How to Fix nexus-blobstore-s3 Plugin Errors
1. WHAT HAPPENED?
I accidentally deleted the S3 Bucket and Access Keys which were used by the nexus-blobstore-s3 plugin and then Nexus OSS 3.14.0 server could not start anymore.
2. ERROR
2018-10-17 15:05:56,530+0530 ERROR [FelixStartLevel] *SYSTEM org.sonatype.nexus.repository.internal.blobstore.BlobStoreManagerImpl - Failed transition: NEW -> STARTED org.sonatype.nexus.blobstore.api.BlobStoreException: Unable to initialize blob store bucket: nexus-s3, Cause: The AWS Access Key Id you provided does not exist in our records. (Service: Amazon S3; Status Code: 403; Error Code: InvalidAccessKeyId; Request ID: 602E25272A7277D3; S3 Extended Request ID: 0KoHw+4u6aJqwdl+zhsph3yR+UQJ6IG1iXqpHIkKZD/K7rCMlhp+CI9Yx/AtS5QpFkGJ86cBEXk=)
3. FIX
3.1. Launch the OrientDB console using the same version of Java executable that Nexus is using.
java -jar /opt/nexus/lib/support/nexus-orient-console.jar
You should be presented with a command-line interface such as this, ready to accept your commands.
OrientDB console v.2.2.16 www.orientdb.com
Type 'help' to display all the supported commands.
orientdb>
3.2. Connect to the Nexus OrientDB database.
connect plocal:/data/nexus-data/nexus3/db/config admin admin
3.3. Export the database as a JSON file.
export database /opt/nexus_database.json
Read the exported database using a text editor, and you will find a JSON data set as follows. The complete nexus_database.json can be found here.
{
"@type":"d",
"@rid":"#18:6",
"@version":1,
"@class":"repository_blobstore",
"name":"NEXUS-S3",
"type":"S3",
"attributes":{
"s3":{
"bucket":"nexus-s3",
"accessKeyId":"AKIAIG72PIANEZGF5QGQ",
"secretAccessKey":"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",
"sessionToken":"",
"assumeRole":"",
"region":"ap-south-1",
"endpoint":"",
"expiration":"3",
"signertype":""
}
}
},
Updated AWS S3 Configurations
PROPERTY | VALUE |
---|---|
BUCKET_NAME | nexus-s3 |
AWS_ACCESS_KEY_ID | ACFRTYSDVS2R3O8EWRA |
AWS_SECRET_ACCESS_KEY | H4nWq6Nbm9439hF12rEzadsVo/2RqwQH3LPmbvT |
REGION | us-east-1 |
3.4. Update the necessary nexus properties. I'm updating bucket, accessKeyId, secretAccessKey and region properties which need to modify according to the updated nexus configurations.
# Update S3 Bucket
update repository_blobstore set attributes.s3.bucket='nexus-s3' where name='NEXUS-S3'
# Update S3 Access Key ID
update repository_blobstore set attributes.s3.accessKeyId='ACFRTYSDVS2R3O8EWRA' where name='NEXUS-S3'
# Update S3 Secret Access Key
update repository_blobstore set attributes.s3.secretAccessKey='H4nWq6Nbm9439hF12rEzadsVo/2RqwQH3LPmbvT' where name='NEXUS-S3'
# Update S3 Bucket Region
update repository_blobstore set attributes.s3.region='us-east-1' where name='NEXUS-S3'
3.5. Disconnect and exit from the Nexus OrientDB database.
disconnect
exit
3.6. Provide necessary permissions to the Nexus OrientDB database.
chown -R nexus:nexus /data/nexus-data/nexus3/db
3.7. Restart Nexus server.
sudo systemctl restart nexus.service
3.8. Monitor Nexus service logs.
tail -f /data/nexus-data/nexus3/log/nexus.log
References: