Jfrog Artifactory remote repository with certificates - artifactory

Server: Ubuntu 20.04
Jfrog Artifactory: 7.39.10
we have a lot off remote repos with certificate auths --> redhat.
Always if we automatically reboot the artifactory server the
remote repos have problems to connect to redhat.
But very curious if i go to the config menu from one remote
repo and do any little change (no matter what) and immediately
all remote repos can connect to redhat again.
Has anyone an idea how it can be done?

Related

Fresh installation of Artifactory OSS 7.12.6 doesn't start, missing jffe service

I have done everything according to manuals from https://jfrog.com/open-source/ :
My Ubuntu version is 20.04. Since there is no "focal" in https://releases.jfrog.io/artifactory/artifactory-debs/, I've added "bionic":
$ cat /etc/apt/sources.list.d/artifactory.list
deb https://releases.jfrog.io/artifactory/artifactory-debs bionic main
Then I've installed jfrog-artifactory-oss version 7.12.6 and tried launching the service.
It has launched, but browser, connected to ports :8081 or :8082 of localhost, shows that 3 services don't start:
So, what does it need?
I came here, because I had the very same problem on docker.
I finally figured out, that inside the docker the environment variables http_proxy, https_proxy, HTTP_PROXY and HTTPS_PROXY where all set to localhost:8080. This caused the problem for me.
So when I start the docker this way, everything works as expected:
docker run --name artifactory-cpp-ce -ehttp_proxy="" -e https_proxy="" -e HTTP_PROXY="" -e HTTPS_PROXY="" -v $JFROG_HOME/artifactory/var/:/var/opt/jfrog/artifactory -d -p 8081:8081 -p 8082:8082 releases-docker.jfrog.io/jfrog/artifactory-cpp-ce:latest
On my machine, I found that libvirtd was running. It wasn't libvirtd, itself, that prevented artifactory from coming up. It was the fact that the virbr0 interface was up. It doesn't seem to be a problem bringing this interface back up after artifactory comes up.
For us this was on a Windows OS which was running McAfee Services. McAfee services listens on port 8081, same as the default Artifactory. Changing McAfee listening port was not an option for us.
I copied the JFROG_HOME\artifactory\var\etc\system.full-template.yaml, changed the name to system.yaml and searched for 8081 and changed it ( uncommented) to a different port. Restarted the Artifactory Service.

Connection timeout while connecting to EC2 instance(SSH) after enabling nginx

Everything was working fine. I could connect to my EC2 instance through SSH. Then I wanted to install let-encrypt. I was following this tutorial to install https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04. During the process of installing lets-encrypt, I install nginx and while trying to enable nginx, I got a message that I might not be able to connect to my instance through SSH anymore. I ignored the message. Now when I try to connect to my instance though SSH, I get error
connection timed out

Creating docker repo in Artifactory with dedicated port, it says "SocketException: Permission denied"

I am running Artifactory Pro (5.3.1), and was trying to use the docker registry functionality.
I created a docker repository, and gave it a port 5001 in the "Registry Port" config.
However, there's nothing running on port 5001 ("telnet localhost 5001" refuses to connect), and the logs show this:
[http-nio-8081-exec-7] [ERROR] (o.a.s.s.SshAuthServiceImpl:210) - Failed to start SSH server
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method) ~[na:1.8.0_72-internal]
at sun.nio.ch.Net.bind(Net.java:433) ~[na:1.8.0_72-internal]
at sun.nio.ch.Net.bind(Net.java:425) ~[na:1.8.0_72-internal]
at sun.nio.ch.AsynchronousServerSocketChannelImpl.bind(AsynchronousServerSocketChannelImpl.java:162) ~[na:1.8.0_72-internal]
at org.apache.sshd.common.io.nio2.Nio2Acceptor.bind(Nio2Acceptor.java:66) ~[sshd-core-0.14.0.jar:0.14.0]
Any idea what could cause a "permission denied"? There's nothing running on that port (same error for any other port). It's on Ubuntu 14.04.
I had a misunderstanding how the docker registry worked with Artifactory.
The Artifactory service doesn't actually open the port assigned to the repo (5001 in this case), but the reverse proxy will listen on it and forward it (with the right X-forwarded-port) to the "normal" Artifactory service port (e.g. 8081).
After setting up the reverse proxy for it, it worked fine.

RDO packstack : losing IP connectivity during installation

I'm trying to install Openstack Mitaka via RDO packstack. I'm following this tutorial. It completely alligns with the official doc.
I'm making sure that I have internet connectivity and that my hostname is resolving (by putting it in the /etc/hosts file). When I install Openstack via packstack --allinone, I see the puppet scripts executing but after a while it hangs.
When I then try to ping my Centos machine it fails. I have no clue why this is as I verified the ping worked before I started the install. It must happen during the packstack installation process.
I have tried now 4 times, reinstalling Centos and Packstack and the behaviour is consistent. I'm running on Virtualbox and my network is in Bridge mode.
Any ideas?
I found out that packstack during installation changed my IP address. Not sure why or how, but it was different at some point in time. So the key is to set a static IP address in the /etc/sysconfig/network-scripts/ifcfg-enp0s3 file and also ensure your hostname resolves (by setting it in the /etc/hosts file)

connecting openldap with phpldapadmin

I have 3 servers meant for openldap, phpldapadmin and client access. i have done phpldapadmin installation and i can access it through server 3 in browser http://example.local/ldapadmin
and in server 1 (openldap) i have open ldap protocol, port 389/tcp and install ldap:
yum install -y openldap openldap-clients openldap-servers
chkconfig slapd on
systemctl enable slapd
systemctl start slapd
but when i try to login it said:
can't contact ldap server (-1) for user
anyone knows how to configure openldap so it can use/manage by phpldapadmin remotely?
what configuration missing?
environment: centos 7
Thank you,
AnD
In order for this to work you have to make some modifications, after you have installed openldap and phplapadmin.
Luckily, you have centos 7 !! Just go follow these links
For Openldap, you must configure your ldap, follow this link
For phpldapadmin, follow this link
First check if openldap is accessible from the machine where phpldapadmin is installed using below command
telnet <ip-of-openldap-machine> 389
If you find port opened check below configuration settings from phpldapadmin config file. You will find config file under /etc/phpldapadmin/config.php
$servers->setValue('server','host','127.0.0.1');
$servers->setValue('server','base',array('dc=example,dc=com'));
$servers->setValue('login','bind_id','cn=admin,dc=example,dc=com');
This should do the work incase of vanilla installation of openldap server.
In /etc/phpldapadmin you will find a config.php file. In this file you specify the servers with the $server variable like this:
$servers->setValue('server','host','name_or_ip_of_your_server');
If the directory is missing you have not installed phpldapadmin correctly, to do that run:
sudo apt-get install phpldapadmin
or
sudo yum install phpldapadmin

Resources