Problem statement: In a few cases, the Artifactory server will be configured with a proxy like zscaler,etc. So that all the requests from the server go via the proxy. In that case the Router services will have an issue and throw the below message for router health or router ping endpoints, even if we add the host IP address in the HTTP/HTTPS no_proxy.
Here the proxy configured in the Artifactory host will block the requests and sometimes the Artifactory UI is accessible but the monitoring screen in the Artifactory UI will show all services as stale:
Below message in the router health or router ping endpoint:
Command:
Or:
Output:
Below message in the router health or router ping endpoint:
Command:
Or:
Output:
Below message in the router service logs:
Cause: This is due to the router ping/health REST API request are getting failed with the above message.
Solution:
So to overcome this issue we need to add the list of target hosts IP-address to communicate directly to the hosts bypassing the proxy. We need to add the below configuration in the system.yaml file ($JFROG_HOME/var/etc location) and perform an Artifactory restart.
Note: "localhost" will always be added to this list automatically.
Here the proxy configured in the Artifactory host will block the requests and sometimes the Artifactory UI is accessible but the monitoring screen in the Artifactory UI will show all services as stale:
Below message in the router health or router ping endpoint:
Command:
curl -s http://ip-address:8082/router/api/v1/system/ping
Or:
curl -s http://localhost:8082/router/api/v1/system/ping
Output:
Routing mechanism unavailable on entrypoints: external (:8082): Head "http://ip-address:8082/router/api/v1/system/ping": context deadline
Below message in the router health or router ping endpoint:
Command:
curl -s http://ip-address:8082/router/api/v1/system/health
Or:
curl -s http://localhost:8082/router/api/v1/system/health
Output:
"router": { "node_id": "art", "state": "UNHEALTHY", "message": "Routing mechanism unavailable on entrypoints: external (:8082): Head \"http://ip-address:8082/router/api/v1/system/ping\": context deadline exceeded" },
Below message in the router service logs:
2022-11-08T09:37:03.528Z [jfrou] [WARN ] [4c1af60fceddf46a] [ernal_topology_verifier.go:105] [main ] - Failed pinging external node 'art1' at address 'http://ip-address:8082': Get "http://ip-address0:8082/router/api/v1/system/ping": context deadline exceeded
Cause: This is due to the router ping/health REST API request are getting failed with the above message.
Solution:
So to overcome this issue we need to add the list of target hosts IP-address to communicate directly to the hosts bypassing the proxy. We need to add the below configuration in the system.yaml file ($JFROG_HOME/var/etc location) and perform an Artifactory restart.
router: proxy: ignoredHosts: - "<current-node-private-IP-address>" - "<other-node-private-IP-address>"
Note: "localhost" will always be added to this list automatically.