【quick start】nexus快速搭建、配置教程
搭建
使用k8s编排文件快速部署
---
apiVersion: apps/v1
kind: Deployment
metadata:
annotations: {}
labels:
k8s-app: nexus3
k8s.kuboard.cn/name: nexus3
name: nexus3
namespace: aap-global
spec:
progressDeadlineSeconds: 600
replicas: 1
revisionHistoryLimit: 10
selector:
matchLabels:
k8s-app: nexus3
strategy:
rollingUpdate:
maxSurge: 25%
maxUnavailable: 25%
type: RollingUpdate
template:
metadata:
creationTimestamp: null
labels:
k8s-app: nexus3
name: nexus3
namespace: aap-global
spec:
containers:
- image: 'nexus3:3.41.1'
imagePullPolicy: Always
name: nexus3
ports:
- containerPort: 8081
name: web
protocol: TCP
resources:
limits:
cpu: '1'
memory: 2Gi
requests:
cpu: 500m
memory: 512Mi
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /nexus-data
name: nexus-data
dnsPolicy: ClusterFirst
initContainers:
- args:
- 'echo "授权文件夹防止拒绝访问"; whoami && chown 200:200 /nexus-data'
command:
- /bin/sh
- '-c'
image: 'nexus3:3.41.1'
imagePullPolicy: IfNotPresent
name: chmod-access
resources: {}
securityContext:
runAsUser: 0
terminationMessagePath: /dev/termination-log
terminationMessagePolicy: File
volumeMounts:
- mountPath: /nexus-data
name: nexus-data
nodeName: {{ 如果使用localPathPVC,这里必须固定节点启动 }}
restartPolicy: Always
schedulerName: default-scheduler
securityContext: {}
terminationGracePeriodSeconds: 30
volumes:
- name: nexus-data
persistentVolumeClaim:
claimName: nexus-data-pvc
---
apiVersion: v1
kind: Service
metadata:
annotations: {}
labels:
k8s-app: nexus3
k8s.kuboard.cn/name: nexus3
name: nexus3
namespace: aap-global
spec:
ports:
- name: zt2tme
nodePort: 10081
port: 8081
protocol: TCP
targetPort: 8081
selector:
k8s-app: nexus3
sessionAffinity: None
type: NodePort
测试
curl ${youIp}:10081
配置
- 创建repository,repository分为三种,hosted(存储库)/proxy(代理别的库)/group(集成前两者为同一个仓库)
默认会有maven-central(proxy)
配置镜像源账号密码(需要认证时)
配置完成后,清一下缓存
- 配置代理仓库时,如果使用私有镜像源,并且使用了https,需要添加证书信任
信任私有证书
可以代理到公网中央仓库或国内其它镜像源;maven-releases(hosted),可以上传私有依赖到这里;
maven-public(group),这个可以默认包含前面两个仓库,下载依赖时,直接指向这个库,即可同时下载maven-central和maven-releases的依赖
- 创建role角色,每一个角色可以分配的权限细化到每一个仓库,搜索时可以根据仓库名搜索。还有一个重要权限(nx-component-upload)用于控制用户上传依赖的权限
- 创建用户,并分配角色