We all know that the use of containers is exploding because of the benefits they provide to development and operations teams. With containers, developers can focus on what they do best, which is writing code and not worrying about the underlying system infrastructure. By delivering a simple and efficient way to assemble, distribute, and deploy software, containers help developers become more agile and develop applications faster.
At Sonatype, we recognize the important role that containers are playing in DevOps pipelines and the importance of the cloud in driving innovation. So, we are pleased to announce that we are working with Red Hat to certify our applications within the OpenShift PaaS environment. Nexus Repository is now a certified solution in OpenShift, providing customers with the peace of mind knowing that their artifact repository comes from a trusted source and meets Red Hat’s high quality standards.
Why Nexus Repository?
Nexus, the world’s most popular repository manager with over 120,000 installations, is a critical component in most DevOps toolchains as seen in reference architectures all over the world. Nexus Repository as a certified container within OpenShift provides two main benefits:
- Allows developers to store and manage binaries and build artifacts used within their software supply chain.
- Acts as a Third Party Registry enabling teams to blend third party and private assets with Red Hat registries. Operations groups can store and manage the flow of containers throughout development, testing, and production across geo-dispersed datacenters and cloud zones.
Artifact repositories play an important role in the software development lifecycle by ensuring that developers and CI/CD processes have access to quality components when needed. Utilizing a repository manager for software artifacts and container images provides many benefits:
- Efficiency - Dedicated local storage for all components (binaries, build artifacts, containers), in addition to distribution of artifacts between legacy datacenters, private, and public clouds.
- Speed - Improving build performance by proxing public repositories like DockerHub, Maven Central, npmjs.org, then caching those components locally.
- Security - Ensuring proper access controls and security for proprietary container images, binaries, and build artifacts.
- Quality - Improving component selection resulting in higher quality applications and less unplanned work.
Powerful Security for Containers and Components
Nexus Repository uniquely offers built-in component intelligence, ensuring the quality and security of open source components at any stage of the application development lifecycle. Repository Health Check (RHC) and Application Health Check (AHC) provide a detailed list of security vulnerabilities and license compliance issues for any open source components or applications found inside Nexus repositories.
In addition to RHC and AHC, Nexus Lifecycle Container Analysis allows you to analyze the application layer of Docker containers for known security vulnerabilities, license risk, and quality issues, ensuring that your containers are secure.First to market with a free, enterprise scale Docker Private Registry, Nexus Repository also offers support for Docker containers, acting as a private Docker registry for hosting proprietary containers as well as proxying the public registries when non-proprietary containers need to be downloaded. Docker repositories can be exposed to client-side tools directly or as a repository group, which is a repository that merges and exposes the contents of multiple repositories into one convenient URL.
Nexus Repository plays an important role in making sure containers are accessible when needed (reducing time and bandwidth usage) in development, test, and production.
Both Sonatype and Red Hat have a long history of supporting innovation within the open source community. As the creator of Maven and the caretakers of the Central Repository, we are happy to partner with Red Hat to help organizations develop, host, and scale applications in a cloud environment.