OpenShift Nexus: Difference between revisions

From NovaOrdis Knowledge Base
Jump to navigation Jump to search
 
(44 intermediate revisions by the same user not shown)
Line 6: Line 6:


* [[OpenShift Auxiliary Tools Operations#Operations|OpenShift Auxiliary Tools Operations]]
* [[OpenShift Auxiliary Tools Operations#Operations|OpenShift Auxiliary Tools Operations]]
* [[OpenShift Create an Application from a Docker Image#Overview|Create an Application from a Docker Image]]
* [[Sonatype Nexus 3]]


=Overview=
=Overview=


Nexus is a repository and artifact manager used by OpenShift to cache locally build dependencies, and those used by Maven in particular, close to builds. It is recommended to set up one per OpenShift cluster, to speed up Maven builds.
Nexus is a repository and artifact manager used by OpenShift to cache locally build dependencies, and those used by Maven in particular, close to builds. It is recommended to set up one per OpenShift cluster, to speed up Maven builds. Nexus can be deployed using the procedure described below. An alternate method is to use the template available: here https://github.com/NovaOrdis/playground/blob/master/openshift/templates/nexus-template.yaml.


=Installation=
=<span id='Method 2'></span>Deploy Nexus Based on a Standard Sonatype Docker Image=


Image built-in credentials: deployment/deployment123. <font color=red>'''TODO''' - configure this during installation.</font>
[[oc new-app]] docker.io/sonatype/nexus3:latest


==Method 1==
For more details what happens during a new application creation based on a container image, see: {{Internal|OpenShift_Create_an_Application_from_a_Docker_Image#Overview|Create an Application from a Docker Image}}


Use the following template: https://github.com/NovaOrdis/playground/blob/master/openshift/auxiliary-tools/nexus.yaml
=Post-Creation Operations=


Copy it locally and then:
These operations are explained in detail in {{Internal|OpenShift_Create_an_Application_from_a_Docker_Image#Overview|Create an Application from a Docker Image}}


oc process -f nexus.yaml | oc create -f -
1. Disable automatic deployment and drop what has already been deployed, to allow for reconfiguration:
 
==Method 2==
 
[[oc new-app]] sonatype/nexus3:latest
 
This will set "app=nexus3" label on all objects created for this application (image stream, deployment config and service).
 
[[oc expose]] svc nexus3


  [[OpenShift_Application_Operations#pause|oc rollout pause]] dc nexus3
  [[OpenShift_Application_Operations#pause|oc rollout pause]] dc nexus3
oc delete rc <''rc-name''>


Change the deployment mode from Rollout to Recreate:
2. Change the deployment strategy.


  [[oc patch]] dc nexus3 --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'
  [[oc patch]] dc nexus3 --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'


Alternatively, [[oc edit]] can be used.
3. Attach a valid persistence volume.


oc set resources dc nexus3 --limits=memory=2Gi --requests=memory=1Gi
For this to work, a 2Gi or more persistent volume must be already provisioned and available.


Make sure an appropriate [[OpenShift_Concepts#Persistent_Volume|persistent volume]] is provisioned.
Create the persistent volume claim:


  echo "apiVersion: v1
  echo "apiVersion: v1
  kind: PersistentVolumeClaim
  kind: PersistentVolumeClaim
  metadata:
  metadata:
  name: nexus-pvc
  name: production-nexus-pvc
  spec:
  spec:
  accessModes:
  accessModes:
  - ReadWriteOnce
  - ReadWriteOnce
  resources:
  resources:
    requests:
    requests:
      storage: 3Gi" | oc create -f -
      storage: 2Gi" | oc create -f -
 
If an appropriate persistent volume exists, it will be immediately bound after the persistent volume claim creation.
 
Modify the deployment configuration to use the persistent volume claim:
 
[[Oc_set#Delete_the_Definition_of_a_Volume|oc set volumes]] dc/nexus3 [[Oc_set#Delete_the_Definition_of_a_Volume|--remove]] --name=nexus3-volume-1
 
[[Oc_set#Adding_the_Definition_of_a_New_Volume|oc set volumes]] dc/nexus3 [[Oc_set#Adding_the_Definition_of_a_New_Volume|--add]] --name=nexus-data --mount-path=/nexus-data/ --type persistentVolumeClaim --claim-name=production-nexus-pvc
 
4. Setup resources.
 
[[Oc_set#resources|oc set resources]] dc/nexus3 --limits=memory=2Gi --requests=memory=1Gi
 
5. Setup the readiness and liveness probes
 
[[Oc_set#probe|oc set probe]] dc/nexus3 --readiness \
--failure-threshold 3 --initial-delay-seconds 120 \
--get-url=http&#58;//:8081/repository/maven-public/


  oc set volume dc/nexus3 \
  [[Oc_set#probe|oc set probe]] dc/nexus3 --liveness \
  --add --overwrite --name=nexus3-volume-1 \
--failure-threshold 3 --initial-delay-seconds 120 \
  --mount-path=/nexus-data/ --type persistentVolumeClaim \
-- echo ok
  --claim-name=nexus-pvc


<span id='liveness_and_readiness_probe'></span>Set up liveness and readiness probes for Nexus:
6. Expose the service.


  [[Oc_set#probe|oc set probe]] dc/nexus3 --liveness --failure-threshold 3 --initial-delay-seconds 120 -- echo ok
  [[OpenShift_Route_Operations#Expose_a_Service|oc expose service]] nexus3 --hostname=maven.apps.openshift.novaordis.io
[[Oc_set#probe|oc set probe]] dc/nexus3 --readiness --failure-threshold 3 --initial-delay-seconds 120 --get-url=http&#58;//:8081/repository/maven-public/


Resume deployment:
7. Resume rollout.


  [[OpenShift_Application_Operations#resume|oc rollout resume]] dc nexus3
  [[OpenShift_Application_Operations#resume|oc rollout resume]] dc nexus3


Wait for the pod to be brought on-line, connect as admin/admin123 and change the default password. The changes will be persisted in storage.
=Smoke Test the Deployment=


Set up Red Hat repositories with this script: https://github.com/NovaOrdis/playground/blob/master/openshift/auxiliary-tools/setup_nexus3.sh
Wait for the pod to be brought on-line, go to https://maven.apps.openshift.novaordis.io/. The repository should be on-line.


./setup_nexus3.sh admin <''admin-password''> https&#58;//nexus3-cicd.apps.openshift.novaordis.io
=Configuration=


==Verification==
==Administrator Password==


Nexus should be available at: https://nexus3-cicd.apps.openshift.novaordis.io
Connect as admin/admin123 and change the default password. The changes will be persisted in storage.
 
The new proxies installed into Browse -> Components: jboss, redhat-ga, maven-all-public, releases.


==Troubleshooting==
==Troubleshooting==
Line 84: Line 93:
* [[OpenShift Nexus Kept Getting Restarted]]
* [[OpenShift Nexus Kept Getting Restarted]]
* [[OpenShift Nexus Pod failed to Start During the CI/CD Pipeline Deployment]]
* [[OpenShift Nexus Pod failed to Start During the CI/CD Pipeline Deployment]]
==Production Configuration==
{{Internal|Sonatype Nexus 3 Configuration|Sonatype Nexus 3 Configuration}}


=Interaction with OpenShift=
=Interaction with OpenShift=
Line 94: Line 107:
* Nexus 2: https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public  
* Nexus 2: https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public  
* Nexus 3: https://nexus3-cicd.apps.openshift.novaordis.io/repository/maven-all-public
* Nexus 3: https://nexus3-cicd.apps.openshift.novaordis.io/repository/maven-all-public
==Configure Maven from Maven Build Pods to Use Nexus as Mirror==
In all [[OpenShift_Plugin_for_Jenkins_(jenkins-plugin)#Jenkins_Slave_Pods|Maven build pods]], invoke maven with an alternate settings file that specifies Nexus as a [[Maven_settings.xml#.3Cmirrors.3E|Maven mirror]].
mvn [[Maven_Command_Line_Options#-s.2C_--settings|-s]] ./openshift/nexus-settings.xml
Maven command can also be defined as:
<syntaxhighlight lang='groovy'>
def mavenCommand="mvn -s openshift/nexus-settings.xml"
</syntaxhighlight>
where nexus-settings.xml should be similar to:
<syntaxhighlight lang='xml'>
<settings>
    <servers>
        <server>
            <id>nexus</id>
            <username>deployment</username>
            <password>deployment123</password>
        </server>
    </servers>
    <mirrors>
        <mirror>
            <id>nexus</id>
            <mirrorOf>*</mirrorOf>
            <url>https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public/</url>
        </mirror>
    </mirrors>
    <profiles>
        <profile>
            <id>nexus</id>
            <!--Enable snapshots for the built in central repo to direct -->
            <!--all requests to nexus via the mirror -->
            <repositories>
                <repository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </repository>
            </repositories>
            <pluginRepositories>
                <pluginRepository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>
    </profiles>
    <activeProfiles>
        <activeProfile>nexus</activeProfile>
    </activeProfiles>
</settings>
</syntaxhighlight>

Latest revision as of 05:53, 20 January 2018

External

Internal

Overview

Nexus is a repository and artifact manager used by OpenShift to cache locally build dependencies, and those used by Maven in particular, close to builds. It is recommended to set up one per OpenShift cluster, to speed up Maven builds. Nexus can be deployed using the procedure described below. An alternate method is to use the template available: here https://github.com/NovaOrdis/playground/blob/master/openshift/templates/nexus-template.yaml.

Deploy Nexus Based on a Standard Sonatype Docker Image

oc new-app docker.io/sonatype/nexus3:latest

For more details what happens during a new application creation based on a container image, see:

Create an Application from a Docker Image

Post-Creation Operations

These operations are explained in detail in

Create an Application from a Docker Image

1. Disable automatic deployment and drop what has already been deployed, to allow for reconfiguration:

oc rollout pause dc nexus3
oc delete rc <rc-name>

2. Change the deployment strategy.

oc patch dc nexus3 --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'

3. Attach a valid persistence volume.

For this to work, a 2Gi or more persistent volume must be already provisioned and available.

Create the persistent volume claim:

echo "apiVersion: v1
kind: PersistentVolumeClaim
metadata:
 name: production-nexus-pvc
spec:
 accessModes:
 - ReadWriteOnce
 resources:
   requests:
     storage: 2Gi" | oc create -f -

If an appropriate persistent volume exists, it will be immediately bound after the persistent volume claim creation.

Modify the deployment configuration to use the persistent volume claim:

oc set volumes dc/nexus3 --remove --name=nexus3-volume-1
oc set volumes dc/nexus3 --add --name=nexus-data --mount-path=/nexus-data/ --type persistentVolumeClaim --claim-name=production-nexus-pvc

4. Setup resources.

oc set resources dc/nexus3 --limits=memory=2Gi --requests=memory=1Gi

5. Setup the readiness and liveness probes

oc set probe dc/nexus3 --readiness \
--failure-threshold 3 --initial-delay-seconds 120 \
--get-url=http://:8081/repository/maven-public/
oc set probe dc/nexus3 --liveness \
--failure-threshold 3 --initial-delay-seconds 120 \
-- echo ok

6. Expose the service.

oc expose service nexus3 --hostname=maven.apps.openshift.novaordis.io

7. Resume rollout.

oc rollout resume dc nexus3

Smoke Test the Deployment

Wait for the pod to be brought on-line, go to https://maven.apps.openshift.novaordis.io/. The repository should be on-line.

Configuration

Administrator Password

Connect as admin/admin123 and change the default password. The changes will be persisted in storage.

Troubleshooting

Production Configuration

Sonatype Nexus 3 Configuration

Interaction with OpenShift

MAVEN_MIRROR_URL

'MAVEN_MIRROR_URL' is an environment variable interpreted by the OpenShift s2i builders, which use the Maven repository whose URL is specified as a source of artifacts.

OpenShift image builders check for the environment variable MAVEN_MIRROR_URL, which should point to:

Configure Maven from Maven Build Pods to Use Nexus as Mirror

In all Maven build pods, invoke maven with an alternate settings file that specifies Nexus as a Maven mirror.

mvn -s ./openshift/nexus-settings.xml

Maven command can also be defined as:

def mavenCommand="mvn -s openshift/nexus-settings.xml"

where nexus-settings.xml should be similar to:

<settings>
    <servers>
        <server>
            <id>nexus</id>
            <username>deployment</username>
            <password>deployment123</password>
        </server>
    </servers>
    <mirrors>
        <mirror>
            <id>nexus</id>
            <mirrorOf>*</mirrorOf>
            <url>https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public/</url>
        </mirror>
    </mirrors>
    <profiles>
        <profile>
            <id>nexus</id>
            <!--Enable snapshots for the built in central repo to direct -->
            <!--all requests to nexus via the mirror -->
            <repositories>
                <repository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </repository>
            </repositories>
            <pluginRepositories>
                <pluginRepository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>
    </profiles>
    <activeProfiles>
        <activeProfile>nexus</activeProfile>
    </activeProfiles>
</settings>