Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JoinKey not being found and Artifactory not starting when using value from secret. Present in bootstrap dir but not copied. #1918

Closed
shettypriy opened this issue Sep 10, 2024 · 8 comments
Closed

JoinKey not being found and Artifactory not starting when using value from secret. Present in bootstrap dir but not copied. #1918

shettypriy opened this issue Sep 10, 2024 · 8 comments

Comments

@shettypriy
Copy link

Is this a request for help?: yes

Version of Helm and Kubernetes:
argocd version | grep -i helm
Helm Version: v3.6.0+g7f2df64

EKS kubernetes version 1.29

Which chart:
artifactory-oss

Which product license (Enterprise/Pro/oss): oss

What happened:
Artifactory will not start. Logs are full of stack traces relating to the join key:
2024-09-10T16:48:58.990Z [jfrou] [INFO ] [5dde291e9e618397] [security_keys.go:185 ] [main ] [] - Cluster join: Join key is missing. Pending for 5 seconds with 5m0s timeout
What you expected to happen:
I expected the artifactory pod to run completely

How to reproduce it (as minimally and precisely as possible):

Anything else we need to know:

I have created kubernetes secrets for both masterkey and joinkey and mentioned the secretname in values.yaml file. Below is my helm values file

# Default values for artifactory-oss.
# This is a YAML-formatted file.

# Beware when changing values here. You should know what you are doing!
# Access the values with {{ .Values.key.subkey }}

# This chart is based on the main artifactory chart with some customizations.
# See all supported configuration keys in https://github.com/jfrog/charts/tree/master/stable/artifactory

## All values are under the 'artifactory' sub chart.
artifactory:
  ## Artifactory
  ## See full list of supported Artifactory options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
  artifactory:
    ## Default tag is from the artifactory sub-chart in the requirements.yaml
    image:
      registry: releases-docker.jfrog.io
      repository: jfrog/artifactory-oss
      # tag:
    ## Uncomment the following resources definitions or pass them from command line
    ## to control the cpu and memory resources allocated by the Kubernetes cluster
    resources:
      requests:
       memory: "1Gi"
       cpu: "500m"
      limits:
       memory: "4Gi"
       cpu: "2" 
    javaOpts:
     xms: "1g"
     xmx: "3g" 
    ## The following Java options are passed to the java process running Artifactory.
    ## You should set them according to the resources set above.
    ## IMPORTANT: Make sure resources.limits.memory is at least 1G more than Xmx.
    javaOpts: {}
    # xms: "1g"
    # xmx: "3g"
    # other: ""
  installer:
    platform: art-oss-helm
  installerInfo: '{"productId":"Helm_artifactory-oss/{{ .Chart.Version }}","features":[{"featureId":"Platform/{{ printf "%s-%s" "kubernetes" .Capabilities.KubeVersion.Version }}"},{"featureId":"Database/{{ .Values.database.type }}"},{"featureId":"PostgreSQL_Enabled/{{ .Values.postgresql.enabled }}"},{"featureId":"Nginx_Enabled/{{ .Values.nginx.enabled }}"},{"featureId":"ArtifactoryPersistence_Type/{{ .Values.artifactory.persistence.type }}"},{"featureId":"SplitServicesToContainers_Enabled/{{ .Values.splitServicesToContainers }}"},{"featureId":"UnifiedSecretInstallation_Enabled/{{ .Values.artifactory.unifiedSecretInstallation }}"},{"featureId":"Filebeat_Enabled/{{ .Values.filebeat.enabled }}"},{"featureId":"ReplicaCount/{{ .Values.artifactory.replicaCount }}"}]}'
  ## Nginx
  ## See full list of supported Nginx options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
  nginx:
    enabled: false
    tlsSecretName: ""
    service:
      type: LoadBalancer
  ## Ingress
  ## See full list of supported Ingress options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
  ingress:
    enabled: false
    tls:
  ## PostgreSQL
  ## See list of supported postgresql options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
  ## Configuration values for the PostgreSQL dependency sub-chart
  ## ref: https://github.com/bitnami/charts/blob/master/bitnami/postgresql/README.md
  postgresql:
    enabled: false
  ## This key is required for upgrades to protect old PostgreSQL chart's breaking changes.
  databaseUpgradeReady: "yes"
  ## If NOT using the PostgreSQL in this chart (artifactory.postgresql.enabled=false),
  ## specify custom database details here or leave empty and Artifactory will use embedded derby.
  ## See full list of database options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
  # database:
  jfconnect:
    enabled: false
  federation:
    enabled: false 
  extraSystemYaml: 
    shared:
      security:
        masterKeyExternal: true    
masterKeySecretName: artifactory-oss-masterkey-kube-secret  
joinKeySecretName: artifactory-oss-joinkey-kube-secret
## Enable the PostgreSQL sub chart
postgresql:
  enabled: false
router:
  image:
    tag: 7.118.0
initContainers:
  image:
    tag: 9.4.949.1716471857
@artm
Copy link

artm commented Sep 11, 2024

same as #1917

@shettypriy
Copy link
Author

shettypriy commented Sep 11, 2024
edited
Loading

@artm I installed artifactory-oss from scratch. It is a fresh installation

@reespozzi
Copy link

@shettypriy we also installed from scratch, maybe something in #1917 can unblock you - especially about looking for errors elsewhere

@shettypriy
Copy link
Author

shettypriy commented Sep 11, 2024
edited
Loading

@reespozzi I am trying to create security.import.xml and artifactory.config.import.xml as mentioned #1917 . But I want to what should be the contents in this file. But I do not see any other error apart from join key is missing

@shettypriy
Copy link
Author

can someone help me with the contents of security.import.xml and artifactory.config.import.xml?

@reespozzi
Copy link

@shettypriy you can ignore those. Removed from my original comment, not directly related

@shettypriy
Copy link
Author

shettypriy commented Sep 12, 2024
edited
Loading

@reespozzi artifactory-server and access-server log had below error

DB Type derby is not allowed: Cannot start the application with a database other than PostgreSQL. For more information, see JFrog documentation.

After adding below configurations in values.yaml file and correcting the indentation, it worked

artifactory:
  ## Artifactory
  ## See full list of supported Artifactory options and documentation in artifactory chart: https://github.com/jfrog/charts/tree/master/stable/artifactory
   artifactory:
      database:
          allowNonPostgresql: true
      systemYaml: |
        shared:
          database:
             allowNonPostgresql: true

@gitta-jfrog
Copy link
Collaborator

Hi All,

Please Note: JFrog does not support to run Artifactory on Kubernetes with Derby database.

When running Artifactory with JFrog Helm Chart - You must use the embedded PostgreSQL database (Or external database like Oracle, MSSQL, etc)

I will suggest to enable PostgreSQL and reinstalled the chart.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@artm @shettypriy @reespozzi @gitta-jfrog