Skip to content

NXRM Storage, Database, and High Availability📜

Blob Store📜

Nexus Repository Manager supports various blob store backends for artifact storage.

Blob Stores Documentation

Supported Blob Store Types📜

  • S3 - AWS S3 buckets (recommended for production)
  • Azure Blob Storage - Azure blob containers
  • NFS - Network File System v4
  • AWS EFS - Elastic File System
  • File - Local filesystem (development only)

Configuration📜

Blob stores are configured via the nexus.blobstores values in the chart. See the main README for examples.

Database📜

The nxrm-ha chart supports both internal and external PostgreSQL databases.

Internal PostgreSQL (Default)📜

By default, the chart deploys a PostgreSQL database within the cluster:

postgresql:
  install: true  # Default

This is suitable for development and testing environments.

For production deployments, use an external PostgreSQL database (e.g., AWS RDS, Azure Database for PostgreSQL).

Configuration:

# Disable internal PostgreSQL
postgresql:
  install: false

# Provide external database credentials
nexus:
  database:
    host: "your-db-host.rds.amazonaws.com"
    user: "nexus"
    password: "your-password"

# Optional: For non-default port (5432) or database name (nexus)
upstream:
  statefulset:
    container:
      env:
        nexusDBPort: 5432  # Default: 5432
        nexusDBName: nexus  # Default: nexus

The chart automatically creates a nexus-postgresql secret with database connection credentials (DB_HOST, DB_USER, DB_PASSWORD). These are used by both the init container (for health checks) and the main container (for database connection via JVM arguments).

Note: Port and database name are controlled via upstream.statefulset.container.env.nexusDBPort and nexusDBName. These default to 5432 and nexus respectively. Only override if your external database uses different values.

Database Requirements: - PostgreSQL 12+ (16.9 recommended) - Database with pg_trgm extension enabled - Sufficient max_connections (350 recommended for HA setups)

Initial Database Setup:

After provisioning your external PostgreSQL database, create the database and enable required extensions:

CREATE DATABASE nexus ENCODING 'UTF8';
\c nexus;
CREATE EXTENSION pg_trgm;

The chart handles all database connection configuration automatically via environment variables.

Admin Password📜

The custom_admin_password value sets the Nexus admin UI password (NOT the database password):

# Optional - Nexus admin UI password (auto-generated if not provided)
custom_admin_password: ""

If not set, a random 16-character password is generated and stored in the nxrm-ha-adminsecret secret.

Retrieving the auto-generated admin password:

kubectl get secret nxrm-ha-adminsecret \
  -n nexus-repository-manager \
  -o jsonpath='{.data.nexus-admin-password}' | base64 -d

Note: If you change the admin password through the Nexus UI, update custom_admin_password to match to avoid issues on subsequent upgrades.

High Availability📜

The nxrm-ha chart is designed to support Nexus Repository Manager High Availability configurations.

Current Status📜

  • OSS Mode (Default): Single replica (replicaCount: 1)
  • Pro License HA: Multi-replica support available with Nexus Repository Pro license

HA Requirements📜

For High Availability deployments:

  1. Nexus Repository Pro License - HA is not available in OSS mode
  2. External PostgreSQL - Shared database for all replicas
  3. External Blob Storage - S3 or Azure for shared artifact storage
  4. Load Balancer - Kubernetes Service with proper session affinity

HA Configuration Example📜

postgresql:
  install: false  # Use external PostgreSQL

nexus:
  database:
    host: "your-ha-postgres.rds.amazonaws.com"
    user: "nexus"
    password: "your-password"
  blobstores:
    enabled: true
    blobstore:
      - name: "production-s3"
        type: "s3"
        blobstore_data:
          bucketConfiguration:
            bucket:
              name: "your-nexus-artifacts"
              region: "us-east-1"

upstream:
  statefulset:
    replicaCount: 3  # HA mode
    clustered: true
    container:
      env:
        # Remove OSS mode flag
        install4jAddVmParams: "-Xms2703m -Xmx2703m -Dnexus.datastore.nexus.maximumPoolSize=80"
  secret:
    license:
      licenseSecret:
        enabled: true
        fileContentsBase64: "<your-base64-encoded-license>"

Note: Ensure your PostgreSQL max_connections is configured appropriately for multiple replicas. See postgresql.primary.extendedConfiguration in values.yaml.

Monitoring Node Health📜

NXRM provides two endpoints to monitor health status. Success is represented as HTTP 200 OK, failure is represented as HTTP 503 SERVICE UNAVAILABLE.

  • http://<hostname>:<port>/service/rest/v1/status

Verifies that a node can handle read requests.

  • http://<hostname>:<port>/service/rest/v1/status/writable

Verifies that a node can handle read and write requests.