Skip to content

Instantly share code, notes, and snippets.

@ataylor284
Last active February 5, 2024 09:56
Show Gist options
  • Star 14 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save ataylor284/7b15c276441906d16d43f58cf8e3ea94 to your computer and use it in GitHub Desktop.
Save ataylor284/7b15c276441906d16d43f58cf8e3ea94 to your computer and use it in GitHub Desktop.
Creating a Minio S3 Blobstore on NXRM 3.13

Creating a Minio S3 Blobstore on NXRM 3.13

This is a quick guide on creating using the NXRM S3 blob store with Minio's S3 implementation. Disclaimer: Using Minio with NXRM is not officially supported by Sonatype.

Step 1: Start Minio locally

Follow the quick start guide here: https://github.com/minio/minio. For my testing, I started minio with docker with

docker pull minio/minio
docker run -p 9000:9000 -e "MINIO_ACCESS_KEY=mykey" -e "MINIO_SECRET_KEY=mysecret" minio/minio server data

Minio will helpfully print the credentials you need to the console once it has been started. Recent minio docker images don't print out credentials any more. Supply them as environment variables as above.

Obviously you can skip this step if you already have Minio running.

Step 2: Create a bucket

NXRM will create a bucket automatically on AWS S3, but it doesn't work quite right with Minio. Create the bucket in the Minio web console.

Step 3: Start a version of NXRM with the S3 blob store

Your best bet is the latest version of NXRM. NXRM 3.12 and later support S3 out of the box and is highly recommended. For older versions of NXRM 3, you can install the unbundled version of the plugin from https://github.com/sonatype/nexus-blobstore-s3, but this isn't being actively supported anymore. Use the bundled version and save yourself some headaches!

Step 4: Create the blob store

There are lots of configuration options here, and you have to get them just right for Minio to work.

S3 blob store configuration

  1. Name: Enter a name (e.g. test-blobstore)
  2. Bucket: Enter the name of the bucket you created in step 2 (e.g. test)
  3. Access Key ID: Enter the access key id you provided to docker (e.g. "mykey")
  4. Secret Access Key: Enter the secret access key you provided to docker (e.g. "mysecret")
  5. Session Token: leave blank
  6. Assume Role ARN: leave blank
  7. Region: Choose us-east-1
  8. Endpoint URL: Enter the Minio API URL (e.g. http://127.0.0.1:9000)
  9. Expiration Days: Enter -1
  10. Signature version: Leave as default

Thats it! Hope this helps.

@himslm01
Copy link

Exactly the same issue with Nexus OSS 3.18.1-01 and Minio version 2019-07-24T02:02:23Z.
I cannot even create the blob storage:

2019-08-17 15:51:26,853+0000 ERROR [qtp1790807893-158] admin org.sonatype.nexus.extdirect.internal.ExtDirectExceptionHandler - Failed to invoke action method: coreui_Blobstore.create, java-method: org.sonatype.nexus.coreui.BlobStoreComponent.create
org.sonatype.nexus.blobstore.api.BlobStoreException: Unable to initialize blob store bucket: nexus-repository, Cause: The XML you provided was not well-formed or did not validate against our published schema. (Service: Amazon S3; Status Code: 400; Error Code: MalformedXML; Request ID: 15BBC09F87971BF9; S3 Extended Request ID: 8be7ad1d-5411-4159-95f7-eb1f977be4c2)
	at org.sonatype.nexus.blobstore.s3.internal.S3BlobStore.doInit(S3BlobStore.java:478)
	at org.sonatype.nexus.blobstore.BlobStoreSupport.init(BlobStoreSupport.java:219)
	at org.sonatype.nexus.repository.internal.blobstore.BlobStoreManagerImpl.create(BlobStoreManagerImpl.java:192)

I was so hopeful this would work, it would solve a lot of issues for me - particularly for providing storage for running Nexus in Docker.

@binlab
Copy link

binlab commented Feb 27, 2020

The same issue with Sonatype Nexus Repository ManagerOSS 3.21.1-01 in Docker container from https://hub.docker.com/r/sonatype/nexus3/

@binlab
Copy link

binlab commented Feb 27, 2020

Does anyone know how to make this possible?

@lukasmrtvy
Copy link

lukasmrtvy commented Mar 25, 2020

Does not work with sonatype/nexus3:3.21.2 and minio/minio:RELEASE.2020-03-25T07-03-04Z.

Getting

Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: A header you provided implies functionality that is not implemented (Service: Amazon S3; Status Code: 501; Error Code: NotImplemented; Request ID: 15FFA033A169F39B; S3 Extended Request ID: b77d0d1d-6b8b-4358-8fc3-b9b17d1db09e)

with path-style access enabled.
and

Caused by: com.amazonaws.services.s3.model.AmazonS3Exception: Not Found (Service: Amazon S3; Status Code: 404; Error Code: 404 Not Found; Request ID: 15FFA04B4944E112; S3 Extended Request ID: null)

with path-style access disabled. ( I had to add <bucket>.minio alias )

minio/minio#7200

@oogali
Copy link

oogali commented Jan 20, 2022

I was faced the same problem with an older version of Nexus Repository Manager (3.27 I believe).

After finding this thread, I upgraded to v3.37.3 and changed the signature version to S3SignerType. I already had path-style access enabled.

With that change, pushing Docker images to Nexus began to work.

Based on this, I think there's some incompatibility between Nexus, the AWS Java SDK, and Minio where the combination of them can't operate on v4 signatures (which is the default in Nexus), but is at least capable of using a v2 signature.

$ minio --version
minio version RELEASE.2021-04-06T23-11-00Z

@hulucc
Copy link

hulucc commented Feb 5, 2024

docker registry works well with nexus3:3.64.0 and minio RELEASE.2024-01-11T07-46-16Z, AWSS3V4SignerType, path style enabled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment