search

jfrog / charts

JFrog official Helm Charts
https://jfrog.com/integration/helm-repository/
Apache License 2.0
259 stars 448 forks source link

Can you tell me to access through s3, then where should I fill in my ak and sk #1868

Closed xujy1991 closed 3 months ago

xujy1991 commented 8 months ago

I don't see where to fill in ak and sk. Don't you need to fill in accesskey and secretkey of object storage to access s3? awsS3V3: testConnection: true identity: credential: region: zj bucketName: path: artifactory/filestore endpoint: port: useHttp: maxConnections: 50 connectionTimeout: socketTimeout: kmsServerSideEncryptionKeyId: kmsKeyRegion: kmsCryptoMode: useInstanceCredentials: true usePresigning: false signatureExpirySeconds: 300 signedUrlExpirySeconds: 30 cloudFrontDomainName: cloudFrontKeyPairId: cloudFrontPrivateKey: enableSignedUrlRedirect: false

gitta-jfrog commented 8 months ago

Hi @xujy1991

The recommended way is to use the IAM role with ServiceAccount. You can find more details about this configuration here.

If you would like to use the AccessKey and SecretKey you can do it by configuring:

awsS3V3:
  identity: AccessKey
  credential: SecretKey
xujy1991 commented 8 months ago

Hi @xujy1991

The recommended way is to use the IAM role with ServiceAccount. You can find more details about this configuration here.

If you would like to use the AccessKey and SecretKey you can do it by configuring:

awsS3V3:
  identity: AccessKey
  credential: SecretKey

Thank you. So for the type s3-storage-v3-direct, is it configured in binarystore.xml? The exception is that binarystore.xml needs to be modified in pod after the service is deployed?

gitta-jfrog commented 8 months ago

The binarystore.xml will be generated according to the values.yaml configuration - No need to update the binarystore.xml in the pod level. see example:

artifactory:
  persistence:
    type: s3-storage-v3-direct
    awsS3V3:
      testConnection: false
      identity:
      credential:
      region:
      bucketName: artifactory-aws
      path: artifactory/filestore
      endpoint:
xujy1991 commented 8 months ago

The binarystore.xml will be generated according to the values.yaml configuration - No need to update the binarystore.xml in the pod level. see example:

artifactory:
  persistence:
    type: s3-storage-v3-direct
    awsS3V3:
      testConnection: false
      identity:
      credential:
      region:
      bucketName: artifactory-aws
      path: artifactory/filestore
      endpoint:

Thank you for your patient answer,I followed the following command to execute the deployment, However, the artifactory service keeps reporting errors as shown in the figure during startup,I only modified persistence.type to s3,No modifications were made to other values.yaml,What is the reason for this?

artifactory-oss:7.77.7

Deployment command:helm install artifactory-oss ./artifactory-oss

values.yaml:

persistence: mountPath: "/var/opt/jfrog/artifactory" enabled: true

A manually managed Persistent Volume and Claim

## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:

accessMode: ReadWriteOnce
## Storage default size. Should be increased for production deployments.
size: 20Gi
## Use a custom Secret to be mounted as your binarystore.xml
## NOTE: This will ignore all settings below that make up binarystore.xml
customBinarystoreXmlSecret:
## Redundancy required For HA deployments, with "cluster" persistence storage type
redundancy: 3
lenientLimit: 1
## Cache default size. Should be increased for production deployments.
maxCacheSize: 5000000000
cacheProviderDir: cache
## Set the persistence storage type. This will apply the matching binarystore.xml to Artifactory config
## Supported types are:
## file-system (default)
## cluster-file-system
## nfs
## google-storage
## google-storage-v2
## google-storage-v2-direct
## cluster-google-storage-v2
## aws-s3-v3
## s3-storage-v3-direct
## cluster-s3-storage-v3
## s3-storage-v3-archive
## azure-blob
## azure-blob-storage-direct
## cluster-azure-blob-storage
type: aws-s3-v3
awsS3V3:
  testConnection: false
  identity: xxxx
  credential: xxxxx
  region: 
  bucketName: artifactory-aws
  path: artifactory/filestore
  endpoint: xxxxx
  port:
  useHttp:
  maxConnections: 50
  connectionTimeout:
  socketTimeout:
  kmsServerSideEncryptionKeyId:
  kmsKeyRegion:
  kmsCryptoMode:
  useInstanceCredentials: true
  usePresigning: false
  signatureExpirySeconds: 300
  signedUrlExpirySeconds: 30
  cloudFrontDomainName:
  cloudFrontKeyPairId:
  cloudFrontPrivateKey:
  enableSignedUrlRedirect: false
  enablePathStyleAccess: false
  multiPartLimit:

微信截图_20240327210135

微信截图_20240327210211

So I'm wondering, does the oss version not support S3 storage? Or is there something wrong with my configuration?

@gitta-jfrog @sponte @gliptak @pniederlag

gitta-jfrog commented 3 months ago

Hi @xujy1991 Sorry we didn't response before.

Indeed, the S3 bucket is not supported for OSS . See https://jfrog.com/help/r/jfrog-installation-setup-documentation/aws-s3-object-storage

image

Thanks Yarden.