k8s集群内部署nexus

一、前言

? ? ?在k8s集群中部署nexus服务需要使用到pv、pvc服务来存储nexus的数据，需要使用service服务来提供对外访问nexus服务的端口，需要使用deployment服务来管理nexus服务，接下来就是用这些服务来在k8s集群中搭建nexus，pv服务使用了nfs网络存储并且部署的是3.28.0版本的neuxs，如需其他版本自行更改镜像版本

二、部署

? ? 创建yaml文件存放目录

? ? mkdir /opt/nexus && cd?/opt/nexus

? ? 创建命名空间

? ? kubectl create namespace nexus

? ? 在nfs服务器给存储nexus数据的nfs共享路径授权

这是因为在nexus3官方docker仓库说明文档里挂载目录设置的权限为200但实际安装的时候无法启动,权限不够,启动nexus服务导致输出报错如下

mkdir: cannot create directory '../sonatype-work/nexus3/log': Permission denied
mkdir: cannot create directory '../sonatype-work/nexus3/tmp': Permission denied
OpenJDK 64-Bit Server VM warning: Cannot open file ../sonatype-work/nexus3/log/jvm.log due to No such file or directory
 
Warning:  Cannot open log file: ../sonatype-work/nexus3/log/jvm.log
Warning:  Forcing option -XX:LogFile=/tmp/jvm.log
java.io.FileNotFoundException: ../sonatype-work/nexus3/tmp/i4j_ZTDnGON8hezynsMX2ZCYAVDtQog=.lock (No such file or directory)

? ? chmod 777 /share/k8s/nexus

? ? 编辑pv配置文件

? ? vi pv.yaml

apiVersion: v1
kind: PersistentVolume
metadata:
  name: nexus-pv
spec:
  capacity:
    storage: 30Gi    #配置容量大小
  accessModes:
    - ReadWriteOnce     #配置访问策略为只允许一个节点读写
  persistentVolumeReclaimPolicy: Retain  #配置回收策略，Retain为手动回收
  storageClassName: nexus       #配置为nfs
  nfs:
    path: /share/k8s/nexus   #配置nfs服务端的共享路径
    server: 10.1.60.22    #配置nfs服务器地址

? ??编辑pvc配置文件?

apiVersion: v1
kind: PersistentVolumeClaim
metadata:
  name: nexus-data-pvc
  namespace: nexus
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 30Gi
  storageClassName: nexus

编辑service配置文件?

apiVersion: v1
kind: Service
metadata:
  name: nexus
  namespace: nexus
  labels:
    app: nexus
spec:
  selector:
    app: nexus
  type: NodePort
  ports:
    - name: web
      protocol: TCP
      port: 8081
      targetPort: 8081
      nodePort: 30001

编辑deployment配置文件

apiVersion: apps/v1
kind: Deployment
metadata:
  labels:
    app: nexus
  name: nexus
  namespace: nexus
spec:
  replicas: 1
  progressDeadlineSeconds: 600
  minReadySeconds: 30
  strategy:
    rollingUpdate:
      maxSurge: 1
      maxUnavailable: 0
    type: RollingUpdate
  selector:
    matchLabels:
      app: nexus
  template:
    metadata:
      labels:
        app: nexus
    spec:
      containers:
      - name: nexus
        image: sonatype/nexus3:3.28.0
        imagePullPolicy: IfNotPresent
        ports:
          - containerPort: 8081
            name: web
            protocol: TCP
        livenessProbe:
          httpGet:
            path: /
            port: 8081
          initialDelaySeconds: 70
          periodSeconds: 30
          failureThreshold: 6
        readinessProbe:
          httpGet:
            path: /
            port: 8081
          initialDelaySeconds: 60
          periodSeconds: 30
          failureThreshold: 6
        resources:
          limits:
            cpu: 1000m
            memory: 2Gi
          requests:
            cpu: 500m
            memory: 512Mi
        volumeMounts:
        - name: nexus-data
          mountPath: /nexus-data
      volumes:
        - name: nexus-data
          persistentVolumeClaim:
            claimName: nexus-data-pvc

创建yaml文件对应服务

kubectl apply -f pv.yaml

kubectl apply -f pvc.yaml

kubectl apply -f service.yaml

kubectl apply -f deployment.yaml

查询服务是否正常

kubectl get all -n nexus

kubectl get pv

kubectl get pvc

服务启动正常后获取nexus初始的登录密码

kubectl exec -it nexus-6fcc7c4db9-np769 -n nexus cat /nexus-data/admin.password

通过service的nodeport端口访问nexus服务

http://10.1.60.14:30001/

默认用户admin 密码使用上面获取的初始密码即可