Nexus is open-source artifact storage and management system. It is a widely used tool and can be seen in most CI/CD workflows. As a devops engineer, it is essential to know about artifact management tools.
I have covered Nexus setup on Linux VM in another article.
This guide will walk you through the step-by-step process of deploying Sonatype Nexus OSS on a Kubernetes cluster.
Important Notes
Following are the key things to be noted about the nexus setup.
- Nexus deployment and service are created in the devops-tools namespace. Make sure you have the namespace created, or you can edit the YAML to deploy in a different namespace. Also, we have different deployment files for Nexus 2 & Nexus 3 versions.
- In this guide, we are using the host volume mount for nexus data. The intention of this guide is for POC or testing purposes. You need to replace host volume mounts with persistent volumes and tweak other nexus parameters to meet the production requirements for production workloads.
- In our Kubernetes manifests, the nexus Service is exposed as NodePort. You can also use type LoadBalancer or use ingress object to expose the nexus endpoint.
- Minimum 2 GB RAM and 1 VCPU are required to run nexus. Please check the official system requirements for more details.
Kubernetes Nexus Manifests
All the Kubernetes manifests used in this guide is hosted on an Github repository. Clone the repository to you local workstation to directly execute it.
git clone https://github.com/bibinwilson/kubernetes-nexus.gitSetup Nexus OSS On Kubernetes
Let’s get started with the setting up nexus on Kubernetes.
Step 1: Create a namespace called devops-tools
kubectl create namespace devops-tools
Step 2: Create a deployment.yaml file. It is different for nexus 2.x and 3.x. We have given both. Create the YAML based on the Nexus version you need.
Note: The images used in this deployment are from the public official Sonatype docker repo.(Nexus2 image & Dockerfile ) (nexus 3 image & Dockerfile)
Deployment YAML for Nexus 2.x: If you want to deploy nexus 2, you can use the following deployment file. As explained before, the nexus data directory will be added as a volume in the host server.
apiVersion: apps/v1
kind: Deployment
metadata:
name: nexus
namespace: devops-tools
spec:
replicas: 1
selector:
matchLabels:
app: nexus-server
template:
metadata:
labels:
app: nexus-server
spec:
containers:
- name: nexus
image: sonatype/nexus:latest
env:
- name: MAX_HEAP
value: "800m"
- name: MIN_HEAP
value: "300m"
resources:
limits:
memory: "4Gi"
cpu: "1000m"
requests:
memory: "2Gi"
cpu: "500m"
ports:
- containerPort: 8081
volumeMounts:
- name: nexus-data
mountPath: /sonatype-work
volumes:
- name: nexus-data
emptyDir: {}Deployment YAML for Nexus 3.x: Following deployment is for Sonatype nexus 3. It also has the host data volume for nexus data.
apiVersion: apps/v1
kind: Deployment
metadata:
name: nexus
namespace: devops-tools
spec:
replicas: 1
selector:
matchLabels:
app: nexus-server
template:
metadata:
labels:
app: nexus-server
spec:
containers:
- name: nexus
image: sonatype/nexus3:latest
resources:
limits:
memory: "4Gi"
cpu: "1000m"
requests:
memory: "2Gi"
cpu: "500m"
ports:
- containerPort: 8081
volumeMounts:
- name: nexus-data
mountPath: /nexus-data
volumes:
- name: nexus-data
emptyDir: {}Step 3: Create the deployment using kubectl command.
kubectl create -f deployment.yaml
Check the deployment pod status
kubectl get po -n devops-tools
Step 4: Create a service.yaml file with the following contents to expose the nexus endpoint using NodePort.
Note: If you are on a cloud, you can expose the service using a load balancer using the service type Loadbalancer. Also, the Prometheus annotations will help in service endpoint monitoring by Prometheus.
apiVersion: v1
kind: Service
metadata:
name: nexus-service
namespace: devops-tools
annotations:
prometheus.io/scrape: 'true'
prometheus.io/path: /
prometheus.io/port: '8081'
spec:
selector:
app: nexus-server
type: NodePort
ports:
- port: 8081
targetPort: 8081
nodePort: 32000
Check the service configuration using kubectl.
kubectl describe service nexus-service -n devops-tools
Step 5: Now you will be able to access nexus on any of the Kubernetes node IP on port 32000 as we have exposed the node port. For example,
For Nexus 2,
http://35.144.130.153:32000/nexus
For nexus 2, The default username and the password will be admin and admin123
For Nexus 3,
http://35.144.130.153:32000
The default user name for nexus 3 is admin and the default password is stored inside the pod.
First list the pods and get the nexus pod name.
kubectl get pods -n devops-toolsUse the kubectl command as shown below to get the password stored in /nexus-data/admin.password location . Replace nexus-55976bf6fd-cvhxb with your pod name.
kubectl exec nexus-55976bf6fd-cvhxb -n devops-tools cat /nexus-data/admin.password
6 comments
Hi, I was able to Setup the Latest Nexus OSS On Kubernetes. Thereafter I was able to change the default password of the nexus user: admin. But here the problem is raised. After a couple of days, I forgot the password I reset. So, the default password under cat /nexus-data/admin.password from inside the container is NOT AT ALL usable now. In this case, How can I reset/recover the nexus user : admin password?!!!!!!
Hey,
I just follow the steps but I’m not able to login. I’m seeing a message saying that usarname or password is incorrect.
Anyone knows how to update admin password ?
cat /nexus-data/admin.password from inside the container
@felipeespitalher:disqus please refer to the following links for Nexus 2.x and Nexus 3.x password updates:
https://support.sonatype.com/hc/en-us/articles/213465508?_ga=2.170837091.214258114.1566130312-815295320.1561402348
https://support.sonatype.com/hc/en-us/articles/213467158?_ga=2.170837091.214258114.1566130312-815295320.1561402348
please help me
doesn’t work for me
minikubeip:32000 = nothing
namespace should be devops-tools in the service