How To Setup Latest Nexus OSS On Kubernetes

Nexus is open-source artifact storage and management system. It is a widely used tool and can be seen in most CI/CD workflows. As a devops engineer, it is essential to know about artifact management tools.

I have covered Nexus setup on Linux VM in another article.

This guide will walk you through the step-by-step process of deploying Sonatype Nexus OSS on a Kubernetes cluster.

Important Notes

Following are the key things to be noted about the nexus setup.

1. Nexus deployment and service are created in the devops-tools namespace. Make sure you have the namespace created, or you can edit the YAML to deploy in a different namespace. Also, we have different deployment files for Nexus 2 & Nexus 3 versions.
2. In this guide, we are using the host volume mount for nexus data. The intention of this guide is for POC or testing purposes. You need to replace host volume mounts with persistent volumes and tweak other nexus parameters to meet the production requirements for production workloads.
3. In our Kubernetes manifests, the nexus Service is exposed as NodePort. You can also use type LoadBalancer or use ingress object to expose the nexus endpoint.
4. Minimum 2 GB RAM and 1 VCPU are required to run nexus. Please check the official system requirements for more details.

Kubernetes Nexus Manifests

All the Kubernetes manifests used in this guide is hosted on an Github repository. Clone the repository to you local workstation to directly execute it.

git clone https://github.com/bibinwilson/kubernetes-nexus.git

Setup Nexus OSS On Kubernetes

Let's get started with the setting up nexus on Kubernetes.

Step 1: Create a namespace called devops-tools

kubectl create namespace devops-tools

Step 2: Create a deployment.yaml file. It is different for nexus 2.x and 3.x. We have given both. Create the YAML based on the Nexus version you need.

Note: The images used in this deployment are from the public official Sonatype docker repo.(Nexus2 image & Dockerfile ) (nexus 3 image & Dockerfile)

Deployment YAML for Nexus 2.x: If you want to deploy nexus 2, you can use the following deployment file. As explained before, the nexus data directory will be added as a volume in the host server.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nexus
  namespace: devops-tools
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nexus-server
  template:
    metadata:
      labels:
        app: nexus-server
    spec:
      containers:
        - name: nexus
          image: sonatype/nexus:latest
          env:
          - name: MAX_HEAP
            value: "800m"
          - name: MIN_HEAP
            value: "300m"
          resources:
            limits:
              memory: "4Gi"
              cpu: "1000m"
            requests:
              memory: "2Gi"
              cpu: "500m"
          ports:
            - containerPort: 8081
          volumeMounts:
            - name: nexus-data
              mountPath: /sonatype-work
      volumes:
        - name: nexus-data
          emptyDir: {}

Deployment YAML for Nexus 3.x: Following deployment is for Sonatype nexus 3. It also has the host data volume for nexus data.

apiVersion: apps/v1
kind: Deployment
metadata:
  name: nexus
  namespace: devops-tools
spec:
  replicas: 1
  selector:
    matchLabels:
      app: nexus-server
  template:
    metadata:
      labels:
        app: nexus-server
    spec:
      containers:
        - name: nexus
          image: sonatype/nexus3:latest
          resources:
            limits:
              memory: "4Gi"
              cpu: "1000m"
            requests:
              memory: "2Gi"
              cpu: "500m"
          ports:
            - containerPort: 8081
          volumeMounts:
            - name: nexus-data
              mountPath: /nexus-data
      volumes:
        - name: nexus-data
          emptyDir: {}

Step 3: Create the deployment using kubectl command.

kubectl create -f deployment.yaml

Check the deployment pod status

kubectl get po -n devops-tools

Step 4: Create a service.yaml file with the following contents to expose the nexus endpoint using NodePort.

Note: If you are on a cloud, you can expose the service using a load balancer using the service type Loadbalancer. Also, the Prometheus annotations will help in service endpoint monitoring by Prometheus.

apiVersion: v1
kind: Service
metadata:
  name: nexus-service
  namespace: devops-tools
  annotations:
      prometheus.io/scrape: 'true'
      prometheus.io/path:   /
      prometheus.io/port:   '8081'
spec:
  selector: 
    app: nexus-server
  type: NodePort  
  ports:
    - port: 8081
      targetPort: 8081
      nodePort: 32000

Check the service configuration using kubectl.

kubectl describe service nexus-service -n devops-tools

Step 5: Now you will be able to access nexus on any of the Kubernetes node IP on port 32000 as we have exposed the node port. For example,

For Nexus 2,

http://35.144.130.153:32000/nexus

For nexus 2, The default username and the password will be admin and admin123

For Nexus 3,

http://35.144.130.153:32000

The default user name for nexus 3 is admin and the default password is stored inside the pod.

First list the pods and get the nexus pod name.

kubectl get pods -n devops-tools

Use the kubectl command as shown below to get the password stored in /nexus-data/admin.password location . Replace nexus-55976bf6fd-cvhxb with your pod name.

kubectl exec nexus-55976bf6fd-cvhxb -n devops-tools cat /nexus-data/admin.password