Skip to content

Nexus: Upgrade Process from version 2.x to 3.7.1

Jump to bottom
Dharmanshu Singh edited this page May 31, 2018 · 2 revisions

Introduction

This wiki page provides an upgrade plan and steps to upgrade Nexus in-place on your ADOP/C instance.

Before you start please read this!!!

Please do not pull the latest changes in adop-docker-compose and run init as that will invalidate your Nexus setup if you are running on a 2.x version of Nexus.

Before proceeding with the upgrade, ensure to take a backup of your ADOP/C volumes.

These Nexus steps are based on the assumption that your ADOP/C is running on AWS but instructions can be adapted as appropriate for another cloud provider or on-premise.

Current Version: 2.x
Upgraded Version: 3.7.1

High-Level Plan

Upgrade from version 2.x to 2.14.5

Skip this step if you already have 2.14.5

Steps -

  • Redeploy Nexus using version 2.14.5 (docker image: accenture/adop-nexus:0.1.4)
    1. SSH onto your ADOP/C
    2. cd to your root adop-docker-compose folder
    3. Update docker-compose.yml to use image: accenture/adop-nexus:0.1.4 Nexus docker image
    4. Re-deploy ADOP/C
export PRIVATE_IP=$(curl http://instance-data/latest/meta-data/local-ipv4)
./adop compose -i ${PRIVATE_IP} -f etc/aws/default.yml init
  1. Validate that Nexus is up and running with the 2.14.5 version
  2. Perform basic Nexus functional tests

Deploy Nexus v3.7.1 container on ADOP/C

Steps -

  1. SSH on your ADOP/C
  2. cd to your root adop-docker-compose folder and create a new docker-compose.nexus3.yml file and paste the content below:
nexus3:
    container_name: nexus3
    restart: always
    image: accenture/adop-nexus:0.2.2
    net: ${CUSTOM_NETWORK_NAME}
    volumes:
        - nexus_data:/nexus-data
    ports:
        - "8082:8081"
    environment:
        NEXUS_BASE_URL: "http://${PRIVATE_IP}:8082/nexus3"
        NEXUS_CONTEXT: "nexus3"
        NEXUS_ADMIN_PASSWORD: "${INITIAL_ADMIN_PASSWORD_PLAIN}"
        LDAP_SEARCH_BASE: "${LDAP_FULL_DOMAIN}"
        LDAP_ENABLED: "true"
        LDAP_URL: "ldap"
        LDAP_BIND_DN: "${LDAP_ADMIN},${LDAP_FULL_DOMAIN}"
        LDAP_BIND_PASSWORD: "${LDAP_PWD}"
        LDAP_USER_PASSWORD_ATTRIBUTE: "userPassword"
        LDAP_USER_BASE_DN: "${LDAP_USER_BASE_DN}"
        LDAP_GROUP_BASE_DN: "${LDAP_GROUP_BASE_DN}"
  1. Run these commands in your shell
export CUSTOM_NETWORK_NAME=local_network
export PRIVATE_IP=$(curl http://instance-data/latest/meta-data/local-ipv4)
source ./conf/env.provider.sh
source credentials.generate.sh
source env.config.sh
docker-compose -f docker-compose.nexus3.yml up -d
  1. To access Nexus 3 you have to add port 8082 in your AWS Security group temporarily (for another cloud provider you have to do the same or open the relevant firewall rules if you are not using a cloud). Nexus 3 Url: http://##your-adop-c-private-ip##:8082/nexus3

Enable the upgrade capabilities in both version 2 and version 3Steps -

  • In version 2, enable the Upgrade: Agent capability to open the connection for the upgrade-agent. Follow these steps:

  • In version 2, enable the Upgrade: Agent capability to open the connection for the upgrade-agent. Follow these steps:

    1. Click to expand Administration in the left-hand panel.
    2. Click the Capabilities menu item to open the respective screen.
    3. Click the New button to access the Create new capability modal.
    4. Select Upgrade: Agent as your capability Type.
    5. Click Add to close the modal and add the capability.
    6. Copy and save the Access Token found on the Status tab for your new capability. You need it to configure the Upgrade tool in version 3.

    In the lower section of the Capabilities interface, the repository manager acknowledges the upgrade-agent as Active.

  • In version 3, enable the Upgrade capability to open the connection for the upgrade-agent and access the Upgrade tool.

    Follow these steps:

    1. Click Capabilities in the System section of the Administration main menu to open the Capabilities feature view.
    2. Click Create capability.
    3. Select Upgrade, then click Create capability to enable the upgrade capability.

Perform Upgrade using HTTP Download method

Note: The next few steps will cause an outage while the upgrade is taking place and you should ensure you are ready to proceed with the process.

Steps -

  1. In version 3, go to the Administration menu.
  2. Select Upgrade located in the System section of the Administration main menu to open the wizard.
  3. In the Overview screen, click Next to begin.
  4. In the Agent Connection screen, provide the IP URL of Nexus 2 (http://nexus:8081/nexus) and the Access Token copied from Nexus 2 Upgrade: Agent capability Status tab (same token you noted earlier). Click Next.
  5. In the Content screen, select the following and click Next.
    • Repository configuration and content (this includes user accounts and associated security settings)
    • Server configuration
  6. In the Repository Defaults screen, select "Download (slowest)" as the transfer method and click Next. Note: When selecting a different transfer method, the method might not be updated. Validate that the transfer method is correct by checking the Method column on the next step. If the Method column is different with the method selected, you will need to start again the upgrade process from Step 1.
  7. In the Repositories screen, select all the repositories to be upgraded and click Next.
  8. In the Preview screen, validate that everything is INITIALIZED and click Begin to proceed.
  9. Click Yes on the Begin Upgrade window.
  10. As the upgrade process starts, you will be logged out from Nexus and will be prompted with login dialog box.
  11. Login to Nexus 3 using your username and password (make sure your user have Administrator access in Nexus 2 before the upgrade so you will be able to login to Nexus 3 with the same access level)
  12. Go to Administrator menu
  13. Select Upgrade located in the System section of the _Administration _main menu.
  14. In the _Preparing _screen, the status of the contents and repositories to be upgraded are shown.
  15. Once all the statuses are COMPLETED, click Continue.
  16. In the _Synchonizing _screen, the sync process status is shown. This is when the copy process is happening. During the sync process, user can still update the existing repositories in Nexus 2 and any updates on the repository will be synced to Nexus 3.
  17. When you see " since last change, press "Continue" when ready" on the last row, you will notice that the Continue button is still disabled. Refresh the page to enable the Continue button.
  18. When you are done with the syncing process, click Continue.
  19. Click Yes on the Stop waiting for changes dialog box to confirm. When sync process is done, any changes made on the repositories in Nexus 2 will no longer be copied to Nexus 3.
  20. In the finishing screen, the upgrade status of the repositories is shown.
  21. Once all the statuses are COMPLETED, click Done. You will then see a small dialog box on the upper right of the screen that "Upgrade is Done"
  22. Validate that everything is still working as expected.

Kill Nexus 2 and deploy Nexus 3 on ADOP/C

As we have upgraded our Nexus data now we need to deploy Nexus 3 in the proper way.
Steps -

  1. Remove 8082 port what you add to your AWS security group for another cloud provider you have to do the same or close firewall if you are not using a cloud.
  2. Remove Nexus3 container.
docker-compose -f docker-compose.nexus3.yml down
  1. Update docker-compose and default volume yml files. The snippet of changes you need to make to the Nexus service in docker-compose.yml
nexus:
  container_name: nexus
  restart: always
- image: accenture/adop-nexus:0.1.4
+ image: accenture/adop-nexus:0.2.2
  net: ${CUSTOM_NETWORK_NAME}
  expose:
    - "8081"
  environment:
    NEXUS_BASE_URL: "${PROTO}://${TARGET_HOST}/nexus"
+   NEXUS_CONTEXT: "nexus"
+   NEXUS_ADMIN_PASSWORD: "${INITIAL_ADMIN_PASSWORD_PLAIN}"
    LDAP_SEARCH_BASE: "${LDAP_FULL_DOMAIN}"
    LDAP_ENABLED: "true"
    LDAP_URL: "ldap"
    LDAP_BIND_DN: "${LDAP_ADMIN},${LDAP_FULL_DOMAIN}"
+   LDAP_BIND_PASSWORD: "${LDAP_PWD}"
    LDAP_USER_PASSWORD_ATTRIBUTE: "userPassword"
    LDAP_USER_BASE_DN: "${LDAP_USER_BASE_DN}"
    LDAP_GROUP_BASE_DN: "${LDAP_GROUP_BASE_DN}"
-   LDAP_BIND_PASSWORD: "${LDAP_PWD}"

The snippet of changes you need to make to the Nexus service in etc/volumes/local/default.yml

nexus:0
  volumes:
-   - nexus_sonatype_work:/sonatype-work
+   - nexus_data:/nexus-data

(Update if you are using NFS) The snippet of changes you need to make to the Nexus service in etc/volumes/nfs/default.yml

nexus:
  volume_driver: nfs
  volumes:
-   - ${NFS_HOST}/nfs/nexus_sonatype_work:/sonatype-work
+   - ${NFS_HOST}/nfs/nexus_sonatype_work:/nexus-data
  1. Update local administrator password, skip if your password is the same as default: "admin123".
echo your-local-admin-password > $(docker volume inspect -f {{.Mountpoint}} nexus_data)
  1. Re-launch adop
export PRIVATE_IP=$(curl http://instance-data/latest/meta-data/local-ipv4)
./adop compose -i ${PRIVATE_IP} -f etc/aws/default.yml init

Note: If you hit Nexus and it gives a 502 you can restart proxy container. It still holds the old cache and that's why it is not able to reach the site.

Nexus test cases

Test Case Test Steps Expected Result
Upload artifact to hosted repository manually 1. Open the command line on your local machine and ensure you have curl installed2. Run the following command: curl -v --user : --upload-file local_file_name.extension http://<NEXUS3_URL>/repository/<REPO_NAME>/<REPO_FILE_PATH>/name_of_file.extension
3. Ensure you replace and with your username and password respectively. Make sure to also replace local_file_name.extension with the file name and path of where your file is stored that you want to upload. Finally replace <REPO_NAME>, <REPO_FILE_PATH> and name_of_file.extension with the correct repository name, the repository target path and the new name for your file with its appropriate extension.
4. For more information regarding how to upload artifacts refer to this page 		Artifact is uploaded and accessible using the repository path.
Download artifact from repository path 1. Go to the hosted repository path
2. Download the artifact that you uploaded earlier		 Artifact is downloaded and not corrupted.
Search functionality 1. On the left-hand pane, click "Search"
2. Search for a repository/privilege/role		 Search result is displayed.

Issues

Outstanding issues

  1. View privileges are missing on the migrated repositories. The solution for this issue is on the SonaType ticket.

Useful links:
https://help.sonatype.com/display/NXRM3/Upgrading#Upgrading-Upgradingfrom2.xto3.y https://help.sonatype.com/display/NXRM3/Upgrade+Procedures https://help.sonatype.com/display/NXRM3/Data+Transfer+Methods https://forums.aws.amazon.com/thread.jspa?threadID=261370 - Disk Quota Exceeded error

Clone this wiki locally