homeblogsonatype puppet eering the nexus repository

From Sonatype: Puppet-eering the Nexus Repository

Editor's Note: This article originally appeared on The Nexus, a project hosted by Sonatype. It is republished here with Sonatype's permission.

Puppet plus Neus

The popular configuration management tool Puppet is widely used to provision and manage myriads of servers. It can be used to install software initially, configure it and update it. Doing all that is easy since you can describe the configuration in a Ruby-based domain specific language and track any changes in your version control system of choice.

Puppet can then farm the configuration out to as many servers as you like. This makes the process highly scalable and repeatable.

And talking about scaling, a lot of Puppet users like Atlassian or HubSpot use the Nexus Repository Manager as their warehouse for all binary components in their development and IT infrastructure. Let’s have a closer look on what can be done…

Nexus Repository Manager

The Nexus Repository Manager is designed to receive, host and provide components. These binaries can come from external repositories or repository managers or from your own build processes or even manual uploads. The repository manager in turn makes them all available at one central location.


With all this in mind, it should come as no surprise that Puppet and the Nexus Repository Manager can work hand in hand beautifully. In fact, the typical use cases are:

  • Install a Nexus Repository Manager
  • Configure a Nexus Repository Manager
  • Use Nexus Repository Manager as a component source

Let’s have a look at these in a bit more detail.

Install and configure

The advantage of using Puppet for installing and configuring your repository manager compared to manual processes are scalability and repeatability. You can write one Puppet script and reuse it for as many servers as you like. Or you can build up a library of scripts that allow you create a base installation of the repository manager and then apply specific configurations to different servers.

For example, you could create scripts that simply configure read-only repository managers that you deploy in your network on a whim whenever you notice performance bottlenecks with regards to downloading components in your builds or by other systems. You automatically configure them to proxy your master Nexus Repository Manager that receives all the deployments. By doing so, you immediately take a lot of load of that server allowing you to grow further.

You could also combine this with Puppet scripts to install a reverse proxy, maybe using nginx, together with each repository manager. Or maybe, if you maintain multiple continuous integration server clusters, you could automate the installation of Nexus Repository Manager into each of these cluster.

Getting things done

Sounds easy and full of promise, right? Well, thanks to the tireless efforts of the Puppet community you have a choice of ready-made Puppet modules available on the Puppet Forge that really do make it easy.

They achieve their automation via clever Ruby scripting and rely on the REST API of the Nexus Repository Manager.

A good example module for installing and configuring the Nexus Repository Manager is available from HubSpot. Another well-tested module is maintained by Atlassian. It features a rich set of commands to that allow you to configure things such as repositories or security settings.

If you want to perform further configurations beyond could use the Ruby-based Nexus CLI commands from RiotGames or create your own using the REST API.

And then?

Once you got all those Nexus Repository Managers installed and humming away you are all done with using Puppet, right? Nope - wrong. The repository manager can now act as a source of binary files that it provides to other Puppet scripts that download components and use them in their scripts.

For example, imagine a setup where a build script runs on your CI server and creates a release component in the form of a Java web application archive (WAR file). The final step of this build process is to upload the file to the Nexus Repository Manager. Now it is available for a Puppet script to download it and deploy it on numerous servers effortlessly.

Downloading files from the repository manager is basically a simple HTTP request, but even there the Puppet community created some nice little helper modules to simplify the task. You can for example check out this project from CEH, but there are other choices.


Puppet is a great tool to manage and provision your infrastructure and the Nexus Repository Manager acts as a central warehouse for your binary components. Together they will make your maintenance much easier than you thought possible and you won’t want to provision or configure a server manually ever again. Especially not if you know that there are 20 more server that need the same config…

Manfred Moser is a trainer, author and community advocate at Sonatype.

Learn more

  • Haven't tried Puppet Enterprise yet? You can download the Learning VM for free and start exploring.
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.