy and intuitive web interface<\/li>\n<li>the ability to manage Kubernetes clusters deployed anywhere, on-premise or with any provider<\/li>\n<li>a single view into all managed clusters<\/li>\n<li>out of the box monitoring of the clusters<\/li>\n<li>workload, role-based access control (RBAC), policy and project management<\/li>\n<li>all the power of Kubernetes without the need to install any software locally<\/li>\n<\/ul>\n<h2><strong>Installing Rancher<\/strong><\/h2>\n<p>NOTE: If you already have a Rancher v2 server and Kubernetes cluster installed, skip ahead to the section titled <em>Installing JFrog Artifactory<\/em>.<\/p>\n<p>We\u2019re proud of Rancher\u2019s ability to manage Kubernetes clusters anywhere, so we\u2019re going to launch a Rancher Server in standalone mode on a GCE instance and use it to deploy a Kubernetes cluster in GKE.<\/p>\n<p>Spinning up a Rancher Server in standalone mode is easy \u2013 it\u2019s a Docker container. Before we can launch the container, we\u2019ll need a compute instance on which to run it. Let\u2019s launch that with the following command:<\/p>\n<p>gcloud compute &#8211;project=rancher-20 instances create rancher-instance<br \/>\n&#8211;zone=europe-west2-c<br \/>\n&#8211;machine-type=g1-small<br \/>\n&#8211;tags=http-server,https-server<br \/>\n&#8211;image=ubuntu-1804-bionic-v20180911<br \/>\n&#8211;image-project=ubuntu-os-cloud<\/p>\n<p><em>Please change the project and zone parameters as appropriate for your deployment.<\/em><\/p>\n<p>After a couple of minutes you should see that your instance is ready to go.<\/p>\n<p>Created [https:\/\/www.googleapis.com\/compute\/v1\/projects\/rancher-20\/zones\/europe-west2-c\/instances\/rancher-instance].<br \/>\nNAME ZONE MACHINE_TYPE INTERNAL_IP EXTERNAL_IP STATUS<br \/>\nrancher-instance europe-west2-c g1-small 10.154.0.2 35.242.185.165 RUNNING<\/p>\n<p>Make a note of the EXTERNAL_IP address, as you will need it in a moment to connect to the Rancher Server.<\/p>\n<p>With the compute node up and running, let\u2019s use the GCE CLI to SSH into it.<\/p>\n<p>gcloud compute ssh<br \/>\n&#8211;project &#8220;rancher-20&#8221;<br \/>\n&#8211;zone &#8220;europe-west2-c&#8221;<br \/>\n&#8220;rancher-instance&#8221;<\/p>\n<p>Again, be sure that you adjust the project and zone parameters to reflect your instance if you launched it in a different zone or with a different name.<\/p>\n<p>Once connected, run the following commands to install some prerequisites and then install Docker CE. Because the Rancher Server is a Docker container, we need Docker installed in order to continue with the installation.<\/p>\n<p>sudo apt-get update<br \/>\nsudo apt-get -y install apt-transport-https ca-certificates curl software-properties-common<br \/>\ncurl -fsSL https:\/\/download.docker.com\/linux\/ubuntu\/gpg | sudo apt-key add &#8211;<br \/>\nsudo apt-key fingerprint 0EBFCD88<br \/>\nsudo add-apt-repository &#8220;deb [arch=amd64] https:\/\/download.docker.com\/linux\/ubuntu $(lsb_release -cs) stable&#8221;<br \/>\nsudo apt-get update<br \/>\nsudo apt-get -y install docker-ce<\/p>\n<p>With that out of the way, we\u2019re ready to deploy the Rancher Server. When we launch the container for the first time, the Docker Engine will fetch the container image from Docker Hub and store it locally before launching a container from it. Future launches of the container, should we need to relaunch it, will use the local image store and be much faster.<\/p>\n<p>Use the next command to instruct Docker to launch the Rancher Server container and have it listen on port 80 and 443 on the host.<\/p>\n<p>sudo docker run -d &#8211;restart=unless-stopped -p 80:80 -p 443:443 rancher\/rancher:v2.0.8<\/p>\n<p>If nothing goes awry, Docker will print the download status and then the new container ID before returning you to a prompt.<\/p>\n<p>Unable to find image &#8216;rancher\/rancher:latest&#8217; locally<br \/>\nlatest: Pulling from rancher\/rancher<br \/>\n124c757242f8: Pull complete<br \/>\n2ebc019eb4e2: Pull complete<br \/>\ndac0825f7ffb: Pull complete<br \/>\n82b0bb65d1bf: Pull complete<br \/>\nef3b655c7f88: Pull complete<br \/>\n437f23e29d12: Pull complete<br \/>\n52931d58c1ce: Pull complete<br \/>\nb930be4ed025: Pull complete<br \/>\n4a2d2c2e821e: Pull complete<br \/>\n9137650edb29: Pull complete<br \/>\nf1660f8f83bf: Pull complete<br \/>\na645405725ff: Pull complete<br \/>\nDigest: sha256:6d53d3414abfbae44fe43bad37e9da738f3a02e6c00a0cd0c17f7d9f2aee373a<br \/>\nStatus: Downloaded newer image for rancher\/rancher:latest<br \/>\n454aa51a6f0ed21cbe47dcbb20a1c6a5684c9ddb2a0682076237aef5e0fdb3a4<\/p>\n<p>Congratulations! You\u2019ve successfully launched a Rancher Server instance.<\/p>\n<p>Use the EXTERNAL_IP address that you saved above and connect to that address in a browser. You\u2019ll be asked to accept the self-signed certificate that Rancher installs by default. After this, you\u2019ll be presented with the welcome screen. Set a password (and remember it!), and continue to the next page.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/welcome-to-rancher.png\" alt=\"Welcome to Rancher\" \/><\/p>\n<p>On this page you\u2019re asked to set the URL for the Rancher Server. In a production deployment this would be a hostname like rancher.yourcompany.com, but if you\u2019re following along with a demo server, you can use the EXTERNAL_IP address from above.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-server-url.png\" alt=\"Rancher Server URL\" \/><\/p>\n<p>When you click <em>Save URL<\/em> on this page, you\u2019ll be taken to the Clusters page, and from there we\u2019ll deploy our Kubernetes cluster.<\/p>\n<h2><strong>Using Rancher to Deploy a GKE Cluster<\/strong><\/h2>\n<p>Rancher can deploy and manage Kubernetes clusters <em>anywhere<\/em>. They can be in Google, Amazon, Azure, on cloud nodes, in datacenters, or even running in a VM on your laptop. It\u2019s one of the most powerful features of the product. For today we\u2019ll be using GKE, so after clicking on <em>Add Cluster<\/em>, choose Google Container Engine as your provider.<\/p>\n<p>Set the name to something appropriate for this demo, like jfrog-artifactory.<\/p>\n<p>In order to create the cluster, Rancher needs permission to access the Google Cloud Platform. Those permissions are granted via a Service Account private key JSON file. To generate that, first find the service account name (replace the project name with yours if necessary):<\/p>\n<p>gcloud iam service-accounts list &#8211;project rancher-20<\/p>\n<p>NAME EMAIL<br \/>\nCompute Engine default service account &lt;SA&gt;-compute@developer.gserviceaccount.com<\/p>\n<p>The output will have a service account number in place of &lt;SA&gt;. Copy this entire address and use it in the following command:<\/p>\n<p>gcloud iam service-accounts keys create .\/key.json<br \/>\n&#8211;iam-account &lt;SA&gt;-compute@developer.gserviceaccount.com<\/p>\n<p>This will create a file named key.json in the current directory. This is the Service Account private key that Rancher needs to create the cluster:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/add-cluster-rancher.png\" alt=\"Add Cluster Rancher\" \/><\/p>\n<p>You can either paste the contents of that file into the text box, or you can click <em>Read from a file<\/em> and point it to the key.json file. Rancher will use this info to generate a page wherein you can configure your new cluster:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/add-cluster-rancher-2.png\" alt=\"Add Cluster Rancher second step\" \/><\/p>\n<p>Set your preferred Zone, Machine Type, Node Count and Root Disk Size. The values presented in the above screenshot are sane defaults that you can use for this demo.<\/p>\n<p>When you click <em>Create<\/em>, the cluster will be provisioned in GKE, and when it\u2019s ready, you\u2019ll see it become active in the UI:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-cluster-view.png\" alt=\"Rancher cluster view\" \/><\/p>\n<h2><strong>Installing JFrog Artifactory<\/strong><\/h2>\n<p>We\u2019ll install Artifactory by using the <a href=\"https:\/\/helm.sh\/\">Helm chart<\/a> repository from JFrog. Helm charts, like OS package management systems, give you a stable way to deploy container applications into Kubernetes, upgrade them, or roll them back. The chart guarantees that you\u2019re installing a specific version or tag for the container, and where applications have multiple components, a Helm chart assures that you\u2019re getting the right version for all of them.<\/p>\n<h3>Installing the JFrog Helm Repository<\/h3>\n<p>Rancher ships with a library of Helm charts in its Application Catalog, but in keeping with the Rancher objective of user flexibility, you can install any third-party Helm repository to have those applications available for deployment in your cluster. We\u2019ll use this today by installing the JFrog repository.<\/p>\n<p>In the Global Cluster view of Rancher click on <em>Catalogs<\/em> and then click on <em>Add Catalog<\/em>. In the window that opens, enter a name that makes sense, like <em>jfrog-artifactory<\/em> and then enter the location of the official JFrog repository.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-add-catalog.png\" alt=\"Rancher add catalog\" \/><\/p>\n<p>Click on <em>Create<\/em>, and the JFrog repository will will appear in the list of custom catalogs.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-catalog-list.png\" alt=\"Rancher list of Catalogs\" \/><\/p>\n<h3>Deploying Artifactory<\/h3>\n<p>We\u2019re ready to deploy Artifactory. From the <em>Global<\/em> view, select the Default project under the <em>jfrog-artifactory<\/em> cluster:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-default-project.png\" alt=\"Rancher default project\" \/><\/p>\n<p>Once you are inside of the Default project, select <em>Catalog Apps<\/em>, and then click on <em>Launch<\/em>. Rancher will show you the apps available for installation from the Application Catalogs. You\u2019ll notice that <em>artifactory-ha<\/em> shows up twice, once as a partner-provided chart within the default Library of apps that ship with Rancher, and again from the JFrog repository itself. We installed the Helm repository because we want to install the regular, non-HA Artifactory, which is just called <em>artifactory<\/em>. All catalog apps indicate which library they come from, so in a situation where a chart is present in multiple libraries, you can still choose which to install.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-select-app.png\" alt=\"Rancher select app from Catalog\" \/><\/p>\n<p>When you select <em>View Details<\/em>, you have the opportunity to change items about how the application is installed. By default this catalog item will deploy the licensed, commercial version of Artifactory, for which you need a license. If you have a license, then you can leave the default options as they are; however, because we want to install the OSS version, we\u2019re going to change the image that the chart installs.<\/p>\n<p>We do this under the <em>Configuration Options<\/em> pane, by selecting <em>Add Answer<\/em>. Set a variable name of artifactory.image.repository and a value of docker.bintray.io\/jfrog\/artifactory-oss.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/catalog-app-set-answer.png\" alt=\"Catalog app set Answer\" \/><\/p>\n<p>Now, when you click <em>Launch<\/em>, Rancher will deploy Artifactory into your cluster.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-deploying-artifactory.png\" alt=\"Rancher Deploying Artifactory\" \/><\/p>\n<p>When the install completes, the red line will change to green. After this happens, if you click on <em>artifactory<\/em>, it will present you with the resources that Rancher created for you. In this case, it created three workloads, three services, one volume and one secret in Kubernetes.<\/p>\n<p>If you select <em>Workloads<\/em>, you will see all of them running:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-artifactory-workloads.png\" alt=\"Rancher Artifactory workloads\" \/><\/p>\n<h3>Resolving a Pending Ingress<\/h3>\n<p>At the time of this article\u2019s publication, there is a bug that results in the Ingress being stuck in a <em>Pending<\/em> state. If you see this when you click on <em>Load Balancing<\/em>, continue reading for the solution.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-pending-loadbalancer.png\" alt=\"Rancher Pending LoadBalancer\" \/><\/p>\n<p>To resolve the pending Ingress, we need to create the Service to which the Ingress is sending traffic. Click <em>Import YAML<\/em> in the top right, and in the window that opens, paste the following information and then click <em>Import<\/em>.<\/p>\n<p>apiVersion: v1<br \/>\nkind: Service<br \/>\nmetadata:<br \/>\nlabels:<br \/>\napp: artifactory<br \/>\nchart: artifactory-7.4.2<br \/>\ncomponent: nginx<br \/>\nheritage: Tiller<br \/>\nio.cattle.field\/appId: artifactory<br \/>\nrelease: artifactory<br \/>\nname: artifactory-artifactory-nginx<br \/>\nnamespace: artifactory<br \/>\nspec:<br \/>\nexternalTrafficPolicy: Local<br \/>\nports:<br \/>\n&#8211; name: nginxhttp<br \/>\nport: 80<br \/>\nprotocol: TCP<br \/>\ntargetPort: 80<br \/>\n&#8211; name: artifactoryhttps<br \/>\nport: 443<br \/>\nprotocol: TCP<br \/>\ntargetPort: 443<br \/>\nselector:<br \/>\napp: artifactory<br \/>\ncomponent: nginx<br \/>\nrelease: artifactory<br \/>\nsessionAffinity: None<br \/>\ntype: LoadBalancer<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/rancher-import-yaml.png\" alt=\"Rancher import YAML\" \/><\/p>\n<h3>Accessing Artifactory<\/h3>\n<p>The <em>Workloads<\/em> pane will now show clickable links for ports 443\/tcp and 80\/tcp under the artifactory-artifactory-nginx workload:<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/workload-click-port.png\" alt=\"Workloads clickable ports\" \/><\/p>\n<p>When you select 443\/tcp, it will open the Artifactory UI in a new browser tab. Because it\u2019s using a self-signed certificate by default, your browser may give you a warning and ask you to accept the certificate before proceeding.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/welcome-to-jfrog-artifactory.png\" alt=\"Welcome to JFrog Artifactory\" \/><\/p>\n<h2><strong>Taking Artifactory for a Spin<\/strong><\/h2>\n<p>You now have a fully-functional binary artifact repository available for use. That was easy! Before you can start using it, it needs a tiny bit of configuration.<\/p>\n<p>First, set an admin password in the wizard. When it asks you about the proxy server, select <em>Skip<\/em> unless you\u2019ve deployed this in a place that needs proxy configuration. Create a generic repository, and select <em>Finish<\/em>.<\/p>\n<p>Now, let\u2019s do a quick walkthrough of some basic usage.<\/p>\n<p>First, we\u2019ll upload the helm chart that you used to create the Artifactory installation.<\/p>\n<p>Select <em>Artifacts<\/em> from the left-side menu. You will see the generic repository that you created above. Choose it, and then from the upper right corner, select <em>Deploy<\/em>. Upload <a href=\"https:\/\/charts.jfrog.io\/artifactory-7.4.2.tgz\">the Helm chart zipfile<\/a> (or any other file) to the repository.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/deploy-file-to-artifactory.png\" alt=\"Deploy file to Artifactory\" \/><\/p>\n<p>After the deploy finishes, you will see it in the tree under the repository.<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/rancher.com\/img\/blog\/2018\/artifactory-repository-browser.png\" alt=\"Artifactory Repository Browser\" \/><\/p>\n<p>Although this is a simple test of Artifactory, it demonstrates that it can already can be used in its full capacity.<\/p>\n<p>You\u2019re all set to use Artifactory for binary artifact storage and distribution and Rancher for easy management of the workloads, the cluster, and everything related to the deployment itself.<\/p>\n<h2><strong>Cleanup<\/strong><\/h2>\n<p>If you\u2019ve gone through this article as a demo, you can delete the Kubernetes cluster from the Global Cluster view within Rancher. This will remove it from GKE. After doing so, you can delete the Rancher Server instance directly from GCE.<\/p>\n<h2><strong>Closing<\/strong><\/h2>\n<p>JFrog Artifactory is extremely powerful. More organizations use it every day, and being able to deploy it quickly and securely into a Kubernetes cluster is useful knowledge.<\/p>\n<p>According to their own literature, Artifactory empowers you to \u201crelease fast or die.\u201d Similarly, Rancher allows you to deploy fast while keeping control of the resources and the security around them. You can build, deploy, tear down, secure, monitor, and interact with Kubernetes clusters <em>anywhere in the world<\/em>, all from a single, convenient, secure interface.<\/p>\n<p>It doesn\u2019t get much easier than that.<\/p>\n<p><a href=\"https:\/\/rancher.com\/blog\/2018\/2018-10-29-jfrog-artifactory-p1\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>JFrog Artifactory is a universal artifact repository that supports all major packaging formats, build tools and continuous integration (CI) servers. It holds all of your binary content in a single location and presents an interface that makes it easy to upload, find, and use binaries throughout the application development and delivery process. In this article &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw93\/index.php\/2019\/03\/08\/deploying-jfrog-artifactory-with-rancher-part-one\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Deploying JFrog Artifactory with Rancher, Part One&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1493","post","type-post","status-publish","format-standard","hentry","category-kubernetes"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1493","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/comments?post=1493"}],"version-history":[{"count":2,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1493\/revisions"}],"predecessor-version":[{"id":1546,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/posts\/1493\/revisions\/1546"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/media?parent=1493"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/categories?post=1493"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw93\/index.php\/wp-json\/wp\/v2\/tags?post=1493"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}