Sonatype Nexus repository OSS is an artifact repository that supports most software repositories such as Maven, Pypi, Npmjs, Rubygems, Yum, Apt, Docker registry and etc. In the enterprise Nexus repository is widely used for storing proprietary artifacts and caching the artifacts for speeding up the devops.
Building a production ready Nexus repository always is a requirement for devops team, it should satisfy below criterias at least,
- artifacts storage management It’s difficult to predicate the storage usage of artifacts, allocating large volume is not cost optimized.
- the durability of nexus3 data storage We need a way to make sure data storage of nexus when updating Nexus OSS to newer version or recover the service from unhealthy status.
- self healing capability when the service is down A reliable way recovers the Nexus repository OSS when it’s unhealth.
- Host on EKS cluster using managed EC2 nodes with IRSA
- Expose service via AWS Application load balancer managed by AWS load balancer controller(former ALB Ingress Controller)
- Use dedicated S3 bucket for storing Nexus OSS blobstore with ulimited and on-demand storage
- Use EFS, EFS CSI Driver, PV and PVC storing nexus data
- Use Helm to deploy Sonatype Nexus chart
OptionalUse External DNS to registry the domain record of Nexus repository to Route 53
OptionalUse AWS Certificate Manager to create SSL certificate of domain name of Nexus repository