JFrog-Cloud-Installers
JFrog-Cloud-Installers copied to clipboard
jfrog
Fails to listen on port 8082, collection documentation very outdated
Which installer: ansible installer
Which product and version (eg: ansible & collection version - 7.24.2): jfrog.platform 10.9.1
Which operating system and version(eg: ubuntu & version - 20.4): Debian 11.5
What happened:
fatal: [artifactory-1]: FAILED! => {"attempts": 25, "changed": false, "elapsed": 0, "msg": "Status code was -1 and not [200]: Request failed: <urlopen error [Errno 111] Connection refused>", "redirected": false, "status": -1, "url": "http://127.0.0.1:8082/router/api/v1/system/health"}
What you expected to happen: That the server should start listening on port 8082
router:
entrypoints:
internalPort: 8046
externalPort: 8082
How to reproduce it (as minimally and precisely as possible): Install a clean debian 11.5, install gnupg
Inventory file
[postgres_servers] postgres-1 ansible_host=172.16.135.192 postgres_enabled=true
[artifactory_servers] artifactory-1 ansible_host=172.16.135.192 artifactory_enabled=true
[xray_servers] xray-1 ansible_host=172.16.135.192 xray_enabled=false
[distribution_servers] distribution-1 ansible_host=172.16.135.192 distribution_enabled=false
[insight_servers] insight-1 ansible_host=172.16.135.192 insight_enabled=flase
Playbook
-
hosts: postgres_servers collections:
- jfrog.platform vars: curr_user: enabled: false username: artifactory password: secret curr_db: enabled: false roles:
- role: postgres when: postgres_enabled | bool
-
hosts: artifactory_servers collections:
- jfrog.platform
vars:
artifactory_extra_java_opts:
artifactory_systemyaml: |-
configVersion: 1
shared:
security:
joinKey: "{{ join_key }}"
extraJavaOpts: -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC
node:
id: {{ ansible_hostname }}
ip: {{ ansible_host }}
taskAffinity: {{ artifactory_taskaffinity }}
haEnabled: {{ artifactory_ha_enabled }}
database:
type: "postgresql"
driver: "org.postgresql.Driver"
url: "localhost:5432/artifactory"
username: "artifactory"
password: "password"
router:
entrypoints:
internalPort: 8046
externalPort: 8082
serial:
- 1
- 100% roles:
- role: artifactory when: artifactory_enabled | bool
- jfrog.platform
vars:
artifactory_extra_java_opts:
artifactory_systemyaml: |-
configVersion: 1
shared:
security:
joinKey: "{{ join_key }}"
extraJavaOpts: -server -Xms512m -Xmx2g -Xss256k -XX:+UseG1GC
node:
id: {{ ansible_hostname }}
ip: {{ ansible_host }}
taskAffinity: {{ artifactory_taskaffinity }}
haEnabled: {{ artifactory_ha_enabled }}
database:
type: "postgresql"
driver: "org.postgresql.Driver"
url: "localhost:5432/artifactory"
username: "artifactory"
password: "password"
router:
entrypoints:
internalPort: 8046
externalPort: 8082
serial:
-
hosts: xray_servers collections:
- jfrog.platform roles:
- role: xray when: xray_enabled | bool
-
hosts: distribution_servers collections:
- jfrog.platform roles:
- role: distribution when: distribution_enabled | bool
-
hosts: insight_servers collections:
- jfrog.platform roles:
- role: insight when: insight_enabled | bool
Anything else we need to know: ansible-playbook -i inventory/artifactory playbooks/artifactory.yml --become --user loginuserwithsudo --extra-vars "master_key=${MASTER_KEY_VALUE} join_key=${JOIN_KEY_VALUE}"
I've also run into this. Where is this 8082 is defined for artifactory to use? I cannot find it. Based on nginx config tempalte, maybe artifactory is listening on 8082 if in HA? But then why we always check the status in 8082 if that is jsut for HA deployments? In my system, I can reach artifactory on 8081 just fine
@klucsik See https://jfrog.com/knowledge-base/how-to-change-artifactorys-service-port/
Artifactory uses port 8081 by default. In version 6.x this port is also used to access the web UI. In version 7.x the web UI is accessible via port 8082 and Artifactory’s service is still using port 8081.
Although that's not exactly consistent with...
https://www.jfrog.com/confluence/display/JFROG/System+Requirements#SystemRequirements-MinimumSystemandApplicationRequirements
... which says it's a port allocated internally to the Router component. Perhaps that one's a loopback connection.
@opentokix : JFrog is not yet supporting ansible collection on Debian 11. You can see the OS requirement here. Can you confirm whether you are facing the same issue with any of the supporting OS as well.
@klucsik : 8082 is the port that is being used by one of the microservice (router) in jfrog platform by default. All the inter-communication, as well as UI requests, are servered through the router from version 7x. Further on 7x version, artifactory is also an internal microservice that serves in port 8081
@klucsik : 8082 is the port that is being used by one of the microservice (router) in jfrog platform by default. All the inter-communication, as well as UI requests, are servered through the router from version 7x. Further on 7x version, artifactory is also an internal microservice that serves in port 8081
Thank you, I found out these in a later point of installation. I missed the part of the docs where this microservices architecture is explained. I had a problem with database connection string(I had a typo in it), and I had no clue about it until I shelled in to the node and searched through the logs (the systemctl status was also green, I assumed artifactory working fine from that) I'm thinking on a way to have more sophisticated validation at the end of the install role... or at least a message on fail, that hey check the logs for the services, you'll find the problem there.
@opentokix : JFrog is not yet supporting ansible collection on Debian 11. You can see the OS requirement here. Can you confirm whether you are facing the same issue with any of the supporting OS as well.
@klucsik : 8082 is the port that is being used by one of the microservice (router) in jfrog platform by default. All the inter-communication, as well as UI requests, are servered through the router from version 7x. Further on 7x version, artifactory is also an internal microservice that serves in port 8081
How to debug this issue on a supported OS where port 8082 is not listening? The steps to reproduce are clear, the analysis by JFrog is missing...
I've also run into this. Where is this 8082 is defined for artifactory to use? I cannot find it. Based on nginx config tempalte, maybe artifactory is listening on 8082 if in HA? But then why we always check the status in 8082 if that is jsut for HA deployments? In my system, I can reach artifactory on 8081 just fine
It seems to be missing from this declaration in defaults/main.yml, i.e. artifactory_systemyaml has no external port 8082
The culprit however seems to be that this bug only appears in situations where Artifactory is hosted with dual-homed network, or a cloud setup with public IP. In that case {{ ansible_host }} could be configured to an IP address which is not involved in, i.e. is not reachable for the jfrog router. When using 127.0.0.1 as shared.node.ip my setup (with nginx-ssl as a reverse proxy) did work!
https://github.com/jfrog/JFrog-Cloud-Installers/blob/ebbf19a6166fbbe059db1d701b1dddd83f3d82f3/Ansible/ansible_collections/jfrog/platform/roles/artifactory/defaults/main.yml#L87
So, there seems to be a workaround: if you define these in your project vars:
# Note: artifactory_systemyaml_override is by default false, if you want to fix #245
artifactory_systemyaml_override: true
artifactory_systemyaml: |-
configVersion: 1
shared:
security:
joinKey: "{{ join_key }}"
extraJavaOpts: "{{ artifactory_extra_java_opts }}"
node:
id: {{ ansible_hostname }}
ip: 127.0.0.1
taskAffinity: {{ artifactory_taskaffinity }}
haEnabled: {{ artifactory_ha_enabled }}
database:
type: "{{ artifactory_db_type }}"
driver: "{{ artifactory_db_driver }}"
url: "{{ artifactory_db_url }}"
username: "{{ artifactory_db_user }}"
password: "{{ artifactory_db_password }}"
mc:
enabled: {{ artifactory_mc_enabled }}
router:
entrypoints:
internalPort: 8046
externalPort: 8082
@opentokix via #295 platform collection 10.13.0 supports debian 11 , pls try and share feedback
