镜像仓库 Nexus 3.18.1
Posted weavepub
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了镜像仓库 Nexus 3.18.1相关的知识,希望对你有一定的参考价值。
说明:Nexus是Sonatype提供的仓库管理平台,Nuexus Repository OSS3能够支持Maven、npm、Docker、YUM、Helm等格式数据的存储和发布。
一、安装jdk
1)安装JDK
yum install -y java-1.8.0-openjdk*
2)配置环境
vim /etc/profile # set java environment export JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6.x86_64 export PATH=$PATH:$JAVA_HOME/bin export CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar
3)重载
source /etc/profile echo "source /etc/profile" >> /etc/bashrc java -version
二、安装nexus
2.1 下载
mkdir -p /opt/nexus && cd /opt/nexus wget https://sonatype-download.global.ssl.fastly.net/repository/repositoryManager/3/nexus-3.18.1-01-unix.tar.gz tar -zxvf nexus-3.18.1-01-unix.tar.gz mv nexus-3.18.1-01 nexus3.18
2.2 配置
2.2.1 修改jdk
vim /opt/data/nexus/nexus3.18/bin/nexus
INSTALL4J_JAVA_PREFIX="/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.222.b10-0.el7_6.x86_64"
2.2.2 修改启动用户
vim /opt/data/nexus/nexus3.18/bin/nexus.rc run_as_user="root"
2.2.3 修改数据和日志存储位置
vim /opt/data/nexus/nexus3.18/bin/nexus.vmoptions -XX:LogFile=/opt/data/blob-stores/others/sonatype-work/nexus3/log/jvm.log -Dkaraf.data=/opt/data/blob-stores/others/sonatype-work/nexus3 -Djava.io.tmpdir=/opt/data/blob-stores/others/sonatype-work/nexus3/tmp
2.2.4 查看默认端口
cat /opt/data/nexus/nexus3.18/etc/nexus-default.properties |grep application-port
2.3 启动
2.3.1 启动脚本
vim /usr/lib/systemd/system/nexus.service [Unit] Description=nexus service [Service] Type=forking LimitNOFILE=65536 ExecStart=/opt/nexus/nexus3.18/bin/nexus start ExecReload=/opt/nexus/nexus3.18/bin/nexus restart ExecStop=/opt/nexus/nexus3.18/bin/nexus stop Restart=on-failure [Install] WantedBy=multi-user.target
2.3.2 自启动
将服务加入开机启动
systemctl daemon-reload
systemctl enable nexus
systemctl start nexus
三、安装nginx
3.1 安装
yum install -y nginx
3.2 证书申请
申请ssl证书,并存放在 /etc/nginx/cert 目录下
mkdir /etc/nginx/cert
3.3 配置nginx.conf
vim /etc/nginx/nginx.conf #注释server,添加如下: upstream nexusserver server 172.16.2.158:8081; upstream mirrornexus server 172.16.2.158:6001; upstream nexusdocker server 172.16.2.158:6000;
说明:
1)8081 为 nexus server 的端口,nexus本身服务程序;
2)6001 为 docker proxy 的端口,作为中央仓库的代理;
3)6000 为 docker hosted 的端口,推送拉取镜像
4)6001 和 6000 需登入后台进行相应的配置生成端口,这里是提前设置好nginx。
3.4 配置服务
3.4.1 服务程序
vim /etc/nginx/conf.d/nexusserver.conf server listen 443; server_name nexus.wmq.com; ssl on; ssl_certificate cert/1566822_nexus.wmq.com.pem; ssl_certificate_key cert/1566822_nexus.wmq.com.key; client_max_body_size 0; index index.html; location / proxy_pass http://nexusserver; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; server listen 80; server_name nexus.wmq.com; client_max_body_size 0; index index.html; location / return 301 https://$server_name$request_uri;
3.4.2 代理仓库
vim /etc/nginx/conf.d/mirrornexus.conf server listen 443; server_name mirror.nexus.wmq.com; ssl on; ssl_certificate cert/mirror.nexus.wmq.com.pem; ssl_certificate_key cert/mirror.nexus.wmq.com.key; client_max_body_size 0; index index.html; location / proxy_pass http://mirrornexus; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; server listen 80; server_name mirror.nexus.wmq.com; client_max_body_size 0; index index.html; location / return 301 https://$server_name$request_uri;
3.4.3 镜像仓库
vim /etc/nginx/conf.d/nexusdocker.conf server listen 443; server_name reg.nexus.wmq.com; ssl on; ssl_certificate cert/reg.nexus.wmq.pem; ssl_certificate_key cert/reg.nexus.wmqhealth.key; client_max_body_size 0; index index.html; location / proxy_pass http://nexusdocker; #proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto "https"; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; server listen 80; server_name reg.nexus.wmq.com; client_max_body_size 0; index index.html; location / return 301 https://$server_name$request_uri;
3.5 启动 nginx
nginx -t
systemctl enable nginx
systemctl start nginx
3.6 域名解析
nexus.wmq.com、mirror.nexus.wmq.com、reg.nexus.wmq.com 三个域名都解析到 nexus 主机内网地址
四、定时清理镜像
4.1 下载工具
github地址:https://github.com/mlabouardy/nexus-cli
mkdir /opt/nexus/clean-docker-images && cd /opt/nexus/clean-docker-images wget https://s3.eu-west-2.amazonaws.com/nexus-cli/1.0.0-beta/linux/nexus-cli chmod +x nexus-cli
4.2 配置
./nexus-cli configure Enter Nexus Host: http://127.0.0.1:8081 Enter Nexus Repository Name: docker-wmqe Enter Nexus Username: admin Enter Nexus Password: *******
会在当前目录生成 .credentials 文件,该文件记录了上面输入的信息。
4.3 脚本
vim clean-docker-images.sh #! /bin/sh CLI_HOME=/opt/nexus/clean-docker-images KEEP_VERSION_NUM=10 IMAGES=$($CLI_HOME/nexus-cli image ls|grep -v Total) clean_images() cd $CLI_HOME for imgs in $(echo $IMAGES); do echo "清理$imgs"; ./nexus-cli image delete -name $imgs -keep $KEEP_VERSION_NUM done clean_images
4.4 计划任务
crontab -e 0 1 * * * sh /opt/nexus/clean-docker-images/clean-docker-images.sh > /opt/nexus/clean-docker-images/clean-docker-images.log 2>&1
以上是关于镜像仓库 Nexus 3.18.1的主要内容,如果未能解决你的问题,请参考以下文章