0

I just deploy a nexus repository to a kubernetes cluster. This nexus have 3 docker repository. One proxy of docker hub, one private and one that group both previous.

I use haproxy as ingress controller. Is it possible to deploy an ingress that match the configuration describe here ? Nexus3: Push to Docker Group Repo

My goal is to have only one url to push and pull to docker repository.

Scandinave
  • 1,388
  • 1
  • 17
  • 41
  • No, but this is not a solution, as npm project are not the only ones that need docker – Scandinave Nov 02 '20 at 05:27
  • sorry... wrong brain scope :) – Matt Nov 02 '20 at 05:28
  • but same concept applies for docker. polluting the global namespace isn't a good solution. a distinct vhost for the private registry separates concerns. – Matt Nov 02 '20 at 05:33
  • what do you mean by polluting global namespace? – Scandinave Nov 02 '20 at 05:39
  • https://issues.sonatype.org/browse/NEXUS-10471. This will be handle natively by nexus in 3.27 PRO feature – Scandinave Nov 02 '20 at 05:43
  • Nexus grouping merges the public docker.io repository namespace with your private repository namespace. I don't use the grouping feature on nexus container repo's as CNI runtimes provide the functionality to separate images by hostname. So the private repo is read from and published too on it's own host name. e.g `images.me.net` then `docker-images.me.net` proxy and quay, gcr. – Matt Nov 02 '20 at 06:10
  • a reverse proxy, or in this case ingress controller, does the vhost mapping to services – Matt Nov 02 '20 at 06:10

1 Answers1

0

I post here my solution. I use custom annotation to achieve rooting to correct endpoint base on the requested url.

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: nexus-ingress-docker
  annotations:
    kubernetes.io/ingress.class: nginx
    nginx.org/client-max-body-size: "1G"
    nginx.org/proxy-buffering: "off"
    nginx.org/server-snippets: |
      location ~ ^/(v1|v2)/[^/]+/?[^/]+/blobs/ {
        if ($request_method ~* (POST|PUT|DELETE|PATCH|HEAD) ) {
            rewrite ^/(.*)$ /repository/docker-private/$1 last;
        }
        rewrite ^/(.*)$ /repository/docker-public/$1 last;
      }

      location ~ ^/(v1|v2)/ {
        if ($request_method ~* (POST|PUT|DELETE|PATCH) ) {
            rewrite ^/(.*)$ /repository/docker-private/$1 last;
        }
        rewrite ^/(.*)$ /repository/docker-public/$1 last;
      }
    nginx.org/location-snippets: |
      proxy_set_header X-Forwarded-Proto https;


spec:
  ingressClassName: nginx
  rules:
    - host: my-host
      http:
        paths:
          - backend:
              service:
                name: nexus
                port:
                  name: nexus
            path: /
            pathType: Prefix

And the service :

apiVersion: v1
kind: Service
metadata:
  name: nexus
  labels:
    app: nexus
spec:
  type: ClusterIP
  ports:
    - port: 8081
      name: nexus
    - port: 8082
      name: docker-private
    - port: 8083
      name: docker-public
  selector:
    app: nexus
Scandinave
  • 1,388
  • 1
  • 17
  • 41