Docker Compose for Sonatype platform - Part 2
By Curtis Yanko
3 minute read time
In Part 1, we used a script and docker-compose to stand up both our Sonatype Nexus Repository and Sonatype IQ Server with out of the box configurations. In this article, we'll dig into how configure your Sonatype IQ Server as an example of how Docker makes it easy to consume and customize stock images.
If you had looked close enough in Part 1, you'd have seen example of how to consume a vendor image. The Sonatype Nexus Repository image we deployed was actually from our very own Brad Beck's nexus-https image. In the Dockerfile, we can see that this is image is based on the Sonatype Nexus Repository image but makes some changes that configure inbound SSL.
Brad makes sure the latest OpenSSL library is installed via yum then pulls down a su
and sudo
utility from the gosu
project that we'll use later. Updates the properties file, overlays the entrypoint.sh script, adds the SSL volume and exposes the 8443 port we need for SSL. Given how much has to be done you can see why it is so convenient to use Brad's image along with a setup script to create the volume shares and copy in the SSL cert. That's a whole lot of documentation codified for us.
Thankfully, for the Sonatype IQ Server we just need to override the config.yml file and instead of using sed
to edit the properties file already in the image, we'll take advantage of the overlay file system and copy a new one in. This allows us to manage the file in source code in a format that we're already familiar with.
In the myiqserver sub folder we can see the Dockerfile we use to accomplish this.
FROM sonatype/nexus-iq-server
COPY config.yml /opt/sonatype/iq-server/
HEALTHCHECK CMD curl http://localhost:8071/ping
That's not so bad, right? I've provided a build-iq.sh
script just to make it easy to run the build and tag the new Docker image. The script shows my crude attempts to make it portable by assigning your username to the Docker image namespace, curtyanko in my case, and some basic parameter checking.
docker build -t $DOCKERNAME/demo-iq-server:$1 .
docker tag $DOCKERNAME/demo-iq-server:$1 $DOCKERNAME/demo-iq-server:latest
docker tag $DOCKERNAME/demo-iq-server:latest mycompany.com:5000/$DOCKERNAME/demo-iq-server:$1
docker tag $DOCKERNAME/demo-iq-server:latest mycompany.com:5000/$DOCKERNAME/demo-iq-server:latest
So we build and tag it to the version with docker build, then tag it again as latest. I also create two more tags to prep for being pushed to a private docker registry in our Sonatype Nexus Repository instance.
Now you can set your baseURL, proxy settings or plug into email or Jira by making the needed changes to the config.yml file and then running the build-iq.sh script. To get it running, be sure to change the docker-compose file to reference the namespace you're using (replace 'curtyanko') and you should all set to have a custom configured Sonatype IQ Server up and running.
Hopefully this showed the basic patterns involved for extending or customizing existing Docker images for your own use. Going forward, I'd like to evolve this project to put both of these apps behind an NGINX server like this community offering.
Note: As of Sonatype IQ Server 1.42 the property file has moved and should now be:
FROM sonatype/nexus-iq-server
COPY config.yml /etx/nexus-iq-server/
Written by Curtis Yanko
Curtis Yanko is a Sr Principal Architect at Sonatype and a DevOps coach/evangelist. Prior to coming to Sonatype Curtis started the DevOps Center of Enablement at a Fortune 100 insurance company and chaired a Open Source Governance Committee. When he isn’t working with customers and partners on how to build security and governance into modern CI/CD pipelines he can be found raising service dogs or out playing ultimate frisbee during his lunch hour. Curtis is currently working on building strategic technical partnerships to help solve for the rugged devops tool chain.
Explore All Posts by Curtis Yanko