Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Can you tell me to access through s3, then where should I fill in my ak and sk #1868

Closed
xujy1991 opened this issue Mar 22, 2024 · 5 comments
Closed

Can you tell me to access through s3, then where should I fill in my ak and sk #1868

xujy1991 opened this issue Mar 22, 2024 · 5 comments
Labels
question Further information is requested

Comments

@xujy1991
Copy link

xujy1991 commented Mar 22, 2024
edited
Loading

I don't see where to fill in ak and sk. Don't you need to fill in accesskey and secretkey of object storage to access s3?
awsS3V3:
testConnection: true
identity:
credential:
region: zj
bucketName:
path: artifactory/filestore
endpoint:
port:
useHttp:
maxConnections: 50
connectionTimeout:
socketTimeout:
kmsServerSideEncryptionKeyId:
kmsKeyRegion:
kmsCryptoMode:
useInstanceCredentials: true
usePresigning: false
signatureExpirySeconds: 300
signedUrlExpirySeconds: 30
cloudFrontDomainName:
cloudFrontKeyPairId:
cloudFrontPrivateKey:
enableSignedUrlRedirect: false
@gitta-jfrog
Copy link
Collaborator

Hi @xujy1991

The recommended way is to use the IAM role with ServiceAccount. You can find more details about this configuration here.

If you would like to use the AccessKey and SecretKey you can do it by configuring:

awsS3V3:
  identity: AccessKey
  credential: SecretKey

@gitta-jfrog gitta-jfrog added the question Further information is requested label Mar 24, 2024
@xujy1991
Copy link
Author

Hi @xujy1991

The recommended way is to use the IAM role with ServiceAccount. You can find more details about this configuration here.

If you would like to use the AccessKey and SecretKey you can do it by configuring:

awsS3V3:
  identity: AccessKey
  credential: SecretKey

Thank you. So for the type s3-storage-v3-direct, is it configured in binarystore.xml? The exception is that binarystore.xml needs to be modified in pod after the service is deployed?

@gitta-jfrog
Copy link
Collaborator

The binarystore.xml will be generated according to the values.yaml configuration - No need to update the binarystore.xml in the pod level.
see example:

artifactory:
  persistence:
    type: s3-storage-v3-direct
    awsS3V3:
      testConnection: false
      identity:
      credential:
      region:
      bucketName: artifactory-aws
      path: artifactory/filestore
      endpoint:

@xujy1991
Copy link
Author

xujy1991 commented Mar 25, 2024
edited
Loading

The binarystore.xml will be generated according to the values.yaml configuration - No need to update the binarystore.xml in the pod level. see example:

artifactory:
  persistence:
    type: s3-storage-v3-direct
    awsS3V3:
      testConnection: false
      identity:
      credential:
      region:
      bucketName: artifactory-aws
      path: artifactory/filestore
      endpoint:

Thank you for your patient answer,I followed the following command to execute the deployment, However, the artifactory service keeps reporting errors as shown in the figure during startup,I only modified persistence.type to s3,No modifications were made to other values.yaml,What is the reason for this?

artifactory-oss:7.77.7

Deployment command:helm install artifactory-oss ./artifactory-oss

values.yaml:

persistence:
mountPath: "/var/opt/jfrog/artifactory"
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:

accessMode: ReadWriteOnce
## Storage default size. Should be increased for production deployments.
size: 20Gi
## Use a custom Secret to be mounted as your binarystore.xml
## NOTE: This will ignore all settings below that make up binarystore.xml
customBinarystoreXmlSecret:
## Redundancy required For HA deployments, with "cluster" persistence storage type
redundancy: 3
lenientLimit: 1
## Cache default size. Should be increased for production deployments.
maxCacheSize: 5000000000
cacheProviderDir: cache
## Set the persistence storage type. This will apply the matching binarystore.xml to Artifactory config
## Supported types are:
## file-system (default)
## cluster-file-system
## nfs
## google-storage
## google-storage-v2
## google-storage-v2-direct
## cluster-google-storage-v2
## aws-s3-v3
## s3-storage-v3-direct
## cluster-s3-storage-v3
## s3-storage-v3-archive
## azure-blob
## azure-blob-storage-direct
## cluster-azure-blob-storage
type: aws-s3-v3
awsS3V3:
  testConnection: false
  identity: xxxx
  credential: xxxxx
  region: 
  bucketName: artifactory-aws
  path: artifactory/filestore
  endpoint: xxxxx
  port:
  useHttp:
  maxConnections: 50
  connectionTimeout:
  socketTimeout:
  kmsServerSideEncryptionKeyId:
  kmsKeyRegion:
  kmsCryptoMode:
  useInstanceCredentials: true
  usePresigning: false
  signatureExpirySeconds: 300
  signedUrlExpirySeconds: 30
  cloudFrontDomainName:
  cloudFrontKeyPairId:
  cloudFrontPrivateKey:
  enableSignedUrlRedirect: false
  enablePathStyleAccess: false
  multiPartLimit:

微信截图_20240327210135

微信截图_20240327210211

So I'm wondering, does the oss version not support S3 storage? Or is there something wrong with my configuration?

@gitta-jfrog @sponte @gliptak @pniederlag

@gitta-jfrog
Copy link
Collaborator

Hi @xujy1991
Sorry we didn't response before.

Indeed, the S3 bucket is not supported for OSS .
See https://jfrog.com/help/r/jfrog-installation-setup-documentation/aws-s3-object-storage

image

Thanks
Yarden.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@xujy1991 @gitta-jfrog