zware/JFrog-Cloud-Installers
1
0
Fork 0
mirror of https://github.com/ZwareBear/JFrog-Cloud-Installers.git synced 2026-01-21 14:06:57 -06:00
Code Issues Packages Projects Releases Wiki Activity
Files
e282e2ec6a94a4cedd06c0cefaebb4c2bb6cf134
JFrog-Cloud-Installers/Amazon/artifactory7/v7175/templates/jfrog-artifactory-ec2-master.template.yaml
Vinay Aggarwal 8114889457 fixed release 7.17.5 and also removed submodules folder
2021-04-09 16:36:13 -07:00

613 lines
22 KiB
YAML
Raw Blame History

AWSTemplateFormatVersion: '2010-09-09'
Description: 'JFrog Artifactory Quick Start Deployment (qs-1qpmmjh2f)'
Metadata:
QuickStartDocumentation:
EntrypointName: "Launch into a new VPC"
AWS::CloudFormation::Interface:
ParameterGroups:
- Label:
default: Security configuration
Parameters:
- KeyPairName
- AccessCidr
- RemoteAccessCidr
- Label:
default: Network configuration
Parameters:
- AvailabilityZones
- VpcCidr
- PrivateSubnet1Cidr
- PrivateSubnet2Cidr
- PublicSubnet1Cidr
- PublicSubnet2Cidr
- Label:
default: Bastion configuration
Parameters:
- ProvisionBastionHost
- BastionInstanceType
- BastionOs
- BastionRootVolumeSize
- BastionEnableTcpForwarding
- NumBastionHosts
- BastionEnableX11Forwarding
- Label:
default: Amazon EC2 configuration
Parameters:
- VolumeSize
- InstanceType
- Label:
default: JFrog Artifactory configuration
Parameters:
- ArtifactoryProduct
- ArtifactoryVersion
- NumberOfSecondary
- SmLicenseName
- SmCertName
- ArtifactoryServerName
- MasterKey
- ExtraJavaOptions
- DefaultJavaMemSettings
- Label:
default: Amazon RDS configuration
Parameters:
- DatabaseName
- DatabaseEngine
- DatabaseUser
- DatabasePassword
- DatabaseInstance
- DatabaseAllocatedStorage
- DatabasePreferredAz
- MultiAzDatabase
- Label:
default: AWS Quick Start configuration
Parameters:
- QsS3BucketName
- QsS3KeyPrefix
- QsS3BucketRegion
- Label:
default: JFrog Xray Configuration
Parameters:
- InstallXray
- XrayVersion
- XrayNumberOfInstances
- XrayInstanceType
- XrayDatabaseUser
- XrayDatabasePassword
ParameterLabels:
AvailabilityZones:
default: Availability Zones
KeyPairName:
default: SSH key name
PrivateSubnet1Cidr:
default: Private subnet 1 CIDR
PrivateSubnet2Cidr:
default: Private subnet 2 CIDR
PublicSubnet1Cidr:
default: Public subnet 1 CIDR
PublicSubnet2Cidr:
default: Public subnet 2 CIDR
AccessCidr:
default: Permitted IP range
RemoteAccessCidr:
default: Remote access CIDR
VpcCidr:
default: VPC CIDR
ProvisionBastionHost:
default: Bastion instance
BastionInstanceType:
default: Bastion instance type
BastionRootVolumeSize:
default: Bastion root volume size
BastionEnableTcpForwarding:
default: Bastion enable TCP forwarding
BastionEnableX11Forwarding:
default: Bastion enable X11 forwarding
BastionOs:
default: Bastion operating system
NumBastionHosts:
default: Number of bastion instances
VolumeSize:
default: EBS root volume size
InstanceType:
default: EC2 instance type
NumberOfSecondary:
default: Secondary instances
ArtifactoryProduct:
default: Artifactory product to install
ArtifactoryVersion:
default: Artifactory version
SmLicenseName:
default: Artifactory licenses secret name
SmCertName:
default: Artifactory certificate secret name
ArtifactoryServerName:
default: Artifactory server name
MasterKey:
default: Master server key
ExtraJavaOptions:
default: Extra Java options
DefaultJavaMemSettings:
default: Default Java memory settings
DatabaseName:
default: Database name
DatabaseEngine:
default: Database engine
DatabaseUser:
default: Database user
DatabasePassword:
default: Database password
DatabaseInstance:
default: Database instance type
DatabaseAllocatedStorage:
default: Database allocated storage
DatabasePreferredAz:
default: Database preferred Availability Zone
MultiAzDatabase:
default: High-availability database
QsS3BucketName:
default: Quick Start S3 bucket name
QsS3KeyPrefix:
default: Quick Start S3 key prefix
QsS3BucketRegion:
default: Quick Start S3 bucket region
InstallXray:
default: Install JFrog Xray
XrayVersion:
default: Version of Xray to install
XrayNumberOfInstances:
default: Number of JFrog XrayNumberOfInstances
XrayInstanceType:
default: Xray instance type
XrayDatabaseUser:
default: Xray Database user
XrayDatabasePassword:
default: Xray Database password
Parameters:
VpcCidr:
Description: CIDR block for the VPC.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/16
Type: String
AvailabilityZones:
Description: List of Availability Zones to use for the subnets in the VPC. Two
Availability Zones are used for this deployment.
Type: List<AWS::EC2::AvailabilityZone::Name>
KeyPairName:
Description: Name of an existing key pair,
which allows you to connect securely to your instance after it launches.
This is the key pair you created in your preferred Region.
Type: AWS::EC2::KeyPair::KeyName
PrivateSubnet1Cidr:
Description: CIDR block for private subnet 1 located in Availability Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.0.0/19
Type: String
PrivateSubnet2Cidr:
Description: CIDR block for private subnet 2 located in Availability Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.32.0/19
Type: String
PublicSubnet1Cidr:
Description: CIDR block for the public (DMZ) subnet 1 located in Availability
Zone 1.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.128.0/20
Type: String
PublicSubnet2Cidr:
Description: CIDR block for the public (DMZ) subnet 2 located in Availability
Zone 2.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/(1[6-9]|2[0-8]))$
ConstraintDescription: CIDR block parameter must be in the form x.x.x.x/16-28
Default: 10.0.144.0/20
Type: String
AccessCidr:
Description: CIDR IP range permitted to access Artifactory.
It is recommended that you set this value to a trusted IP range.
For example, you may want to limit software access to your corporate network.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
RemoteAccessCidr:
Description: Remote CIDR range that allows you to connect to the bastion instance by using SSH.
It is recommended that you set this value to a trusted IP range.
For example, you may want to grant specific ranges from within your corporate network that use the SSH protocol.
AllowedPattern: ^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$
Type: String
ProvisionBastionHost:
Description: To skip creating a bastion instance, choose Disabled. Because Artifactory nodes are
created in private subnets, it's highly recommended to set this value to Enabled.
AllowedValues:
- "Enabled"
- "Disabled"
Default: "Enabled"
Type: String
BastionInstanceType:
Description: Size of the bastion instances.
AllowedValues:
- t3.nano
- t3.micro
- t3.small
- t3.medium
- t3.large
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
Default: "t3.micro"
Type: String
BastionRootVolumeSize:
Description: Size of the root volume in the bastion instances.
Default: 10
Type: Number
BastionEnableTcpForwarding:
Description: Choose whether to enable TCP forwarding via bootstrapping of the bastion
instance.
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
BastionEnableX11Forwarding:
Description: Choose true to enable X11 via bootstrapping of the bastion host.
Setting this value to true enables X Windows over SSH.
X11 forwarding can be useful, but it is also a security risk, so it's recommended
that you keep the default (false) setting.
AllowedValues:
- "true"
- "false"
Default: "false"
Type: String
BastionOs:
Description: Linux distribution for the Amazon Machine Image (AMI) to be used for the bastion instances.
AllowedValues:
- "Amazon-Linux2-HVM"
- "CentOS-7-HVM"
- "Ubuntu-Server-20.04-LTS-HVM"
- "SUSE-SLES-15-HVM"
Default: "Amazon-Linux2-HVM"
Type: String
NumBastionHosts:
Description: Number of bastion instances to create.
AllowedValues:
- '1'
- '2'
- '3'
- '4'
Default: '1'
Type: String
VolumeSize:
Description: Size in gigabytes of available storage (min 10GB). The Quick Start creates an
Amazon Elastic Block Store (Amazon EBS) volumes of this size.
Default: 200
Type: Number
InstanceType:
Description: EC2 instance type for the Artifactory instances.
AllowedValues:
- m5.large
- m5.xlarge
- m5.2xlarge
- m5.4xlarge
- m5.8xlarge
- m5.12xlarge
- m5.16xlarge
- m5.24xlarge
- m5.metal
- m5d.large
- m5d.xlarge
- m5d.2xlarge
- m5d.4xlarge
- m5d.8xlarge
- m5d.12xlarge
- m5d.16xlarge
- m5d.24xlarge
- m5d.metal
- m5a.large
- m5a.xlarge
- m5a.2xlarge
- m5a.4xlarge
- m5a.8xlarge
- m5a.12xlarge
- m5a.16xlarge
- m5a.24xlarge
ConstraintDescription: Must contain valid instance type.
Default: m5.xlarge
Type: String
NumberOfSecondary:
Description: Number of secondary Artifactory servers to complete your
HA deployment. To align with Artifactory best practices, the minimum number
is two, and the maximum is seven. Do not select more instances than you
have licenses for.
AllowedValues:
- 0
- 1
- 2
- 3
- 4
- 5
- 6
- 7
Default: 2
Type: Number
ArtifactoryProduct:
Description: JFrog Artifactory product you want to install into an AMI.
AllowedValues:
- JFrog-Artifactory-Pro
- JFrog-Artifactory-Enterprise
- JFrog-Container-Registry
Default: JFrog-Artifactory-Enterprise
Type: String
ArtifactoryVersion:
Description: Version of Artifactory that you want to deploy into the Quick Start.
To select the correct version, see the release notes at
https://www.jfrog.com/confluence/display/RTF/Release+Notes.
Default: 7.17.5
Type: String
SmLicenseName:
Description: Secret name created in AWS Secrets Manager, which contains the Artifactory licenses.
Default: ''
Type: String
SmCertName:
Description: Secret name created in AWS Secrets Manager, which contains the SSL certificate and certificate key.
Default: ''
Type: String
ArtifactoryServerName:
Description: Name of your Artifactory server. Ensure that this matches your certificate.
Type: String
MasterKey:
Description: Master key for the Artifactory cluster. Generate a master key by using the command '$openssl rand -hex 16'.
AllowedPattern: ^[a-zA-Z0-9]+$
MinLength: '1'
MaxLength: '64'
ConstraintDescription: Only capital or lowercase letters and numbers, with a Max of 64 characters.
NoEcho: 'true'
Type: String
ExtraJavaOptions:
Description: Set Java options to pass to the JVM for Artifactory. For more information, see the Artifactory
system requirements at https://www.jfrog.com/confluence/display/RTF/System+Requirements#SystemRequirements-RecommendedHardware.
Do not add Xms or Xmx settings without disabling DefaultJavaMemSettings.
Default: -Xss256k -XX:+UseG1GC
Type: String
DefaultJavaMemSettings:
Description: Choose false to overwrite the standard memory-calculation options to pass to the Artifactory JVM.
If you plan to overwrite them, ensure they are added to the ExtraJavaOptions to prevent the stack provision from failing.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
DatabaseName:
Description: Name of your database instance. The name must be unique across all instances
owned by your AWS account in the current Region. The database instance identifier is case-insensitive,
but it's stored in lowercase (as in "mydbinstance").
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
MinLength: '1'
MaxLength: '60'
ConstraintDescription: 1 to 60 alphanumeric characters First character must be a letter.
Default: artdb
Type: String
DatabaseEngine:
Description: Database engine that you want to run.
AllowedValues:
- Postgres
Default: Postgres
Type: String
DatabaseUser:
Description: Login ID for the master user of your database instance.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. The first character must be a letter.
Default: artifactory
Type: String
DatabasePassword:
Description: Password for the Artifactory database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
DatabaseInstance:
Description: Size of the database to be deployed as part of the Quick Start.
AllowedValues:
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.10xlarge
- db.m5.16xlarge
- db.m5.large
- db.m5.xlarge
- db.m5.2xlarge
- db.m5.4xlarge
- db.m5.12xlarge
- db.m5.24xlarge
ConstraintDescription: Must be a valid database Instance Type.
Default: db.m5.large
Type: String
DatabaseAllocatedStorage:
Description: Size in gigabytes of available storage for the database instance.
MinValue: 5
MaxValue: 1024
Default: 10
Type: Number
DatabasePreferredAz:
Description: Preferred availability zone for Amazon RDS primary instance
Type: String
Default: ''
MultiAzDatabase:
Description: Choose false to create an Amazon RDS instance in a single Availability Zone.
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
QsS3BucketName:
Description: S3 bucket name for the Quick Start assets. This string can include
numbers, lowercase letters, and hyphens (-). It cannot start
or end with a hyphen (-).
AllowedPattern: ^[0-9a-z]+([0-9a-z-]*[0-9a-z])*$
ConstraintDescription: Quick Start bucket name can include numbers, lowercase
letters, and hyphens (-). It cannot start or end with a hyphen (-).
Default: jfrog-aws
Type: String
QsS3KeyPrefix:
Description: S3 key prefix for the Quick Start assets. Quick Start key prefix
can include numbers, lowercase letters, uppercase letters, hyphens (-), and
forward slash (/).
AllowedPattern: ^[0-9a-zA-Z-/]*$
ConstraintDescription: Quick Start key prefix can include numbers, lowercase letters,
uppercase letters, hyphens (-), and forward slash (/).
Default: artifactory7/latest/
Type: String
QsS3BucketRegion:
Default: 'us-east-1'
Description: AWS Region where the Quick Start S3 bucket (QSS3BucketName) is hosted. If you use your own bucket, you must specify your own value.
Type: String
InstallXray:
Description: Choose true to install JFrog Xray instance(s).
ConstraintDescription: True or False
AllowedValues:
- "true"
- "false"
Default: "true"
Type: String
XrayVersion:
Description: The version of Xray that you want to deploy into the Quick Start.
Default: 3.22.1
Type: String
XrayNumberOfInstances:
Description: The number of Xray instances servers to complete your
HA deployment. The minimum number is one; the maximum is seven.
Do not select more than instances than you have licenses for.
MinValue: 1
MaxValue: 7
Default: 1
Type: Number
XrayInstanceType:
Description: The EC2 instance type for the Xray instances.
AllowedValues:
- c5.2xlarge
- c5.4xlarge
ConstraintDescription: Must contain valid instance type.
Default: c5.2xlarge
Type: String
XrayDatabaseUser:
Description: The login ID for the Xray database user.
MinLength: '1'
MaxLength: '16'
AllowedPattern: ^[a-zA-Z]([a-zA-Z0-9])+$
ConstraintDescription: 1 to 16 alphanumeric characters. First character must be a letter.
Default: xray
Type: String
XrayDatabasePassword:
Description: The password for the Xray database user.
AllowedPattern: ^[^ \\']+$
MinLength: '8'
MaxLength: '12'
ConstraintDescription: Must be at least 8 and no more than
12 characters containing letters and (minimum 1 capital letter), numbers and
symbols.
NoEcho: 'true'
Type: String
Conditions:
UsingDefaultBucket: !Equals [!Ref QsS3BucketName, 'aws-quickstart']
Resources:
ArtifactoryVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}submodules/quickstart-aws-vpc/templates/aws-vpc.template
- S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName']
S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion']
Parameters:
AvailabilityZones:
Fn::Join:
- ','
- Ref: AvailabilityZones
KeyPairName:
Ref: KeyPairName
NumberOfAZs: '2'
PrivateSubnet1ACIDR:
Ref: PrivateSubnet1Cidr
PrivateSubnet2ACIDR:
Ref: PrivateSubnet2Cidr
PublicSubnet1CIDR:
Ref: PublicSubnet1Cidr
PublicSubnet2CIDR:
Ref: PublicSubnet2Cidr
VPCCIDR:
Ref: VpcCidr
ArtifactoryExistingVpcStack:
Type: AWS::CloudFormation::Stack
Properties:
TemplateURL: !Sub
- https://${S3Bucket}.s3.${S3Region}.${AWS::URLSuffix}/${QsS3KeyPrefix}templates/jfrog-artifactory-ec2-existing-vpc.template.yaml
- S3Bucket: !If [UsingDefaultBucket, !Sub '${QsS3BucketName}-${AWS::Region}', !Ref 'QsS3BucketName']
S3Region: !If [UsingDefaultBucket, !Ref 'AWS::Region', !Ref 'QsS3BucketRegion']
Parameters:
AvailabilityZones:
Fn::Join:
- ','
- Ref: AvailabilityZones
KeyPairName: !Ref KeyPairName
VpcId: !GetAtt ArtifactoryVpcStack.Outputs.VPCID
VpcCidr: !Ref VpcCidr
PublicSubnet1Id: !GetAtt ArtifactoryVpcStack.Outputs.PublicSubnet1ID
PublicSubnet2Id: !GetAtt ArtifactoryVpcStack.Outputs.PublicSubnet2ID
PrivateSubnet1Id: !GetAtt ArtifactoryVpcStack.Outputs.PrivateSubnet1AID
PrivateSubnet2Id: !GetAtt ArtifactoryVpcStack.Outputs.PrivateSubnet2AID
PrivateSubnet1Cidr: !Ref PrivateSubnet1Cidr
PrivateSubnet2Cidr: !Ref PrivateSubnet2Cidr
AccessCidr: !Ref AccessCidr
RemoteAccessCidr: !Ref RemoteAccessCidr
ProvisionBastionHost: !Ref ProvisionBastionHost
BastionInstanceType: !Ref BastionInstanceType
BastionRootVolumeSize: !Ref BastionRootVolumeSize
BastionEnableTcpForwarding: !Ref BastionEnableTcpForwarding
BastionEnableX11Forwarding: !Ref BastionEnableX11Forwarding
BastionOs: !Ref BastionOs
NumBastionHosts: !Ref NumBastionHosts
VolumeSize: !Ref VolumeSize
InstanceType: !Ref InstanceType
NumberOfSecondary: !Ref NumberOfSecondary
ArtifactoryProduct: !Ref ArtifactoryProduct
ArtifactoryVersion: !Ref ArtifactoryVersion
SmLicenseName: !Ref SmLicenseName
SmCertName: !Ref SmCertName
ArtifactoryServerName: !Ref ArtifactoryServerName
MasterKey: !Ref MasterKey
ExtraJavaOptions: !Ref ExtraJavaOptions
DefaultJavaMemSettings: !Ref DefaultJavaMemSettings
DatabaseName: !Ref DatabaseName
DatabaseEngine: !Ref DatabaseEngine
DatabaseUser: !Ref DatabaseUser
DatabasePassword: !Ref DatabasePassword
DatabaseInstance: !Ref DatabaseInstance
DatabaseAllocatedStorage: !Ref DatabaseAllocatedStorage
DatabasePreferredAz: !Ref DatabasePreferredAz
MultiAzDatabase: !Ref MultiAzDatabase
QsS3BucketName: !Ref QsS3BucketName
QsS3KeyPrefix: !Ref QsS3KeyPrefix
QsS3BucketRegion: !Ref QsS3BucketRegion
InstallXray: !Ref InstallXray
XrayVersion: !Ref XrayVersion
XrayNumberOfInstances: !Ref XrayNumberOfInstances
XrayInstanceType: !Ref XrayInstanceType
XrayDatabaseUser: !Ref XrayDatabaseUser
XrayDatabasePassword: !Ref XrayDatabasePassword
Outputs:
ArtifactoryUrl:
Description: URL of the ELB to access Artifactory
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.ArtifactoryUrl}
BastionIp:
Value: !Sub ${ArtifactoryExistingVpcStack.Outputs.BastionIp}
Description: Bastion host IP, for admin access via SSH
Reference in New Issue View Git Blame Copy Permalink