Friday, December 14, 2018

Cleaning up old releases in Nexus 2 and 3

In Nexus 2 there is the task "remove releases from repository", where you can further refine the scope by specifying a "repository target" (=a filter).... problem is, the only option you have is the number of the most recent versions to retain.... there is no way to specify "delete all versions older than 2 years, but in any case keep the last 10".

I have written this Spring Boot utility to generate curl commands to delete artifacts based on multiple selection criteria. But it doesn't handle parent pom, which is a limitation.

Also, be aware that the curl command to delete a component, like

curl -u admin:admin123 -X "DELETE" -w "%{http_code}" http://localhost:8281/nexus/service/local/repositories/central/content/org/codehaus/plexus/plexus-classworlds/1.2-alpha-7

every time rebuilds the index, which is very CPU intensive. There is no way to batch multiple deletes in a single transaction.

In Nexus 3

Monday, December 10, 2018

Docker broken after upgrade

sudo systemctl start docker
Job for docker.service failed because the control process exited with error code. See "systemctl status docker.service" and "journalctl -xe" for details.

sudo journalctl -xe

Error starting daemon: error initializing graphdriver: /var/lib/docker contains several valid graphdrivers: devicemapper, overlay2; Please cleanup or explicit

sudo vi /etc/docker/daemon.json

append this at the end and before the closed curly brace:

,"storage-driver": "devicemapper"

sudo systemctl reset-failed docker.service
sudo systemctl start docker.service

Thursday, November 29, 2018

Nexus repo validates Docker images on

In Nexus logs I find a lot of calls to

2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV - > GET /registry-v2/docker/registry/v2/blobs/sha256/4f/4fe2ade4980c2dda4fc95858ebb981489baec8c1e4bd282ab1c3560be8ff9bde/data?verify=1541426623-n%2BHbbRXN3Rr4k6Bxofrsv6tRVFw%3D HTTP/1.1
2018-11-05 14:13:43,416+0100 DEBUG [qtp72695066-56] ADV - Connection request: [route: {tls}->http://ourproxy:8080->][total kept alive: 1; route allocated: 0 of 20; total allocated: 3 of 200]
2018-11-05 14:13:43,417+0100 DEBUG [qtp72695066-56] ADV - Connection leased: [id: 18][route: {tls}->http://ourproxy:8080->][total kept alive: 1; route allocated: 1 of 20; total allocated: 4 of 200]
2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV - < HTTP/1.1 200 OK @ 129.8 ms 2018-11-05 14:13:43,475+0100 DEBUG [qtp72695066-4467] ADV - Response: HttpResponseProxy{HTTP/1.1 200 OK [Content-Type: application/json, Date: Mon, 05 Nov 2018 13:13:43 GMT, Transfer-Encoding: chunked, Strict-Transport-Security: max-age=31536000, Connection: Keep-Alive] ResponseEntityProxy{[Content-Type: application/json,Chunked: true]}}

we access internet via a Proxy Server ourproxy, which doesn't whitelist

each of them creates a file in $NEXUS_DATA/tmp/docker-content-validation-failures with an "access denied" message from ourproxy

Here they say we should also whitelist

I have no idea if the "docker pull" will fail, or if this "validation" can be disabled...

See also