1. Answers
  2. Hosting Nexus on AWS EC2

How Do I Host Nexus on AWS EC2?

Introduction

This guide provides a comprehensive walkthrough on how to host Nexus on an AWS EC2 instance using Pulumi. The purpose of this guide is to help you set up a robust infrastructure by creating an EC2 instance, configuring the necessary security groups, and installing Nexus on the instance. This process is essential for developers and IT professionals who need a reliable repository manager for their development workflows.

Step-by-Step Process

  1. Define a VPC: Begin by setting up a Virtual Private Cloud (VPC) to provide an isolated network environment for your resources.

  2. Create an Internet Gateway: Attach an Internet Gateway to your VPC to enable internet access for your instances.

  3. Set Up a Subnet: Define a subnet within the VPC to allocate IP addresses for your resources.

  4. Configure a Route Table: Establish a route table to direct internet traffic through the Internet Gateway.

  5. Associate Route Table with Subnet: Link the route table to your subnet to ensure proper routing of traffic.

  6. Define a Security Group: Create a security group to control inbound and outbound traffic, allowing SSH and Nexus-specific ports.

  7. Create a Key Pair: Generate a key pair for secure SSH access to your EC2 instance.

  8. Launch an EC2 Instance: Deploy an EC2 instance using the Amazon Linux 2 AMI, and configure it with the necessary security group and key pair.

  9. Install Nexus: Use user data scripts to automate the installation and setup of Nexus on your EC2 instance.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Define a VPC
const vpc = new aws.ec2.Vpc("vpc", {
    cidrBlock: "10.0.0.0/16",
    tags: {
        Name: "nexus-vpc",
    },
});

// Define an Internet Gateway
const igw = new aws.ec2.InternetGateway("igw", {
    vpcId: vpc.id,
    tags: {
        Name: "nexus-igw",
    },
});

// Define a Subnet
const subnet = new aws.ec2.Subnet("subnet", {
    vpcId: vpc.id,
    cidrBlock: "10.0.1.0/24",
    availabilityZone: "us-west-2a",
    tags: {
        Name: "nexus-subnet",
    },
});

// Define a Route Table
const routeTable = new aws.ec2.RouteTable("routeTable", {
    vpcId: vpc.id,
    routes: [
        {
            cidrBlock: "0.0.0.0/0",
            gatewayId: igw.id,
        },
    ],
    tags: {
        Name: "nexus-route-table",
    },
});

// Associate the Route Table with the Subnet
new aws.ec2.RouteTableAssociation("routeTableAssociation", {
    subnetId: subnet.id,
    routeTableId: routeTable.id,
});

// Define a Security Group
const securityGroup = new aws.ec2.SecurityGroup("securityGroup", {
    vpcId: vpc.id,
    description: "Allow HTTP and SSH",
    ingress: [
        { protocol: "tcp", fromPort: 22, toPort: 22, cidrBlocks: ["0.0.0.0/0"] },  // SSH
        { protocol: "tcp", fromPort: 8081, toPort: 8081, cidrBlocks: ["0.0.0.0/0"] },  // Nexus
    ],
    egress: [
        { protocol: "-1", fromPort: 0, toPort: 0, cidrBlocks: ["0.0.0.0/0"] },
    ],
    tags: {
        Name: "nexus-security-group",
    },
});

// Define a Key Pair
const keyPair = new aws.ec2.KeyPair("keyPair", {
    publicKey: "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA...",
});

// Define an EC2 Instance
const instance = new aws.ec2.Instance("instance", {
    instanceType: "t2.micro",
    ami: "ami-0c55b159cbfafe1f0",  // Amazon Linux 2 AMI
    keyName: keyPair.keyName,
    subnetId: subnet.id,
    securityGroups: [securityGroup.name],
    userData: `#!/bin/bash
    sudo yum update -y
    sudo yum install -y java-1.8.0-openjdk
    cd /opt
    sudo wget https://download.sonatype.com/nexus/3/latest-unix.tar.gz
    sudo tar -zxvf latest-unix.tar.gz
    sudo mv nexus-3* nexus
    sudo adduser nexus
    sudo chown -R nexus:nexus /opt/nexus
    sudo chown -R nexus:nexus /opt/sonatype-work
    sudo ln -s /opt/nexus/bin/nexus /etc/init.d/nexus
    sudo chkconfig --add nexus
    sudo chkconfig --levels 345 nexus on
    sudo service nexus start
    `,
    tags: {
        Name: "nexus-instance",
    },
});

// Export the public IP of the instance
export const publicIp = instance.publicIp;
export const publicDns = instance.publicDns;

Key Points

  • Networking Setup: A VPC, subnet, and route table are established to ensure the EC2 instance can communicate externally.
  • Security Configuration: A security group is configured to allow SSH and Nexus traffic, ensuring secure access.
  • Automated Nexus Installation: Nexus is installed and configured automatically on the EC2 instance using user data scripts.

Conclusion

Hosting Nexus on an AWS EC2 instance using Pulumi involves setting up a secure and scalable infrastructure. By following this guide, you can ensure that your Nexus repository manager is hosted efficiently, providing a reliable solution for managing dependencies and artifacts in your development projects. This setup not only enhances security and accessibility but also streamlines your development workflow.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up