Kubernetes Nexus 3

发表于 | 分类于

Run Docker Image

1
docker run -d -p 8081:8081 --name nexus -e INSTALL4J_ADD_VM_PARAMS="-Xms4g -Xmx4g -XX:MaxDirectMemorySize=3g  -Djava.util.prefs.userRoot=/nexus-data/user/root" -v $PWD/volume:/nexus-data sonatype/nexus3:3.19.1

Deploy on Kubernetes

Deployment

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
apiVersion: apps/v1beta1
kind: StatefulSet
metadata:
  name: nexus-repository
spec:
  selector:
    matchLabels:
      app: nexus-repository
  serviceName: nexus-repository-service
  replicas: 1
  template:
    metadata:
      labels:
        app: nexus-repository
    spec:
      initContainers:
        - name: init-container
          image: busybox:1.31.1
          command: ["chmod", "777", "/nexus-data"]
          volumeMounts:
            - name: nexus-repository-pv
              mountPath: /nexus-data
      containers:
        - image: gcr.io/leverup-app-sit/nexus:3.19.1
          imagePullPolicy: IfNotPresent
          name: nexus-repository
          resources:
            requests:
              cpu: 0.5
              memory: 5Gi
            limits:
              cpu: 2.0
              memory: 5Gi
          env:
            - name: INSTALL4J_ADD_VM_PARAMS
              value: "-Xms4g -Xmx4g -XX:MaxDirectMemorySize=2g -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap -Djava.util.prefs.userRoot=/nexus-data/user/root"
          ports:
            - containerPort: 8081
          livenessProbe:
            httpGet:
              path: /
              port: 8081
            initialDelaySeconds: 30
            periodSeconds: 30
            failureThreshold: 3
          readinessProbe:
            httpGet:
              path: /
              port: 8081
            initialDelaySeconds: 30
            periodSeconds: 30
            failureThreshold: 3
          volumeMounts:
            - name: nexus-repository-pv
              mountPath: /nexus-data
  volumeClaimTemplates:
    - metadata:
        name: nexus-repository-pv
      spec:
        accessModes: ["ReadWriteOnce"]
        storageClassName: pd-standard
        resources:
          requests:
            storage: 100Gi

Permission Error

1
2
3
4
5
6
mkdir: cannot create directory '../sonatype-work/nexus3/log': Permission denied
mkdir: cannot create directory '../sonatype-work/nexus3/tmp': Permission denied
OpenJDK 64-Bit Server VM warning: Cannot open file ../sonatype-work/nexus3/log/jvm.log due to No such file or directory
Warning:  Cannot open log file: ../sonatype-work/nexus3/log/jvm.log
Warning:  Forcing option -XX:LogFile=/tmp/jvm.log
java.io.FileNotFoundException: ../sonatype-work/nexus3/tmp/i4j_ZTDnGON8hezynsMX2ZCYAVDtQog=.lock (No such file or directory)

Solution:修改 /nexus-data 目录的权限为777或者757

Role

  1. add only read role, permission follow:
1
2
nx-repository-view-*-*-*
nx-search-read
  1. add deploy role, permission follow:
1
2
3
4
nx-repository-view-*-*-add
nx-repository-view-*-*-read
nx-repository-view-*-*-edit
nx-repository-view-*-*-browse

Usage

Maven Configuration

1
2
3
4
5
6
7
8
9
10
11
12
13
14
<settings>
  <servers>
      <server>
          <id>nx-releases</id>
          <username>admin</username>
          <password></password>
      </server>
      <server>
          <id>nx-snapshots</id>
          <username>admin</username>
          <password></password>
      </server>
  </servers>
</settings>

Project Pom

1
2
3
4
5
6
7
8
9
10
11
12
 <distributionManagement>
    <repository>
        <id>nx-releases</id>
        <name>Releases</name>
        <url>http://localhost:8081/repository/maven-releases/</url>
    </repository>
    <snapshotRepository>
        <id>nx-snapshots</id>
        <name>Snapshot</name>
        <url>http://localhost:8081/repository/maven-snapshots/</url>
    </snapshotRepository>
</distributionManagement>

Minimal deploy maven jar permission

1
2
3
4
nx-repository-view-*-*-add
nx-repository-view-*-*-read
nx-repository-view-*-*-edit
nx-repository-view-*-*-browse

Sync maven lib

1
2
3
4
5
6
7
8
9
10
11
12
<repositories>
    <repository>
        <id>nx-releases</id>
        <name>Releases</name>
        <url>http://xxxx:8081/repository/maven-releases/</url>
    </repository>
    <repository>
        <id>nx-snapshots</id>
        <name>Snapshot</name>
        <url>http://xxxx:8081/repository/maven-snapshots/</url>
    </repository>
</repositories>

Deploy to Private Repository

1
mvn deploy

Multiple Repository

Reference