Nexus Repository OSS is an open source repository that supports many artifact formats, including Docker, Java™, and npm. With the Nexus tool integration, pipelines in your toolchain can publish and retrieve versioned apps and their dependencies by using central repositories that are accessible from other environments.

Why Nexus on Kubernetes?
The deployment allows you to control the range of available and excess pods through maxSurge and maxUnavailable fields. With a rolling update strategy there is no downtime during the update process and serving/exposing it outside the cluster.

Why Custom Docker Registry?
A Docker registry is organized into Docker repositories , where a repository holds all the versions of a specific image. The registry allows Docker users to pull images locally, as well as push new images to the registry (given adequate access permissions when applicable). Nowadays most companies focus on having their code deployed on private and publicly restricted servers that’s why we are creating a custom docker registry on nexus.

Helm Charts
Helm helps in managing Kubernetes apps. Helm Charts define, install, and upgrade even the most complex Kubernetes application. The charts are easy to create, version, share, and publish.

Let us see how we can use Nexus Helm Chart on Kubernetes Cluster as a Custom Docker Registry


  1. Docker v19.03.13
  2. Kubernetes cluster v1.19.3
  3. Helm installed v3.4.1
  4. Nexus Helm Chart which can be downloaded from here :

Install Nexus Over Kubernetes Cluster

  1. Download the helm chart for nexus from the above mentioned git repository
  2. Change the following values in values.yaml for configuration and accessing nexus outside the kubernetes cluster.
enabled: false
# svcName: pro
enabled: false
# # To use an additional service, set enable to true
# name: additional-svc
 #  targetPort defines the port where the nexus service will be exposed
 enabled: true
labels: {}
annotations: {}
serviceType: NodePort
- name: nexus-service
port: 8081
nodePort: 30000
- name: nexus-docker-snapshots
port: 8082
nodePort: 30001
- name: nexus-docker-releases
port: 8083
nodePort: 30002
- name: nexus-docker-group
port: 8084
nodePort: 30003

  1. Edit the service.yaml inside templates add nodePort to it
{{- if .Values.service.portName }}
- name: {{ .Values.service.portName }}
port: {{ .Values.service.port }}
targetPort: {{ .Values.service.targetPort }}
nodePort: {{ .Values.service.nodePort }}

  1. After that we need to install the helm chart by moving into the sonatype-nexus directory and running the command in terminal:
C:\Users\Admin\Desktop\nexus\sonatype-nexus>helm install nexus

You can check the helm chart installed by using command:

PS C:\Users\Admin> helm ls
NAME    NAMESPACE       REVISION        UPDATED                                 STATUS          CHART                   APP VERSION
nexus   default         1               2020-12-10 02:07:28.7174933 +0530 IST   deployed        sonatype-nexus-1.23.1   3.20.1-01
  1. Once the chart is install wait until the deployment get in ready state you can keep checking for the deployment state by command:
Not Ready State
C:\Users\Admin\Desktop\nexus\sonatype-nexus>kubectl get deployments

NAME                   READY   UP-TO-DATE   AVAILABLE   AGE
nexus-sonatype-nexus   0/1     1            0           33s

Ready State
C:\Users\Admin\Desktop\nexus\sonatype-nexus>kubectl get deployments
NAME                   READY   UP-TO-DATE   AVAILABLE   AGE
nexus-sonatype-nexus   1/1     1            1           2m
  1. Once the deployment gets ready we can check at which port nexus is running and start accessing nexus at localhost:30000
  2. Login to Nexus using credentials

Create Docker Repository on nexus

1. Create a new repository named as docker-snapshots with recipe docker(hosted)



2. Repeat the same process again named as docker-releases with recipe docker(hosted)

3. Now we have to create a docker-group repository with recipe of docker group to pull image from any of these docker-repository

4. Add docker hosted repositories to docker group and save the repository

Configure machine to access docker registry

Now we have to add the docker repository URL to insecure registries in docker to start using the docker registry.
For Windows and Mac machine users:

You’ll want to open the docker settings, go to the docker engine tab and add the URL “localhost:30001”,“localhost:30002”,“localhost:30003” into “insecure-registries”

Apply and restart Docker
On Ubuntu 16.x and CentOS:

You’ll need to edit or create /etc/docker/daemon.json and add this to the file:
    "insecure-registries" : ["localhost:30001","localhost:30002","localhost:30003"]
Then restart Docker with sudo systemctl restart docker. Now one can pull or push the docker image into these custom registries.

Test pushing and pulling a docker image

1.    Login to Docker registries

PS C:\Users\Admin> docker login http://localhost:30001
Username: admin
Password: admin123
Login Succeeded

PS C:\Users\Admin> docker login http://localhost:30002
Username: admin
Password: admin123
Login Succeeded

PS C:\Users\Admin> docker login http://localhost:30003
Username: admin
Password: admin123
Login Succeeded

2.    Pull a sample image from docker hub and tag it for docker-snapshots

PS C:\Users\Admin> docker pull docker/getting-started
Using default tag: latest
latest: Pulling from docker/getting-started
Digest: sha256:b821569034e3b5fae03b40e64a866017067f3bf17effe185b782bdbf02179528
Status: Image is up to date for docker/getting-started:latest

PS C:\Users\Admin> docker tag docker/getting-started localhost:30001/docker/getting-started:1.0.0

3.    Push the tagged image to docker registry

PS C:\Users\Admin> docker push localhost:30001/docker/getting-started:1.0.0
The push refers to repository [localhost:30001/docker/getting-started]
ce83f2c2b3ed: Pushed
231fd12dac65: Pushed
468af79aab10: Pushed
fbf82c12d86e: Pushed
4dc20fbc0e8d: Pushed
b831cc3ae47e: Pushed
ace0eda3e3be: Pushed
1.0.0: digest: sha256:219a0e457a437eba6a09e8d954c9e8ea3b29632a8d1b515285b782713c8fc26b size: 1782

4.    Test pulling the image back from registry

PS C:\Users\Admin> docker pull localhost:30001/docker/getting-started:1.0.0 1.0.0: 
Pulling from docker/getting-started 
Digest: sha256:219a0e457a437eba6a09e8d954c9e8ea3b29632a8d1b515285b782713c8fc26b 
Status: Image is up to date for localhost:30001/docker/getting-started:1.0.0 

Do check out our other blogs here.