Please note, following breaking changes introduced in Artifactory version 7.x, below there are the required iRule configurations for both, Artifactory versions below version 7.x and for Artifactory versions 7.x and above to be used accordingly.
The Repository Path method:
Otherwise, in case F5's BIG-IP is configured to work with secure connection in front of Artifactory it will be required to add the following iRule to the F5's BIG-IP Virtual Server configuration:
For Artifactory versions below 7.x:
when HTTP_REQUEST { set ARTI_PROTO https set ARTI_HOST <server-name> HTTP::header insert X-Artifactory-Override-Base-Url "$ARTI_PROTO://$ARTI_HOST/artifactory" HTTP::header insert X-Forwarded-Proto "$ARTI_PROTO" }
For Artifactory versions 7.x and above:
when HTTP_REQUEST { set ARTI_PROTO https set ARTI_HOST <server-name> HTTP::header insert X-JFrog-Override-Base-Url $ARTI_PROTO://$ARTI_HOST HTTP::header insert X-Forwarded-Proto "$ARTI_PROTO" }
The Subdomain method:
To configure F5's BIG-IP in order to work with Artifactory as a Docker registry with the Subdomain method and HTTPS connection, it will be required to add the following iRule to the F5's BIG-IP Virtual Server configuration:
For Artifactory versions below 7.x:
when HTTP_REQUEST { if { [HTTP::host] contains "docker" && [HTTP::uri] starts_with "/v2/" } { set ARTI_PROTO https set ARTI_HOST <server-name> scan [HTTP::host] %\[^.\].%\[^.\].%\[^.\].%\[^.\].%s REPO APP ENV DOMAIN TLD HTTP::uri /artifactory/api/docker/$REPO[HTTP::uri] HTTP::header insert X-Forwarded-Proto "$ARTI_PROTO" HTTP::header insert X-Artifactory-Override-Base-Url "$ARTI_PROTO://$ARTI_HOST/artifactory" } }
For Artifactory versions 7.x and above:
when HTTP_REQUEST { if { [HTTP::host] contains "docker" && [HTTP::uri] starts_with "/v2/" } { set ARTI_PROTO https set ARTI_HOST <server-name> scan [HTTP::host] %\[^.\].%\[^.\].%\[^.\].%\[^.\].%s REPO APP ENV DOMAIN TLD HTTP::uri /artifactory/api/docker/$REPO[HTTP::uri] HTTP::header insert X-Forwarded-Proto "$ARTI_PROTO" HTTP::header insert X-JFrog-Override-Base-Url $ARTI_PROTO://$ARTI_HOST } }
The Port method:
To configure F5's BIG-IP in order to work with Artifactory as a Docker registry with the Port method and HTTPS connection, it will be required to add the following iRule to the F5's BIG-IP Virtual Server configuration:
For Artifactory versions below 7.x:
when HTTP_REQUEST { if {[HTTP::uri] starts_with "/v2/" } { set ARTI_PROTO https set ARTI_PORT <port> set ARTI_HOST <server-name> HTTP::uri /artifactory/api/docker/<repository-name>[HTTP::uri] HTTP::header insert X-Forwarded-Proto $ARTI_PROTO HTTP::header insert X-Forwarded-Port $ARTI_PORT HTTP::header insert X-Artifactory-Override-Base-Url $ARTI_PROTO://$ARTI_HOST:$ARTI_PORT/artifactory } }
For Artifactory versions 7.x and above:
when HTTP_REQUEST { if {[HTTP::uri] starts_with "/v2/" } { set ARTI_PROTO https set ARTI_PORT <port> set ARTI_HOST<server-name> HTTP::uri /artifactory/api/docker/<repository-name>[HTTP::uri] HTTP::header insert X-Forwarded-Proto $ARTI_PROTO HTTP::header insert X-Forwarded-Port $ARTI_PORT HTTP::header insert X-JFrog-Override-Base-Url $ARTI_PROTO://$ARTI_HOST:$ARTI_PORT } }
*Please refer to our wiki page about Getting Started with Artifactory as a Docker Registry for more information.