Skip to content

Instantly share code, notes, and snippets.

@dmi3mis

dmi3mis/Nexus3.yaml

Created March 17, 2023 01:17
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dmi3mis/2edee6bd653b361c2129f00294538837 to your computer and use it in GitHub Desktop.
Save dmi3mis/2edee6bd653b361c2129f00294538837 to your computer and use it in GitHub Desktop.
Download ZIP
Install Nexus3 with m88i nexus-operator
Raw
allow-nexus-userid-200-scc.yaml
apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
name: allow-nexus-userid-200
fsGroup:
ranges:
- max: 200
min: 200
type: MustRunAs
runAsUser:
type: MustRunAs
uid: 200
seLinuxContext:
type: MustRunAs
supplementalGroups:
ranges:
- max: 200
min: 200
type: MustRunAs
volumes:
- configMap
- persistentVolumeClaim
- secret
Raw
gistfile1.txt
apiVersion: apps.m88i.io/v1alpha1
kind: Nexus
metadata:
name: nexus3
spec:
# Number of Nexus pod replicas (can't be increased after creation)
replicas: 1
# Here you can specify the image version to fulfill your needs. Defaults to docker.io/sonatype/nexus3:latest if useRedHatImage is set to false
#image: "docker.io/sonatype/nexus3:latest"
# let's use the centOS image since we do not have access to Red Hat Catalog
useRedHatImage: true
# Set the resources requests and limits for Nexus pods. See: https://help.sonatype.com/repomanager3/system-requirements
resources:
limits:
cpu: "2"
memory: "2Gi"
requests:
cpu: "1"
memory: "2Gi"
# Data persistence details
persistence:
# Should we persist Nexus data? Yes, please. (turn this to false only if you're evaluating this resource)
persistent: true
# Size of the volume reserved for the pods. Be aware that if replicas greater then 1, a RWX Persistent Volume will be created, hence
# make sure that your cluster has support for this configuration. Ignored if persistent is set to false. Defaults to 10Gi
volumeSize: 10Gi
# bugfix https://github.com/m88i/nexus-operator/issues/223 " RuntimeException: AccessDeniedException: /nexus-data/etc/logback"
extraVolumes:
- emptyDir:
medium: ''
mountPath: /nexus-data/etc/logback
name: logback
networking:
# let the operator expose the Nexus server for you (the method will be the one that fits better for your cluster)
expose: true
Raw
gistfile2.txt
1. install nexus operator https://github.com/m88i/nexus-operator
2. Create scc to allow use uid 200
oc create -f allow-nexus-userid-200-scc.yaml
3. allow nexus3 serviceaccount use allow-nexus-userid-200 scc
oc adm policy add-scc-to-user allow-nexus-userid-200 -z nexus3
4. create nexus3 crd
oc create -f Nexus3.yaml
Raw
Nexus3.yaml
apiVersion: apps.m88i.io/v1alpha1
kind: Nexus
metadata:
name: nexus3
spec:
serviceAccountName: nexus3
resources:
limits:
cpu: '2'
memory: 3Gi
requests:
cpu: '1'
memory: 2Gi
readinessProbe:
failureThreshold: 3
initialDelaySeconds: 240
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
useRedHatImage: true
livenessProbe:
failureThreshold: 3
initialDelaySeconds: 240
periodSeconds: 10
successThreshold: 1
timeoutSeconds: 15
serverOperations: {}
automaticUpdate:
disabled: true
networking:
expose: true
exposeAs: Route
tls:
mandatory: true
image: registry.connect.redhat.com/sonatype/nexus-repository-manager
replicas: 1
persistence:
extraVolumes:
- emptyDir:
medium: ''
mountPath: /nexus-data/etc/logback
name: logback
persistent: true
volumeSize: 10Gi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment