Friday, December 9, 2022

Installing Artifactory on Kubernetes using Helm

Run this (with appropriate modifications):

export MASTER_KEY=$(openssl rand -hex 32)

export JOIN_KEY=$(openssl rand -hex 32)

export VARIANT=-cpp-ce

helm upgrade --install artifactory${VARIANT} --set artifactory.masterKey=${MASTER_KEY} --set artifactory.joinKey=${JOIN_KEY} --namespace artifactory jfrog/artifactory${VARIANT} --create-namespace --set postgresql.persistence.size=500Gi

VARIANT can be empty for the pro version, or "-oss" or "-cpp-ce" for open source versions.

Remember to keep MASTER/JOIN key so you'd need to use them again if wanting to upgrade. Maybe store them in a kubernetes secret like this:

kubectl create secret generic my-masterkey-secret -n artifactory --from-literal=master-key=${MASTER_KEY}

kubectl create secret generic my-joinkey-secret -n artifactory --from-literal=join-key=${JOIN_KEY}

Posted by at 12:10 AM 0 comments

Thursday, October 27, 2022

Quick note on Cloudflare tunnel credentials

 When running a command like this:

    cloudflared tunnel run --token <base64-encoded-token>

the base64-encoded token is a json file with a, t, and s fields. This json file however cannot be used as a credentials file. If you decode it, put it in a file, and then put a line saying "credentials-file: /path/to/cred.json" and run `cloudflared tunnel run`, you'll get errors lie:

2022-10-23T22:26:56Z ERR Failed to serve quic connection error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.33

2022-10-23T22:26:56Z ERR Register tunnel error from server side error="Unauthorized: Failed to get tunnel" connIndex=0 ip=198.41.200.33

The cred.json file needs the same three values as the base64-token, but they should be named AccountTag, TunnelID, and TunnelSecret.
Posted by at 10:28 PM 0 comments
Subscribe to: Posts (Atom)