【Microk8s】Microk8s部署Nexus3及基本使用
权承
1. 部署Nexus3
1.1. Nexus3示例yaml(附带Storage)
---
apiVersion: apps/v1
kind: Deployment
metadata:
namespace: development
name: dev-nexus3
labels:
app: dev-nexus3
spec:
replicas: 1
selector:
matchLabels:
app: dev-nexus3
template:
metadata:
labels:
app: dev-nexus3
spec:
terminationGracePeriodSeconds: 10
serviceAccountName: nexus3
containers:
- name: nexus3
image: sonatype/nexus3:3.32.0
imagePullPolicy: IfNotPresent
ports:
- containerPort: 8081
name: web
protocol: TCP
livenessProbe:
httpGet:
path: /
port: 8081
initialDelaySeconds: 100
periodSeconds: 30
failureThreshold: 6
readinessProbe:
httpGet:
path: /
port: 8081
initialDelaySeconds: 100
periodSeconds: 30
failureThreshold: 6
resources:
limits:
cpu: 4000m
memory: 2Gi
requests:
cpu: 500m
memory: 512Mi
volumeMounts:
- name: nexus-data
mountPath: /nexus-data
volumes:
- name: nexus-data
# 使用 hostPath 模式(直接访问宿主机路径,但是官方不推荐)
#hostPath:
# path: /k8sdata/development/dev-nexus-data
# type: DirectoryOrCreate
# 使用 storage pvc 模式 (需要结合存储配置使用)
persistentVolumeClaim:
claimName: dev-nexus-pvc
---
apiVersion: v1
kind: Service
metadata:
name: dev-nexus3
namespace: development
labels:
app: dev-nexus3
spec:
selector:
app: dev-nexus3
type: ClusterIP
ports:
- name: web
protocol: TCP
port: 8081
targetPort: 8081
---
# 持久卷 绑定storage class 将本地存储或nfs分配到对应的storage class 挂载文件夹
apiVersion: v1
kind: PersistentVolume
metadata:
name: dev-nexus-pv
spec:
capacity:
storage: 100Gi
volumeMode: Filesystem
accessModes:
- ReadWriteOnce
persistentVolumeReclaimPolicy: Retain
storageClassName: dev-storage
hostPath:
path: /k8sdata/development/dev-nexus-data
---
# 存储类 挂载到pv上 用来动态划分 pvc 类似硬盘管理
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
name: dev-storage
provisioner: k8s-sigs.io/k8s-data-dev # 可以是其他名字,但是必须是deployment环境变量 PROVISIONER_NAME 的值
parameters:
archiveOnDelete: "true" # false表示不存档,即删除数据,true表示存档,即重命名路径
allowVolumeExpansion: true # 是否允许pvc扩容
---
# 动态卷
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: dev-nexus-pvc
namespace: development
labels:
app: dev-nexus-pvc
spec:
storageClassName: dev-storage # 指定存储类
volumeName: dev-nexus-pv # 指定pv名
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
---
apiVersion: v1
kind: ServiceAccount
metadata:
name: nexus3
---
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
name: nexus3
rules:
- apiGroups: [""]
resources: ["pods","events"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/exec"]
verbs: ["create","delete","get","list","patch","update","watch"]
- apiGroups: [""]
resources: ["pods/log"]
verbs: ["get","list","watch"]
- apiGroups: [""]
resources: ["secrets","events"]
verbs: ["get"]
---
apiVersion: rbac.authorization.k8s.io/v1
kind: RoleBinding
metadata:
name: nexus3
roleRef:
apiGroup: rbac.authorization.k8s.io
kind: Role
name: nexus3
subjects:
- kind: ServiceAccount
name: nexus3
1.2. 应用yaml文件
kc apply -f [yaml文件名称]
1.3. 使用Ingress代理
1.3.1 在Ingress命名空间创建Service映射
- 示例yaml
kind: Service
apiVersion: v1
metadata:
name: dev-nexus3
namespace: ingress
spec:
type: ExternalName
# 写法对应的命名空间 development 下的 dev-nexus3 服务
externalName: dev-nexus3.development.svc.cluster.local
internalTrafficPolicy: Cluster
- 应用yaml文件
kc apply -f [yaml文件名称]
1.3.2 Ingress配置代理
- 进入Dashboard,切换到命名空间Ingress;
- 选择左侧目录 Service -> Ingresses;
- 编辑Ingress配置;
# 修改 spec.rules.host 节点的内容
spec:
ingressClassName: public
rules:
- host: devops.nexus.com
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: dev-nexus3
port:
number: 8081
- 更新Ingress配置;
- 配置访问机host,将host指向对应Ingress所在IP;
- 访问 http://devops.nexus.com 查看是否正常。
2. Nexus3使用示例
- 登录Nexus3,首次访问密码在Nexus数据目录下,可以在 1.1 中配置的目录下找到;
- 点击配置按钮(齿轮)进入配置页面;
- Blob Stores可以配置存储,一般使用默认即可;
- Repositories中配置私服仓库:
a.点击 Create respository
b.选择要创建的仓库类型(group-仓库组 hosted-私有仓库 proxy-代理仓库)
类似资料: