Docker Compose for Sonatype platform - Part 1
By Curtis Yanko
4 minute read time
Since taking on a role where I help our partners learn how to install and use our solutions, I've turned my focus to making that "easy." Now that Sonatype offers "official" Docker images for Sonatype Nexus Repository and Sonatype Lifecycle they were a perfect fit for my use case. Tools like docker-compose can make starting and stopping the Sonatype platform as simple as docker-compose up and docker-compose down. Docker does such a great job of masking a lot of complexity that even fairly non-technical folks have been able to successfully use these scripts.
I share my work in GitHub, like everyone else these day, at CMYanko/demo-iq-server. You can see from the name that this started out with a focus on the Sonatype IQ Server but has grown into the full platform. Here you'll find some scripts and documentation on how to install and run our solutions quickly and easily. I assume you are working on a Docker host, I find Docker for Mac works very well for me on my laptop. Docker for Mac makes it easy top set up how much system resources to allocate to the docker host. For this project you only need 1 CPU and 2 GB of RAM. Here you can see I'm currently using 3 CPUs and 8 GB of RAM because I also play with oc-cluster up for a local OpenShift environment and mini-kube for a plain vanilla Kubernetes environment.
Don't worry about the subnet or image location, those are all defaults for now. I do however really like how easy and obvious it is to configure the Docker daemon though.
Now, if we take a look at the demo setup documentation we can see the prerequisites along with a script to run, demo-setup.sh (opportunity here for someone on a Windows machine to provide a .bat file too).
A closer look at demo setup shows us:
# Creates directories to be mounted to containers as volumes mkdir ~/iq-data ~/nexus-data cp -R ./nexus-ssl ~/nexus-ssl # Stands up test environment docker-compose up -d
The script makes the directories we're going to need for persistence, copies in a self-signed cert so we can get going and then runs the docker-compose command for us. The '-d' is to run it 'detached' from the terminal. To see the logging output I highly recommend also installing the Kitematic app of you can use docker by with this command: docker logs <container_name> which in our case is either iq-server or nexus3.
Once they are running you can use point your browser at http://localhost:8070 for the IQ Server or at http://localhost:8081 for Sonatype Nexus Repository.
We can see how these ports were defined in the docker-compose file plus other defined ports. For instance in the iq-server section you can see we've also defined the admin port at 8071 and in the Sonatype Nexus Repository section I've already added 8443 for the SSL connection to the repo plus 18443 and 5000 for Docker proxy and private registry respectively. To get the Docker setup in Sonatype Nexus Repository you'll need to configure them manually for now but there is also an opportunity for us to add provisioning scripts as well.
To be clear, at the start of this article I talked about "official" Sonatype containers but the image I'm using for Sonatype Nexus Repository comes from our own Brad Beck. That image essentially does what the Using A Dockerized Nexus as a Docker Registry article walks you through. This is an example of how you can extend/enhance an existing image to fit your needs. In Part 2, I'll show how to customize the Sonatype IQ Server image with a custom configuration.
You can configure Sonatype Nexus Repository (if you have a key to unlock Pro features and the Sonatype IQ Server) to point to the Sonatype IQ Server by configuring it to point to http://iq-server:8070. This takes advantage of Docker networking DNS, for that to work outside of Docker you'll want to add an alias to your /etc/hosts file:
127.0.0.1 localhost iq-server <--- add additional aliases here.
Now iq-server:8070 will resolve the name to you running container from your browser too.
While all of this is still a work a progress, what is there now has been very effective at helping folks get our platform running for demo environments, PoC's, training, etc. I'll keep evolving this project to add an NGINX server to offload the SSL work and provide secure logins to both Sonatype Nexus Repository and the Sonatype IQ Server and perhaps provisioning scripts to automatically configure the Docker proxy and private registry. Pull request welcome.
Stay tuned for Part 2, where I'll show how create your own iq-server image with a custom config.yml file and push it to a private registry in Sonatype Nexus Repository.
Written by Curtis Yanko
Curtis Yanko is a Sr Principal Architect at Sonatype and a DevOps coach/evangelist. Prior to coming to Sonatype Curtis started the DevOps Center of Enablement at a Fortune 100 insurance company and chaired a Open Source Governance Committee. When he isn’t working with customers and partners on how to build security and governance into modern CI/CD pipelines he can be found raising service dogs or out playing ultimate frisbee during his lunch hour. Curtis is currently working on building strategic technical partnerships to help solve for the rugged devops tool chain.
Explore All Posts by Curtis Yanko