Stay updated on the latest news from
the makers of Nexus
Docker Compose for Nexus Platform - Part 2
by Curtis Yanko on December 29, 2017

Tags: Docker, Nexus IQ, NXRM

In Part 1 we used a script and docker-compose to stand up both our Nexus Repository Manager and an IQ Server with out of the box configurations. In this article we'll dig into how configure your IQ Server as an example of how docker makes it easy to consume and customize stock images.

If you had looked close enough in Part 1 you'd have seen example of how to consume a vendor image. The Nexus Repo image we deployed was actually from our very own Brad Beck's nexus-https image. In the Dockerfile we can see that this is image is based on the Sonatype nexus image but makes some changes that configure inbound SSL..

Brad makes sure the latest openssl library is installed via yum then pulls down a su and sudo utility from the gosu project that we'll use later. Updates the properties file, overlays the script, adds the SSL volume and exposes the 8443 port we need for SSL. Given how much has to be done you can see why it is so convenient to use Brad's image along with a setup script to create the volume shares and copy in the SSL cert. That's a whole lot of documentation codified for us.

Thankfully, for the IQ Server we just need to override the config.yml file and instead of using sed to edit the properties file already in the image, we'll take advantage of the overlay file system and copy a new one in. This allows us to manage the file in source code in a format that we're already familiar with.

In the myiqserver sub folder we can see the Dockerfile we use to accomplish this.

FROM sonatype/nexus-iq-server
COPY config.yml /opt/sonatype/iq-server/

HEALTHCHECK CMD curl http://localhost:8071/ping

That's not so bad, right? I've provided a script just to make it easy to run the build and tag the new docker image. The script shows my crude attempts to make it portable by assigning your username to the docker image namespace, curtyanko in my case, and some basic parameter checking.

docker build -t $DOCKERNAME/demo-iq-server:$1 .
docker tag $DOCKERNAME/demo-iq-server:$1 $DOCKERNAME/demo-iq-server:latest
docker tag $DOCKERNAME/demo-iq-server:latest$DOCKERNAME/demo-iq-server:$1
docker tag $DOCKERNAME/demo-iq-server:latest$DOCKERNAME/demo-iq-server:latest

So we build and tag it to the version with docker build, then tag it again as latest. I also create two more tags to prep for being pushed to a private docker registry in our Nexus Repo instance.

Now you can set your baseURL, proxy settings or plug into email or JIRA by making the needed changes to the config.yml file and then running the script. To get it running, be sure to change the docker-compose file to reference the namespace you're using (replace 'curtyanko') and you should all set to have a custom configured IQ server up and running.

Hopefully this showed the basic patterns involved for extending/customizing existing docker images for your own use. Just add your license and our sample policies and you can get started scanning apps and containers. Going forward, I'd like to evolve this project to put both of these apps behind an Nginx server like this community offering.

Note: As of IQ Server 1.42 the property file has moved and should now be:

FROM sonatype/nexus-iq-server
COPY config.yml /etx/nexus-iq-server/

Recent Posts

Posts by Topic

see all

Get Blog Updates