An Introduction to Artifactory
If you are not familiar with Artifactory by JFrog, then you are definitely missing out. Recently, I had a project where the client had standardized on using Artifactory to maintain all of their binaries, packages, and files. In the case of that project, all the servers were behind a firewall with no direct access to the internet by default. This design includes much of their on-premises systems as well as their AWS infrastructure. The configuration actually made some of our Chef work a little difficult as we had to put every possible download into Artifactory. I did learn some cool things about the product though.
This article is an introduction to the software and not a comprehensive guide to all the benefits or limitations. I am also looking at this from the perspective of how we leveraged this software in our Chef project.
This isn’t your run-of-the-mill web server for sharing packages:
First things first, I started host all of my packages in AWS S3 and just leveraging a VPC endpoint to allow access. I decided to deploy Artifactory so that I could more closely resemble the client environment but also as an opportunity to learn about the product. There were a couple of cool things that I realized early. Specifically, there are a few different ways to share out your packages.
- Local repositories – As the name suggests, these are repositories that live locally on the disk of the Artifactory server and allow you create a very easy to manage hierarchical pattern for naming the packages, binaries, or files.
- Remote repositories – This is actually quite cool. The point of a remote repository is to redirect calls for things like RubyGems, Dockerhub, or VagrantUp calls back through a single url. Once the item is found, it is cached locally on disk and speeds up access to these remote services. In our case, it also helps when the servers have no external network access from your servers and they can’t reach the internet.
- Virtual repositories – Do you have your own Docker images that you need to share from your Local repository but also want to grant access to Dockerhub? The virtual repositories allow you to merge into a single URL multiple repositories to create a single name. We are using this because Chef requires the installation of some Gem on the servers and we have everything in an isolated network.
Dynamic content structure and access controls:
If you have ever managed a web server to be used as a method of sharing files across multiple users or solutions, then you probably did one of two things. Open all access to every one by granting read permissions or you built elaborate file access permissions, API tokens, etc. Artifactory allowed us to create the folder structure in a way that made sense for how we wanted to layout the data. From there, I could modify the groups that can access the repository and give more control over the updating of packages. Versioning is built into the solution but I can just as easily move an item from the current or stable path into an archive path as I update copies. Since Artifactory is API driven and has some great integrations and plugins, we can ultimately manage this as just an extension of our pipeline.
Next time, we will look at how to get started quickly using Artifactory and how I recently deployed the solution for our development. I am still learning the software but have been very impressed at how easy it has been to integrate into our development process.