nexus on k8s最佳实战
1、helm 安装包
#添加 helm 仓库 helm repo add sonatype https://sonatype.github.io/helm3-charts/ # 下载 chart 到本地 helm pull sonatype/nexus-repository-manager #copy 到文件服务器方便下载 scp nexus-repository-manager-41.1.2.tgz 10.50.10.25:/www/pigsty
2、修改关键参数
image
docker pull ninesun0318/sonatype.nexus3:3.41.1 docker tag ninesun0318/sonatype.nexus3:3.41.1 myharbor.com/nexus/sonatype.nexus3:3.41.1
存储
storageClass: "managed-nfs-storage" storageSize: 50Gi
service 暴露方式
需要外部可访问nexus,建议使用nexus.
service: name: nexus3 enabled: true labels: {} annotations: {} type: NodePort port: 31712
3、安装nexus
[root@master2 /opt/helm/nexus-repository-manager]#helm install chot-nexus -n nexus /opt/helm/nexus-repository-manager NAME: chot-nexus LAST DEPLOYED: Fri Sep 2 15:01:33 2022 NAMESPACE: nexus STATUS: deployed REVISION: 1 NOTES: 1. Get the application URL by running these commands: export NODE_PORT=$(kubectl get --namespace nexus -o jsonpath="{.spec.ports[0].nodePort}" services chot-nexus-nexus-repository-manager) export NODE_IP=$(kubectl get nodes --namespace nexus -o jsonpath="{.items[0].status.addresses[0].address}") Your application is available at http://$NODE_IP:$NODE_PORT
4、检查
[root@master1 /opt/ansible]#k get all -n nexus NAME READY STATUS RESTARTS AGE pod/chot-nexus-nexus-repository-manager-6595d7c79b-q7znf 1/1 Running 0 64m NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE service/chot-nexus-nexus-repository-manager NodePort 10.96.11.171 <none> 8081:31712/TCP 64m NAME READY UP-TO-DATE AVAILABLE AGE deployment.apps/chot-nexus-nexus-repository-manager 1/1 1 1 64m NAME DESIRED CURRENT READY AGE replicaset.apps/chot-nexus-nexus-repository-manager-6595d7c79b 1 1 1 64m
5、报错处理
### k8s pod has unbound immediate PersistentVolumeClaims 安装nexus,使用nfs sc pod一直报这个错误? 原因:使用kuboard 托管的sc限制了ns在kube-system,因此再nexus中的无法使用. 后面改用managed-nfs-storage解决问题。 ### pod readiness probe端口探测失败原因调查? 安装nexus仓库时pod 的8081 端口一直访问不通 ```bash Readiness probe failed: Get "http://10.244.166.156:8081/": dial tcp 10.244.166.156:8081: connect: connection refused ``` 探测的yaml ```yaml readinessProbe: failureThreshold: 6 httpGet: path: / port: 8081 scheme: HTTP initialDelaySeconds: 30 periodSeconds: 30 successThreshold: 1 timeoutSeconds: 10 ``` 这个问题的原因是超过了initialDelaySeconds的时间导致探测失败,适当调大这个参数,或者重启一下就好了。
6、访问
默认密码会在首次登录提示,按照提示修改密码。
7、批量上传本地jar包
之前物理机上安装的nexus由于每次打包都有问题,花了好多时间。这次干脆直接搭建一个nexus,并使用脚本把本地的包都上传到仓库中。
报错如下:
[ERROR] Failed to execute goal on project chot-configs: Could not resolve dependencies for project com.lichkin.chot:chot-configs:jar:2.0.0-CHOT: Failure to find javax.interceptor:javax.i nterceptor-api:jar:1.2 in http://ip:8081/repository/maven-releases/ was cached in the local repository, resolution will not be reattempted until the update interval of nexus has elapsed or updates are forced -> [Help 1]
#!/bin/bash # @date 2022年9月2日11:26:51 # @author ninesun # nexushttp: http://ip:31712/repository/maven-releases/ # 使用方式: bash uploadJarWithscripts.sh -u admin -p chot123 -r http://ip:31712/repository/maven-releases/ while getopts ":r:u:p:" opt; do case $opt in r) REPO_URL="$OPTARG" ;; u) USERNAME="$OPTARG" ;; p) PASSWORD="$OPTARG" ;; esac done find . -type f -not -path './uploadJarWithscripts\.sh*' -not -path '*/\.*' -not -path '*/\^archetype\-catalog\.xml*' -not -path '*/\^maven\-metadata\-local*\.xml' -not -path '*/\^maven\-metadata\-deployment*\.xml' | sed "s|^\./||" | xargs -I '{}' curl -s -u "$USERNAME:$PASSWORD" -X PUT -v -T {} ${REPO_URL}/{} ;
8、编译项目
打包验证
mvn clean -U install
打包方式的尝试
mvn clean package -Dmaven.repo.local=E:\mavn_repo\MavenRepository mvn clean package --settings D:\soft\apache-maven-3.5.2\conf\settings.xml -Dmaven.test.skip=true mvn clean package --settings C:\Users\135\.m2\settings.xml -Dmaven.test.skip=true
不知为何已经指定本地、setting好像都会从nexus拉取,原因未知,感觉像是bug.
9、参考
https://artifacthub.io/packages/helm/sonatype/nexus-repository-manager
10、nexus 仓库说明
maven-central:maven中央库,默认从 https://repo1.maven.org/maven2/ 拉取 jar。
maven-releases:私库发行版 jar。
maven-snapshots:私库快照版(调试版本)jar。
maven-public:仓库分组,把上面三个仓库组合在一起对外提供服务,在本地 maven 基础配置 settings.xml中使用。