{"id":928,"date":"2021-04-25T01:54:00","date_gmt":"2021-04-25T01:54:00","guid":{"rendered":"https:\/\/blog.ngocha.biz\/?p=928"},"modified":"2021-04-25T01:54:00","modified_gmt":"2021-04-25T01:54:00","slug":"how-to-install-latest-sonatype-nexus-3-on-linux","status":"publish","type":"post","link":"https:\/\/blog.ngocha.biz\/?p=928","title":{"rendered":"How To Install Latest Sonatype Nexus 3 on Linux (Redhat\/Centos\/ec2)"},"content":{"rendered":"

Sonatype Nexus is one of the best open-source artifact management tools. It is some tool that you cannot avoid in your CI\/CD pipeline<\/a>. It effectively manages deployable artifacts.<\/p>\n

Sonatype Nexus System Requirements<\/h3>\n
    \n
  1. Minimum 1 VCPU & 2 GB Memory<\/li>\n
  2. Server firewall opened for port 22 & 8081<\/li>\n
  3. OpenJDK 17<\/li>\n
  4. All Nexus processes should run as a non-root nexus user.<\/li>\n<\/ol>\n
    \n
    Note<\/strong><\/b>: For production setup, please consider minimum production hardware requirements based on the nexus usage and data storage. Check out the official system requirements document <\/a>for detailed information<\/div>\n<\/div>\n

    Sonatype Nexus 3 on Linux ec2<\/h2>\n

    This article guides you to install and configure Sonatype Nexus 3 in a secure way on an ec2 Linux System.<\/p>\n

    \n
    Note<\/strong><\/b>: This was tested on a Redhat machine and it will work on Centos or related Linux flavors as well.<\/div>\n<\/div>\n

    Step 1:<\/strong> Login to your Linux server and update the yum packages. Also install required utilities.<\/p>\n

    sudo yum update -y\nsudo yum install wget -y<\/code><\/pre>\n
    Step 2:<\/strong> Install OpenJDK 1.8<\/p>\n
    sudo yum install java-17-openjdk -y<\/code><\/pre>\n
    Step 3:<\/strong> Create a directory named app and cd into the directory.<\/p>\n
    sudo mkdir \/app && cd \/app<\/code><\/pre>\n
    Step 4:<\/strong> Download the latest nexus. You can get the latest download links fo for nexus from here<\/a>.<\/p>\n
    sudo wget -O nexus.tar.gz https:\/\/download.sonatype.com\/nexus\/3\/latest-unix.tar.gz<\/code><\/pre>\n
    Untar the downloaded file.<\/p>\n
    sudo tar -xvf nexus.tar.gz<\/code><\/pre>\n
    Rename the untared file to nexus.<\/p>\n
    sudo mv nexus-3* nexus<\/code><\/pre>\n
    Step 5:<\/strong> As a good security practice, it is not advised to run nexus service with root privileges. So create a new user named nexus<\/code> to run the nexus service.<\/p>\n
    sudo adduser nexus<\/code><\/pre>\n
    Change the ownership of nexus files and nexus data directory to nexus user.<\/p>\n
    sudo chown -R nexus:nexus \/app\/nexus\nsudo chown -R nexus:nexus \/app\/sonatype-work<\/code><\/pre>\n
    Step 6:<\/strong> Open \/app\/nexus\/bin\/nexus.rc<\/code> file<\/p>\n
    sudo vi  \/app\/nexus\/bin\/nexus.rc<\/code><\/pre>\n
    Uncomment run_as_user parameter and set it as following.<\/p>\n
    run_as_user=\"nexus\"<\/code><\/pre>\n
    Step 7: <\/strong>If you want to change the default nexus data directory, open the nexus properties file and change the data directory -Dkaraf.data<\/code> parameter to a preferred location as shown below.  If you don’t specify anything, by default nexus data directory will be set to \/app\/sonatype-work\/nexus3<\/code><\/p>\n
    \n
    Tip<\/strong><\/b>: For production setup, it is is always better to mount the nexus data directory to a separate data disk attached to the server. So that backup and restore can be done easily.<\/div>\n<\/div>\n
    sudo vi \/app\/nexus\/bin\/nexus.vmoptions<\/code><\/pre>\n
    An example configuration is shown below.<\/p>\n
    -Xms2703m\n-Xmx2703m\n-XX:MaxDirectMemorySize=2703m\n-XX:+UnlockDiagnosticVMOptions\n-XX:+UnsyncloadClass\n-XX:+LogVMOutput\n-XX:LogFile=..\/sonatype-work\/nexus3\/log\/jvm.log\n-XX:-OmitStackTraceInFastThrow\n-Djava.net.preferIPv4Stack=true\n-Dkaraf.home=.\n-Dkaraf.base=.\n-Dkaraf.etc=etc\/karaf\n-Djava.util.logging.config.file=etc\/karaf\/java.util.logging.properties\n-Dkaraf.data=\/nexus\/nexus-data\n-Djava.io.tmpdir=..\/sonatype-work\/nexus3\/tmp\n-Dkaraf.startLocalConsole=false<\/code><\/pre>\n
    Running Nexus as a System Service<\/h2>\n
    It is better to have systemd<\/code> entry to manage nexus using systemctl<\/code>. Follow the steps given below for adding nexus as a systemd<\/code> service.<\/p>\n
    Create a nexus systemd unit file.<\/p>\n
    sudo vi \/etc\/systemd\/system\/nexus.service<\/code><\/pre>\n
    Add the following contents to the unit file.<\/p>\n
    [Unit]\nDescription=nexus service\nAfter=network.target\n\n[Service]\nType=forking\nLimitNOFILE=65536\nUser=nexus\nGroup=nexus\nExecStart=\/app\/nexus\/bin\/nexus start\nExecStop=\/app\/nexus\/bin\/nexus stop\nUser=nexus\nRestart=on-abort\n\n[Install]\nWantedBy=multi-user.target<\/code><\/pre>\n
    Manage Nexus Service<\/h2>\n
    Now we have all the configurations in place to run nexus.<\/p>\n
    Execute the following command to add nexus service to boot.<\/p>\n
    sudo chkconfig nexus on<\/code><\/pre>\n
    To start the Nexus service, use the following command. If you are having trouble starting nexus, please check the troubleshooting section below.<\/p>\n
    sudo systemctl start nexus<\/code><\/pre>\n
    The above command will start the nexus service on port 8081<\/code>. To access the nexus dashboard, visit http:\/\/:8081. You will be able to see the nexus homepage as shown below.<\/p>\n
    \"nexus<\/figure>\n
    To log in, use the default username and password.<\/p>\n
    Default username is admin<\/code><\/p>\n
    You can find the default admin password in \/app\/sonatype-work\/nexus3\/admin.password<\/code> file. The path will be shown in the login screen as show below.<\/p>\n
    \"\"<\/figure>\n
    cat \/app\/sonatype-work\/nexus3\/admin.password<\/code><\/pre>\n
    Once you login, you will be prompted to reset the password.<\/p>\n
    For stopping nexus, execute<\/p>\n
    sudo systemctl stop nexus<\/code><\/pre>\n
    For restarting nexus,<\/p>\n
    sudo systemctl restart nexus<\/code><\/pre>\n
    Sonatype Nexus not Starting [Troubleshooting]<\/h2>\n
    Sometimes, if the server is enabled with SELINUX, you might get the following error. (Commonly on Centos Servers)<\/p>\n
    Job for nexus.service failed because the control process exited with error code.\nSee \"systemctl status nexus.service\" and \"journalctl -xe\" for details.<\/code><\/pre>\n
    Execute the following command and see the actual error.<\/p>\n
    journalctl -xe<\/code><\/pre>\n
    Check the output for the following SELINUX issue.<\/p>\n
    SELinux is preventing \/usr\/lib\/systemd\/systemd from execute access on the file nexus.<\/code><\/pre>\n
    To rectify this issue, add a SELinux policy to allow Systemd to access the nexus binary in path \/app\/nexus\/bin\/nexus<\/code> using the following command.<\/p>\n
    sudo chcon -R -t bin_t \/app\/nexus\/bin\/nexus<\/code><\/pre>\n
    Now, start the Nexus server again.<\/p>\n
    sudo systemctl start nexus<\/code><\/pre>\n
    FAQs<\/h2>\n
    How to check the Nexus version in Linux?<\/h3>\n
    You can find the Nexus version from the Dashboard. Also, if you want to find the version from the Linux command line, execute the following command.
    curl --include<\/strong> --silent http:\/\/localhost:8081\/ | grep Server<\/code><\/p>\n
    How to start Nexus in Linux?<\/h3>\n
    Nexus binary comes as an executable. You can use the binary path to start nexus. For background execution,  you can create a systemd file with nexus configurations.<\/p>\n
    \n
    Ngu\u1ed3n:<\/strong> How To Install Latest Sonatype Nexus 3 on Linux (Redhat\/Centos\/ec2) \u2014 DevOpsCube<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
    Source: https:\/\/devopscube.com\/how-to-install-latest-sonatype-nexus-3-on-linux\/<\/p>\n","protected":false},"author":1,"featured_media":929,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-devops"],"_links":{"self":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts\/928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=928"}],"version-history":[{"count":0,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/posts\/928\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=\/wp\/v2\/media\/929"}],"wp:attachment":[{"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.ngocha.biz\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}