Charts: stable/sonatype-nexus can't pass through the proxy

Created on 4 May 2018  路  12Comments  路  Source: helm/charts

Version of Helm and Kubernetes:
v1.9.2+coreos.0

Which chart:
sonatype-nexus-1.1.1

What happened:
Since the proxy container was added, I am not able to access nexus. Going to the IP address of the load balancer results in Internal Server Error.

What you expected to happen:

How to reproduce it (as minimally and precisely as possible):
This is my configuration:

# configuration for sonatype/nexus
nexus:
   imageTag: 3.6.1
   nodeSelector:
     failure-domain.beta.kubernetes.io/zone: de-nbg6-1b
   serviceType: LoadBalancer

ingress:
  enabled: false

persistence:
  enabled: true
  accessMode: ReadWriteOnce
  storageClass: default-de-nbg6-1b
  storageSize: 50Gi

nexusBackup:
  #nexusAdminPassword: t0ps3kr3t
  persistence:
    enabled: false
    #storageClass: default-de-nbg6-1b
    #storageSize: 3Gi

I deployed with:
helm upgrade -f nexus.yml nude-nexus stable/sonatype-nexus

lifecyclstale
Source
picture oz123
👍1

Most helpful comment

having the same issue on helm chart v 1.4.0 +1

picture JohnDzialo on 6 Jun 2018
👍5

All 12 comments

I believe my problem is due to the fact that I didn't set

nexusProxy:
  env:
    nexusDockerHost: container.example.com
    nexusHttpHost: nexus.example.com

How ever, at the moment I don't know how to create a redirect from the dns record to the correct IP (which I still don't know because the Pod isn't scheduled before I do helm apply).
I would appreciate any help here.

oz123 picture oz123 on 4 May 2018
👍4

having the same issue on helm chart v 1.4.0 +1

JohnDzialo picture JohnDzialo on 6 Jun 2018
👍5

Same issue too. v. sonatype-nexus-1.5.1
Log file:
kubectl logs nexus-release-sonatype-nexus-654df8f789-t7rbs nexus-proxy

2018-08-15 15:52:41,586 [WARN ] [vert.x-eventloop-thread-0] [io.netty.util.internal.MacAddressUtil] Failed to find a usable hardware address from the network interfaces; using random bytes: fa:ae:94:83:de:8a:90:c9
2018-08-15 15:52:41,663 [INFO ] [vert.x-eventloop-thread-0] [com.travelaudience.nexus.proxy.BaseNexusProxyVerticle] Listening at 0.0.0.0:8080.

ThomasUllrich666 picture ThomasUllrich666 on 15 Aug 2018

Same issue.
2018-09-07 02:37:02,912 [WARN ] [vert.x-eventloop-thread-0] [io.netty.util.internal.MacAddressUtil] Failed to find a usable hardware address from the network interfaces; using random bytes: f5:8a:ee:64:e4:4a:4f:32
2018-09-07 02:37:02,963 [INFO ] [vert.x-eventloop-thread-0] [com.travelaudience.nexus.proxy.BaseNexusProxyVerticle] Listening at 0.0.0.0:8080.
2018-09-07 02:38:35,657 [ERROR] [vert.x-eventloop-thread-0] [io.vertx.ext.web.impl.RoutingContextImplBase] Unexpected exception in route
java.lang.NullPointerException: null

garygithub1 picture garygithub1 on 7 Sep 2018

FYI anyone seeing this could try the resolution found here. These guys actually maintain the helm chart.

https://github.com/travelaudience/nexus-proxy/issues/4

try using imageTag 2.2.0 for nexusProxy

JohnDzialo picture JohnDzialo on 7 Sep 2018

There is no chance to disable nexus-proxy at all and use only nexus.
Is it possible to add such feature to disable proxy and point the service directly to nexus or create service for direct access to nexus?

realjktu picture realjktu on 27 Sep 2018
👍2

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Any further update will cause the issue/pull request to no longer be considered stale. Thank you for your contributions.

stale[bot] picture stale[bot] on 27 Oct 2018

This issue is being automatically closed due to inactivity.

stale[bot] picture stale[bot] on 10 Nov 2018

There is no chance to disable nexus-proxy at all and use only nexus.
Is it possible to add such feature to disable proxy and point the service directly to nexus or create service for direct access to nexus?

I'm having the same issue. I'm doing SSL termination outside kubernetes in a haproxy installation. I was able to connect to proxy with this config but then all assets are not found since nexus HTML uses absolute urls.

frontend https-in
  bind :443
  [...]
  # Define hosts for virtual hosting
  acl nexus hdr(host) -i nexus.example.com

  # Routing rules, letsencrypt must be the first rule
  use_backend NEXUS if nexus

  # Add host header needed by K8S ingress
  http-request set-header Host nexus.lan.example.com if nexus
  http-request set-header X-Forwarded-Host nexus.example.com

backend NEXUS
  option httpchk GET / HTTP/1.1\r\nHost:\ nexus.lan.example.com
  server nexus nexus.lan.example.com:80 check inter 60s fastinter 1s downinter 2s

How to get rid of nexus proxy and get a plain service to nexus3?? (BTW what is its purpose)

Or alternatively is there any way to make nexus produce relative links instead of absolute ones?

fabn picture fabn on 19 Sep 2019
👀3 👍3

I'm facing the same issue. All over the internet, I don't find a solution. I don't need this proxy at all. Please did you find a solution ? I just need to access my nexus using loadbalancer for tests.

KOSSOKO picture KOSSOKO on 2 Jan 2020

There is no chance to disable nexus-proxy at all and use only nexus.
Is it possible to add such feature to disable proxy and point the service directly to nexus or create service for direct access to nexus?

I'm having the same issue. I'm doing SSL termination outside kubernetes in a haproxy installation. I was able to connect to proxy with this config but then all assets are not found since nexus HTML uses absolute urls.

frontend https-in
  bind :443
  [...]
  # Define hosts for virtual hosting
  acl nexus hdr(host) -i nexus.example.com

  # Routing rules, letsencrypt must be the first rule
  use_backend NEXUS if nexus

  # Add host header needed by K8S ingress
  http-request set-header Host nexus.lan.example.com if nexus
  http-request set-header X-Forwarded-Host nexus.example.com

backend NEXUS
  option httpchk GET / HTTP/1.1\r\nHost:\ nexus.lan.example.com
  server nexus nexus.lan.example.com:80 check inter 60s fastinter 1s downinter 2s

How to get rid of nexus proxy and get a plain service to nexus3?? (BTW what is its purpose)

Or alternatively is there any way to make nexus produce relative links instead of absolute ones?

See if this works:

"Update the Base URL to use https in your repository manager configuration using the Base URL capability."

https://help.sonatype.com/repomanager3/security/configuring-ssl#ConfiguringSSL-HowtoEnabletheHTTPSConnector

I'm trying to find a way to edit the base url without first logging in, since my SSL-terminating load balancer does 301s HTTP requests to HTTPS.

gveltri picture gveltri on 7 Jan 2020

I solved using nginx-configuration to forward the X-Forwarded-Proto using
https://github.com/kubernetes/ingress-nginx/issues/3192#issuecomment-483281931

imdganesan picture imdganesan on 12 Feb 2020
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

ChrisCooney picture ChrisCooney  路  3Comments
onyxet picture onyxet  路  3Comments
vsliouniaev picture vsliouniaev  路  3Comments
dene14 picture dene14  路  3Comments
tyg03485 picture tyg03485  路  3Comments