Description: Nexus is Sonatype provide warehouse management platform, Nuexus Repository OSS3 support Maven, npm, Docker, YUM,and other formats of data storage and distribution.
First, install jdk
1) Install JDK
yum install -y java-1.8.0-openjdk*
2) configuration environment
vim /etc/profile # set java environment export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6.x86_64 export PATH=$PATH:$JAVA_HOME/bin export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
3) Overload
source /etc/profile echo "source /etc/profile" >> /etc/bashrc java -version
Second, the installation nexus
2.1 Download
mkdir -p /opt/nexus && cd /opt/nexus wget https://sonatype-download.global.ssl.fastly.net/repository/repositoryManager/3/nexus-3.18.1-01-unix.tar.gz tar -zxvf nexus-3.18.1-01-unix.tar.gz mv nexus-3.18.1-01 nexus3.18
2.2 Configuration
2.2.1 modify jdk
vim /opt/data/nexus/nexus3.18/bin/nexus
INSTALL4J_JAVA_PREFIX="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6.x86_64"
2.2.2 modify the startup user
vim /opt/data/nexus/nexus3.18/bin/nexus.rc run_as_user="root"
2.2.3 modify data and log storage location
vim /opt/data/nexus/nexus3.18/bin/nexus.vmoptions -XX:LogFile=/opt/data/blob-stores/others/sonatype-work/nexus3/log/jvm.log -Dkaraf.data=/opt/data/blob-stores/others/sonatype-work/nexus3 -Djava.io.tmpdir=/opt/data/blob-stores/others/sonatype-work/nexus3/tmp
2.2.4 Review the default port
cat /opt/data/nexus/nexus3.18/etc/nexus-default.properties |grep application-port
2.3 start
2.3.1 startup script
vim /usr/lib/systemd/system/nexus.service [Unit] Description=nexus service [Service] Type=forking LimitNOFILE=65536 ExecStart=/opt/nexus/nexus3.18/bin/nexus start ExecReload=/opt/nexus/nexus3.18/bin/nexus restart ExecStop=/opt/nexus/nexus3.18/bin/nexus stop Restart=on-failure [Install] WantedBy=multi-user.target
2.3.2 from the start
The service added to boot
systemctl daemon-reload
systemctl enable nexus
systemctl start nexus
Third, install nginx
3.1 Installation
yum install -y nginx
3.2 Certificate Request
Under application ssl certificates, and stored in / etc / nginx / cert directory
mkdir /etc/nginx/cert
3.3 nginx.conf
Vim / etc / Nginx / nginx.conf # Notes server, add the following: upstream nexusserver { Server 172.16 . 2.158 : 8081 ; } upstream mirrornexus { Server 172.16 . 2.158 : 6001 ; } upstream nexusdocker { Server 172.16 . 2.158 : 6000 ; }
Description:
1) 8081 is a nexus server port, nexus own service program;
2) as a docker proxy port 6001, a central repository as a proxy;
3) 6000 docker hosted port, push pull mirroring
4) 6001 and 6000 need to sign in the background to generate the corresponding configuration port, where nginx is set up in advance.
3.4 Configuration Service
3.4.1 Service procedures
vim /etc/nginx/conf.d/nexusserver.conf server { listen 443; server_name nexus.wmq.com; ssl on; ssl_certificate cert/1566822_nexus.wmq.com.pem; ssl_certificate_key cert/1566822_nexus.wmq.com.key; client_max_body_size 0; index index.html; location / { proxy_pass http://nexusserver; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name nexus.wmq.com; client_max_body_size 0; index index.html; location / { return 301 https://$server_name$request_uri; } }
3.4.2 warehouse agent
vim /etc/nginx/conf.d/mirrornexus.conf server { listen 443; server_name mirror.nexus.wmq.com; ssl on; ssl_certificate cert/mirror.nexus.wmq.com.pem; ssl_certificate_key cert/mirror.nexus.wmq.com.key; client_max_body_size 0; index index.html; location / { proxy_pass http://mirrornexus; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name mirror.nexus.wmq.com; client_max_body_size 0; index index.html; location / { return 301 https://$server_name$request_uri; } }
3.4.3 Mirror warehouse
vim /etc/nginx/conf.d/nexusdocker.conf server { listen 443; server_name reg.nexus.wmq.com; ssl on; ssl_certificate cert/reg.nexus.wmq.pem; ssl_certificate_key cert/reg.nexus.wmqhealth.key; client_max_body_size 0; index index.html; location / { proxy_pass http://nexusdocker; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } server { listen 80; server_name reg.nexus.wmq.com; client_max_body_size 0; index index.html; location / { return 301 https://$server_name$request_uri; } }
3.5 Start nginx
nginx -t
systemctl enable nginx
systemctl start nginx
3.6 DNS
nexus.wmq.com, mirror.nexus.wmq.com, reg.nexus.wmq.com three domain names resolve to the nexus host network address
Fourth, regular cleaning mirror
4.1 download tools
github address: https: //github.com/mlabouardy/nexus-cli
mkdir /opt/nexus/clean-docker-images && cd /opt/nexus/clean-docker-images wget https://s3.eu-west-2.amazonaws.com/nexus-cli/1.0.0-beta/linux/nexus-cli chmod +x nexus-cli
4.2 Configuration
./nexus-cli configure Enter Nexus Host: http://127.0.0.1:8081 Enter Nexus Repository Name: docker-wmqe Enter Nexus Username: admin Enter Nexus Password: *******
Generates .credentials file in the current directory, the file records information entered above.
4.3 Script
vim clean-docker-images.sh #! /bin/sh CLI_HOME=/opt/nexus/clean-docker-images KEEP_VERSION_NUM=10 IMAGES=$($CLI_HOME/nexus-cli image ls|grep -v Total) clean_images() { cd $CLI_HOME for imgs in $(echo $IMAGES); do echo "清理$imgs"; ./nexus-cli image delete -name $imgs -keep $KEEP_VERSION_NUM done } clean_images
4.4 Scheduled Tasks
crontab -e 0 1 * * * sh /opt/nexus/clean-docker-images/clean-docker-images.sh > /opt/nexus/clean-docker-images/clean-docker-images.log 2>&1