Communication Between Services

The JFrog Platform is composed of multiple services for each JFrog product, running on multiple nodes. Communication between services is done through router services. Every node has its own router service. For more information on the JFrog Platform services, see JFrog Platform Deployment (JPD) system architecture.

In the JFrog Platform service mesh, the router is responsible for communication between services in the data plane, and is responsible for (but not limited to) the following functions.

Monitoring the health of its local services
Routing communication between services inside the node and between nodes
Enabling TLS between nodes
Service discovery

In certain environments, all cross-node communication may be required to go through a proxy. For more information on proxy configuration between services, see Configure Proxy Between JFrog Products.

JFrog Platform uses pairing tokens and join keys for communication between services. It also uses master key for communication between nodes. For more information, see Manage Keys. Token certificates are used for signing and validating tokens. For more information, see Custom Token Certificates.

You can use Transport Layer Security (TLS) connections with remote sites or within the JFrog Platform between the different cluster nodes and services.

Manage Keys

Generate, rotate, and manage master keys, join keys, and pairing tokens for inter-service trust.

Using Access as a Certificate Authority

Configure JFrog Access as an internal CA to issue and sign certificates for platform services.

Using TLS Certificates as a Client

Authenticate clients using TLS certificates for mutual TLS (mTLS) connections to the JFrog Platform.

Custom Token Certificates

Upload your own certificates for signing access tokens instead of using auto-generated ones.

Configure Proxy Between JFrog Products

Route cross-node communication through a proxy when direct connections are not permitted.