OpenShift Nexus

From NovaOrdis Knowledge Base
Jump to navigation Jump to search

External

Internal

Overview

Nexus is a repository and artifact manager used by OpenShift to cache locally build dependencies, and those used by Maven in particular, close to builds. It is recommended to set up one per OpenShift cluster, to speed up Maven builds.

Deploy Nexus Based on a Standard Sonatype Docker Image

oc new-app docker.io/sonatype/nexus3:latest

For more details what happens during a new application creation based on a container image, see:

Create an Application from a Docker Image

Post-Creation Operations

oc expose svc nexus3
oc rollout pause dc nexus3

Change the deployment mode from Rollout to Recreate:

oc patch dc nexus3 --patch='{ "spec": { "strategy": { "type": "Recreate" }}}'

Alternatively, oc edit can be used.

oc set resources dc nexus3 --limits=memory=2Gi --requests=memory=1Gi

Make sure an appropriate persistent volume is provisioned.

echo "apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nexus-pvc
spec:
  accessModes:
  - ReadWriteOnce
  resources:
    requests:
      storage: 3Gi" | oc create -f -
oc set volumes dc/nexus3 \
  --add --overwrite --name=nexus3-volume-1 \
  --mount-path=/nexus-data/ --type persistentVolumeClaim \
  --claim-name=nexus-pvc

Set up liveness and readiness probes for Nexus:

oc set probe dc/nexus3 --liveness --failure-threshold 3 --initial-delay-seconds 120 -- echo ok
oc set probe dc/nexus3 --readiness --failure-threshold 3 --initial-delay-seconds 120 --get-url=http://:8081/repository/maven-public/

Resume deployment:

oc rollout resume dc nexus3

Wait for the pod to be brought on-line, connect as admin/admin123 and change the default password. The changes will be persisted in storage.

Set up Red Hat repositories with this script: https://github.com/NovaOrdis/playground/blob/master/openshift/auxiliary-tools/setup_nexus3.sh

./setup_nexus3.sh admin <admin-password> https://nexus3-cicd.apps.openshift.novaordis.io

Configuration

Image built-in credentials: deployment/deployment123. TODO - configure this during installation.

Method 1

Use the following template: https://github.com/NovaOrdis/playground/blob/master/openshift/templates/nexus-template.yaml

Copy it locally and then:

oc process -f nexus.yaml | oc create -f -

Verification

Nexus should be available at: https://nexus3-cicd.apps.openshift.novaordis.io

The new proxies installed into Browse -> Components: jboss, redhat-ga, maven-all-public, releases.

Troubleshooting

Interaction with OpenShift

MAVEN_MIRROR_URL

'MAVEN_MIRROR_URL' is an environment variable interpreted by the OpenShift s2i builders, which use the Maven repository whose URL is specified as a source of artifacts.

OpenShift image builders check for the environment variable MAVEN_MIRROR_URL, which should point to:

Configure Maven from Maven Build Pods to Use Nexus as Mirror

In all Maven build pods, invoke maven with an alternate settings file that specifies Nexus as a Maven mirror.

mvn -s ./openshift/nexus-settings.xml

Maven command can also be defined as:

def mavenCommand="mvn -s openshift/nexus-settings.xml"

where nexus-settings.xml should be similar to:

<settings>
    <servers>
        <server>
            <id>nexus</id>
            <username>deployment</username>
            <password>deployment123</password>
        </server>
    </servers>
    <mirrors>
        <mirror>
            <id>nexus</id>
            <mirrorOf>*</mirrorOf>
            <url>https://nexus-cicd.apps.openshift.novaordis.io/content/groups/public/</url>
        </mirror>
    </mirrors>
    <profiles>
        <profile>
            <id>nexus</id>
            <!--Enable snapshots for the built in central repo to direct -->
            <!--all requests to nexus via the mirror -->
            <repositories>
                <repository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </repository>
            </repositories>
            <pluginRepositories>
                <pluginRepository>
                    <id>central</id>
                    <url>https://central</url>
                    <releases><enabled>true</enabled></releases>
                    <snapshots><enabled>true</enabled></snapshots>
                </pluginRepository>
            </pluginRepositories>
        </profile>
    </profiles>
    <activeProfiles>
        <activeProfile>nexus</activeProfile>
    </activeProfiles>
</settings>