環境信息：

系統：CentOS 7
配置: CPU 4核(建議最少4核)、內存4G 、磁盤200G
IP：192.168.86.9
nexus3版本：nexus-3.27.0-03-unix.tar.gz
nexus3安裝包下載地址：

wget http://download.sonatype.com/nexus/3/nexus-3.27.0-03-unix.tar.gz 或者 鏈接：https://pan.baidu.com/s/1OFruEz3aIU1NxHVQf5YBFQ 提取碼：demo

JDK下載地址
JDK版本：jdk-8u151-linux-x64

https://www.oracle.com/cn/java/technologies/javase/javase-jdk8-downloads.html 或者 鏈接：https://pan.baidu.com/s/1dPIVFRi8hGdP7wOztoX6lg 提取碼：demo

一、源碼包方式部署

1>安裝jdk并配置環境變量并驗證

tar -xf jdk-8u151-linux-x64.tar -C /usr/local/ ln -s /usr/local/jdk1.8.0_151 /usr/local/java echo "JAVA_HOME=/usr/local/java" >>/etc/profile echo "PATH=\$JAVA_HOME/bin:\$PATH">>/etc/profile echo "export JAVA_HOME PATH" >>/etc/profile source /etc/profile java -version

2>安裝nexus

tar -xf nexus-3.27.0-03-unix.tar.gz -C /usr/local/ ln -s /usr/local/nexus-3.27.0-03 /usr/local/nexus useradd -d "/home/nexus" -m -s "/sbin/nologin" nexus chown -R nexus:nexus /usr/local/nexus chown -R nexus:nexus /usr/local/sonatype-work echo run_as_user='"nexus"' >>/usr/local/nexus/bin/nexus.rc

配置systemctl管理nexus

cat <<EOF >/etc/systemd/system/nexus.service [Install] WantedBy=multi-user.target[Unit] Description=nexus service After=network.target[Service] Type=forking LimitNOFILE=65536 ExecStart=/usr/local/nexus/bin/nexus start ExecStop=/usr/local/nexus/bin/nexus stop User=nexus Restart=on-abort[Install] WantedBy=multi-user.target EOF

啟動nexus

systemctl daemon-reload systemctl start nexus.service systemctl enable nexus.service

3>登錄nexus（hostIP:8081）

查看nexus的admin用戶密碼，使用admin用戶登錄 cat /usr/local/sonatype-work/nexus3/admin.password

設置新密碼

設置倉庫訪問權限

4>配置https訪問

生成服務端需要配置的認證文件

NEXUS_DOMAIN=192.168.86.9 NEXUS_IP_ADDRESS=192.168.86.9 PASSWD=passwordkeytool -genkeypair -keystore keystore.jks -storepass ${PASSWD} -keypass ${PASSWD} -alias nexus -keyalg RSA -keysize 2048 -validity 5000 -dname "CN=${NEXUS_DOMAIN}, OU=demo, O=demo, L=Beijing, ST=Beijing, C=CN" -ext "SAN=IP:${NEXUS_IP_ADDRESS}" -ext "BC=ca:true"mv keystore.jks /usr/local/nexus/etc/ssl/keytool -export -alias nexus -keystore /usr/local/nexus/etc/ssl/keystore.jks -file keystore.cer -storepass passwordmv keystore.cer /usr/local/nexus/etc/ssl/

生產客戶端證書

口令都配置password keytool -importkeystore -srckeystore /usr/local/nexus/etc/ssl/keystore.jks -destkeystore keystore.p12 -deststoretype PKCS12openssl pkcs12 -in keystore.p12 -nokeys -out keystore.crt mv keystore.crt keystore.p12 /usr/local/nexus/etc/ssl/

配置 Nexus 使用證書，開啟 https

cp /usr/local/nexus/etc/nexus-default.properties /usr/local/nexus/etc/nexus-default.properties.baksed -i '/application-port=/i\\ application-port-ssl=8443' /usr/local/nexus/etc/nexus-default.propertiessed -i '/nexus-args/d' /usr/local/nexus/etc/nexus-default.propertiesecho 'nexus-args=${jetty.etc}/jetty.xml,${jetty.etc}/jetty-http.xml,${jetty.etc}/jetty-https.xml,${jetty.etc}/jetty-requestlog.xml' >>/usr/local/nexus/etc/nexus-default.properties重啟nexus驗證https訪問 systemctl restart nexus.service

二、k8s方式部署

1、環境信息
ingress入口：192.168.86.36
域名規劃：
主站點：repository.onap.vip
2、生成證書（參考:certbot生成證書）

certbot --server https://acme-v02.api.letsencrypt.org/directory -d "repository.onap.vip" -d "*.repository.onap.vip" --manual --preferred-challenges dns-01 certonly

3、nexus3部署yaml

#創建namespace kubectl create ns repository #生成ingress使用htts需要的secret kubectl -n repository create secret tls repository-onap-vip-tls-secret --cert=repository.onap.vip.fullchain.pem --key=repository.onap.vip.privkey.pem kubectl -n repository apply -f nexus3-deploy.yaml

nexus3-deploy.yaml

apiVersion: v1 kind: Service metadata:name: sonatype-nexuslabels:app: sonatype-nexus spec:type: NodePortports:- name: sonatype-nexusport: 8081targetPort: 8081protocol: TCP- name: dockerio-proxyport: 10001targetPort: 10001nodePort: 32001protocol: TCP- name: local-dockerport: 10002targetPort: 10002protocol: TCPselector:app: sonatype-nexus --- apiVersion: extensions/v1beta1 kind: Ingress metadata:name: repository.onap.vipannotations:kubernetes.io/ingress.class: "nginx" spec:rules:- host: repository.onap.viphttp:paths:- path:backend:serviceName: sonatype-nexusservicePort: 8081tls:- hosts:- repository.onap.vipsecretName: repository-onap-vip-tls-secret --- apiVersion: v1 kind: PersistentVolumeClaim metadata:name: sonatype-nexus spec:accessModes:- ReadWriteOncevolumeMode: Filesystemresources:requests:storage: 10GistorageClassName: csi-rbd-sc --- apiVersion: apps/v1 kind: Deployment metadata:name: sonatype-nexuslabels:app: sonatype-nexus spec:replicas: 1selector:matchLabels:app: sonatype-nexustemplate:metadata:labels:app: sonatype-nexusspec:containers:- name: sonatype-nexusimage: sonatype/nexus3:3.34.0imagePullPolicy: IfNotPresentports:- name: servercontainerPort: 8081containerPort: 10001containerPort: 10002livenessProbe:httpGet:path: /port: 8081initialDelaySeconds: 30periodSeconds: 30failureThreshold: 6readinessProbe:httpGet:path: /port: 8081initialDelaySeconds: 30periodSeconds: 30failureThreshold: 6env:- name: INSTALL4J_ADD_VM_PARAMSvalue: "-Xms4096M -Xmx6096M -XX:MaxDirectMemorySize=4G -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap"resources:limits:cpu: 4000mmemory: 4096Mi requests:cpu: 2000mmemory: 2048MivolumeMounts:- name: sonatype-nexus-datamountPath: /nexus-datavolumes:- name: sonatype-nexus-datapersistentVolumeClaim:claimName: sonatype-nexus

總結

以上是生活随笔為你收集整理的nexus3部署的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。