I'm having an issue where SonarQube 10.1.0 Community seems to be having a difficult starting for the first time.
I've set it up using Kubernetes (K3s v1.27.1) and adapted the official SonarQube Helm chart to be able to use it with my own infrastructure and have more control.
Logs
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [aggregations]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [analysis-common]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [apm]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [blob-cache]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [lang-painless]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [old-lucene-versions]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [parent-join]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [reindex]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [transport-netty4]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [x-pack-aggregate-metric]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [x-pack-core]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [x-pack-profiling]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] loaded module [x-pack-security]
2023.07.02 21:55:21 INFO es[][o.e.p.PluginsService] no plugins loaded
2023.07.02 21:55:24 INFO es[][o.e.e.NodeEnvironment] using [1] data paths, mounts [[/opt/sonarqube/data (10.0.1.1:/mnt/ZPool1/Kubernetes/cluster0/personal-19/sonarqube/data)]], net usable_space [4.7tb], net total_space [4.7tb], types [nfs4]
2023.07.02 21:55:24 INFO es[][o.e.e.NodeEnvironment] heap size [512mb], compressed ordinary object pointers [true]
2023.07.02 21:55:24 INFO es[][o.e.n.Node] node name [sonarqube], node ID [lKa0DhO4Ss2jrx089YgiuA], cluster name [sonarqube], roles [ml, data_hot, transform, data_content, data_warm, master, remote_cluster_client, data, data_cold, ingest, data_frozen]
2023.07.02 21:55:24 INFO es[][o.e.x.p.ProfilingPlugin] Profiling is enabled
2023.07.02 21:55:24 INFO es[][o.e.x.s.Security] Security is disabled
2023.07.02 21:55:24 INFO es[][o.e.t.n.NettyAllocator] creating NettyAllocator with the following configs: [name=unpooled, suggested_max_allocation_size=1mb, factors={es.unsafe.use_unpooled_allocator=null, g1gc_enabled=true, g1gc_region_size=4mb, heap_size=512mb}]
2023.07.02 21:55:24 INFO es[][o.e.i.r.RecoverySettings] using rate limit [40mb] with [default=40mb, read=0b, write=0b, max=0b]
2023.07.02 21:55:24 INFO es[][o.e.d.DiscoveryModule] using discovery type [single-node] and seed hosts providers [settings]
2023.07.02 21:55:25 INFO es[][o.e.n.Node] initialized
2023.07.02 21:55:25 INFO es[][o.e.n.Node] starting ...
2023.07.02 21:55:25 INFO es[][o.e.t.TransportService] publish_address {127.0.0.1:35691}, bound_addresses {127.0.0.1:35691}
2023.07.02 21:55:25 INFO es[][o.e.b.BootstrapChecks] explicitly enforcing bootstrap checks
2023.07.02 21:55:25 WARN es[][o.e.c.c.ClusterBootstrapService] this node is locked into cluster UUID [HDZkyFIkRi2sp_BveAdgVg] but [cluster.initial_master_nodes] is set to [sonarqube]; remove this setting to avoid possible data loss caused by subsequent cluster bootstrap attempts; for further information see https://www.elastic.co/guide/en/elasticsearch/reference/8.7/important-settings.html#initial_master_nodes
2023.07.02 21:55:25 INFO es[][o.e.c.s.MasterService] elected-as-master ([1] nodes joined)[_FINISH_ELECTION_, {sonarqube}{lKa0DhO4Ss2jrx089YgiuA}{nLZiwfHqTwyq1R1mRHYZJA}{sonarqube}{127.0.0.1}{127.0.0.1:35691}{cdfhilmrstw}{8.7.0} completing election], term: 4, version: 14, delta: master node changed {previous [], current [{sonarqube}{lKa0DhO4Ss2jrx089YgiuA}{nLZiwfHqTwyq1R1mRHYZJA}{sonarqube}{127.0.0.1}{127.0.0.1:35691}{cdfhilmrstw}{8.7.0}]}
2023.07.02 21:55:26 INFO es[][o.e.c.s.ClusterApplierService] master node changed {previous [], current [{sonarqube}{lKa0DhO4Ss2jrx089YgiuA}{nLZiwfHqTwyq1R1mRHYZJA}{sonarqube}{127.0.0.1}{127.0.0.1:35691}{cdfhilmrstw}{8.7.0}]}, term: 4, version: 14, reason: Publication{term=4, version=14}
2023.07.02 21:55:26 INFO es[][o.e.r.s.FileSettingsService] starting file settings watcher ...
2023.07.02 21:55:26 INFO es[][o.e.r.s.FileSettingsService] file settings service up and running [tid=30]
2023.07.02 21:55:26 INFO es[][o.e.h.AbstractHttpServerTransport] publish_address {127.0.0.1:9001}, bound_addresses {127.0.0.1:9001}
2023.07.02 21:55:26 INFO es[][o.e.c.c.NodeJoinExecutor] node-join: [{sonarqube}{lKa0DhO4Ss2jrx089YgiuA}{nLZiwfHqTwyq1R1mRHYZJA}{sonarqube}{127.0.0.1}{127.0.0.1:35691}{cdfhilmrstw}{8.7.0}] with reason [completing election]
2023.07.02 21:55:26 INFO es[][o.e.n.Node] started {sonarqube}{lKa0DhO4Ss2jrx089YgiuA}{nLZiwfHqTwyq1R1mRHYZJA}{sonarqube}{127.0.0.1}{127.0.0.1:35691}{cdfhilmrstw}{8.7.0}{xpack.installed=true, rack_id=sonarqube}
2023.07.02 21:55:26 INFO es[][o.e.l.LicenseService] license [bdd74327-7981-4b82-af56-5b0a01c50f5a] mode [basic] - valid
2023.07.02 21:55:26 INFO es[][o.e.g.GatewayService] recovered [0] indices into cluster_state
2023.07.02 21:55:26 INFO app[][o.s.a.SchedulerImpl] Process[es] is up
2023.07.02 21:55:26 INFO app[][o.s.a.ProcessLauncherImpl] Launch process[WEB_SERVER] from [/opt/sonarqube]: /opt/java/openjdk/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonarqube/temp -XX:-OmitStackTraceInFastThrow --add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.io=ALL-UNNAMED --add-opens=java.rmi/sun.rmi.transport=ALL-UNNAMED --add-exports=java.base/jdk.internal.ref=ALL-UNNAMED --add-opens=java.base/java.nio=ALL-UNNAMED --add-opens=java.base/sun.nio.ch=ALL-UNNAMED --add-opens=java.management/sun.management=ALL-UNNAMED --add-opens=jdk.management/com.sun.management.internal=ALL-UNNAMED -Dcom.redhat.fips=false -Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dhttp.nonProxyHosts=localhost|127.*|[::1] -cp ./lib/sonar-application-10.1.0.73491.jar:/opt/sonarqube/lib/jdbc/postgresql/postgresql-42.6.0.jar org.sonar.server.app.WebServer /opt/sonarqube/temp/sq-process9317971875660968072properties
2023.07.02 21:55:26 INFO es[][o.e.h.n.s.HealthNodeTaskExecutor] Node [{sonarqube}{lKa0DhO4Ss2jrx089YgiuA}] is selected as the current health node.
WARNING: A terminally deprecated method in java.lang.System has been called
WARNING: System::setSecurityManager has been called by org.sonar.process.PluginSecurityManager (file:/opt/sonarqube/lib/sonar-application-10.1.0.73491.jar)
WARNING: Please consider reporting this to the maintainers of org.sonar.process.PluginSecurityManager
WARNING: System::setSecurityManager will be removed in a future release
2023.07.02 21:55:26 INFO web[][o.s.p.ProcessEntryPoint] Starting Web Server
2023.07.02 21:55:27 INFO web[][o.s.s.p.LogServerVersion] SonarQube Server / 10.1.0.73491 / 53c01c35c264c7e3d76cf5fb955de406f36b115e
2023.07.02 21:55:27 INFO web[][o.s.d.DefaultDatabase] Create JDBC data source for jdbc:postgresql://postgresql-service:5432/sonarqube
2023.07.02 21:55:27 INFO web[][c.z.h.HikariDataSource] HikariPool-1 - Starting...
2023.07.02 21:55:27 INFO web[][c.z.h.p.HikariPool] HikariPool-1 - Added connection org.postgresql.jdbc.PgConnection@73a00e09
2023.07.02 21:55:27 INFO web[][c.z.h.HikariDataSource] HikariPool-1 - Start completed.
2023.07.02 21:55:28 INFO web[][o.s.s.p.ServerFileSystemImpl] SonarQube home: /opt/sonarqube
2023.07.02 21:55:28 INFO web[][o.s.s.u.SystemPasscodeImpl] System authentication by passcode is disabled
2023.07.02 21:55:29 INFO web[][o.s.s.p.ServerPluginManager] Deploy C# Code Quality and Security / 9.3.0.71466 / e47cf88a6286a446a098754e5775535a330f58d7
<<Omitted lines for character limit>>
2023.07.02 21:55:29 INFO web[][o.s.s.p.ServerPluginManager] Deploy XML Code Quality and Security / 2.8.1.4006 / 80e5629b173cd7a47c04e97cbe1a263db84ff844
2023.07.02 21:55:29 WARN web[][o.s.c.a.AnnotationConfigApplicationContext] Exception encountered during context initialization - cancelling refresh attempt: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@61a88b8c-org.sonar.server.plugins.ServerPluginManager': Initialization of bean failed; nested exception is java.lang.IllegalStateException: Fail to unzip plugin [python] /opt/sonarqube/lib/extensions/sonar-python-plugin-4.3.0.11660.jar to /opt/sonarqube/data/web/deploy/plugins/python
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'jdk.internal.loader.ClassLoaders$AppClassLoader@61a88b8c-org.sonar.server.plugins.ServerPluginManager': Initialization of bean failed; nested exception is java.lang.IllegalStateException: Fail to unzip plugin [python] /opt/sonarqube/lib/extensions/sonar-python-plugin-4.3.0.11660.jar to /opt/sonarqube/data/web/deploy/plugins/python
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:628)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542)
at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335)
at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234)
at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333)
at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208)
at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955)
at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:920)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583)
at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:187)
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:80)
at org.sonar.server.platform.platformlevel.PlatformLevel2.start(PlatformLevel2.java:101)
at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:214)
at org.sonar.server.platform.PlatformImpl.startLevel2Container(PlatformImpl.java:186)
at org.sonar.server.platform.PlatformImpl.init(PlatformImpl.java:80)
at org.sonar.server.platform.web.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:45)
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4494)
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:4946)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1332)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1322)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.base/java.util.concurrent.AbstractExecutorService.submit(Unknown Source)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:871)
at org.apache.catalina.core.StandardHost.startInternal(StandardHost.java:795)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1332)
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1322)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at org.apache.tomcat.util.threads.InlineExecutorService.execute(InlineExecutorService.java:75)
at java.base/java.util.concurrent.AbstractExecutorService.submit(Unknown Source)
at org.apache.catalina.core.ContainerBase.startInternal(ContainerBase.java:871)
at org.apache.catalina.core.StandardEngine.startInternal(StandardEngine.java:249)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardService.startInternal(StandardService.java:428)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:917)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:183)
at org.sonar.server.app.EmbeddedTomcat.start(EmbeddedTomcat.java:71)
at org.sonar.server.app.WebServer.start(WebServer.java:55)
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:97)
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:81)
at org.sonar.server.app.WebServer.main(WebServer.java:104)
Caused by: java.lang.IllegalStateException: Fail to unzip plugin [python] /opt/sonarqube/lib/extensions/sonar-python-plugin-4.3.0.11660.jar to /opt/sonarqube/data/web/deploy/plugins/python
at org.sonar.server.plugins.ServerPluginJarExploder.explode(ServerPluginJarExploder.java:60)
at java.base/java.util.stream.ReferencePipeline$3$1.accept(Unknown Source)
at java.base/java.util.HashMap$ValueSpliterator.forEachRemaining(Unknown Source)
at java.base/java.util.stream.AbstractPipeline.copyInto(Unknown Source)
at java.base/java.util.stream.AbstractPipeline.wrapAndCopyInto(Unknown Source)
at java.base/java.util.stream.AbstractPipeline.evaluate(Unknown Source)
at java.base/java.util.stream.AbstractPipeline.evaluateToArrayNode(Unknown Source)
at java.base/java.util.stream.ReferencePipeline.toArray(Unknown Source)
at java.base/java.util.stream.ReferencePipeline.toArray(Unknown Source)
at java.base/java.util.stream.ReferencePipeline.toList(Unknown Source)
at org.sonar.server.plugins.ServerPluginManager.extractPlugins(ServerPluginManager.java:86)
at org.sonar.server.plugins.ServerPluginManager.start(ServerPluginManager.java:65)
at org.sonar.core.platform.StartableBeanPostProcessor.postProcessBeforeInitialization(StartableBeanPostProcessor.java:33)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:440)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1796)
at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:620)
... 44 common frames omitted
Caused by: java.nio.file.FileSystemException: /opt/sonarqube/data/web/deploy/plugins/python/sonar-python-plugin-4.3.0.11660.jar: Operation not permitted
at java.base/sun.nio.fs.UnixException.translateToIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixException.rethrowAsIOException(Unknown Source)
at java.base/sun.nio.fs.UnixCopyFile.copyFile(Unknown Source)
at java.base/sun.nio.fs.UnixCopyFile.copy(Unknown Source)
at java.base/sun.nio.fs.UnixFileSystemProvider.copy(Unknown Source)
at java.base/java.nio.file.Files.copy(Unknown Source)
at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:850)
at org.apache.commons.io.FileUtils.copyFile(FileUtils.java:756)
at org.sonar.server.plugins.ServerPluginJarExploder.explode(ServerPluginJarExploder.java:56)
... 59 common frames omitted
2023.07.02 21:55:29 INFO web[][c.z.h.HikariDataSource] HikariPool-1 - Shutdown initiated...
2023.07.02 21:55:29 INFO web[][c.z.h.HikariDataSource] HikariPool-1 - Shutdown completed.
2023.07.02 21:55:29 INFO web[][o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2023.07.02 21:55:29 INFO web[][o.s.p.ProcessEntryPoint] Hard stopping process
2023.07.02 21:55:29 INFO app[][o.s.a.SchedulerImpl] Process[Web Server] is stopped
2023.07.02 21:55:29 WARN app[][o.s.a.p.AbstractManagedProcess] Process exited with exit value [ElasticSearch]: 143
2023.07.02 21:55:29 INFO app[][o.s.a.SchedulerImpl] Process[ElasticSearch] is stopped
2023.07.02 21:55:29 INFO app[][o.s.a.SchedulerImpl] SonarQube is stopped
I’m unable to find much information online about this or even really know what exactly to search for at the moment. It seems like it’s a file system permissions issue, however, I cannot find issues, going so far as to setting all initial container files at /opt/sonarqube/* to 777 with owner and group being sonarqube.
Adjacent?
I use NFS as my storage backend through K8s Persistent Volume Claims, and suspect that it maybe be related to the issues, but cannot determine why.
I see on the Install the Server page:
This warning for storage-related setups makes me suspicious it has something to do with my storage setup, but again, cannot figure out why, or even why bind mounts using Docker directly would have issues. Also similar is Deploy SonarQube on Kubernetes mentioning known issues on Azure Kubernetes Service with the Fileshare PVC.
Debugging Attempts
Going through the logs:
Looking at: nested exception is java.lang.IllegalStateException: Fail to unzip plugin [python] /opt/sonarqube/lib/extensions/sonar-python-plugin-4.3.0.11660.jar to /opt/sonarqube/data/web/deploy/plugins/python
I can go to /opt/sonarqube/lib/extensions/ and see:
sonarqube@sonarqube-deployment-cff8497f8-5mbrb:/opt/sonarqube$ ls -AGhl lib/extensions
total 144M
-r-xr-xr-x 1 root 9.0M Jun 20 13:44 sonar-cayc-plugin-2.0.0.334.jar
-r-xr-xr-x 1 root 28K Jun 20 13:44 sonar-config-plugin-1.2.0.267.jar
-r-xr-xr-x 1 root 4.9M Jun 20 13:44 sonar-csharp-plugin-9.3.0.71466.jar
-r-xr-xr-x 1 root 1.2M Jun 20 13:44 sonar-flex-plugin-2.9.0.3375.jar
-r-xr-xr-x 1 root 7.7M Jun 20 13:44 sonar-go-plugin-1.13.0.4374.jar
-r-xr-xr-x 1 root 528K Jun 20 13:44 sonar-html-plugin-3.8.0.3510.jar
-r-xr-xr-x 1 root 1.5M Jun 20 13:44 sonar-iac-plugin-1.17.0.3976.jar
-r-xr-xr-x 1 root 23K Jun 20 13:44 sonar-jacoco-plugin-1.3.0.1538.jar
-r-xr-xr-x 1 root 18M Jun 20 13:44 sonar-java-plugin-7.20.0.31692.jar
-r-xr-xr-x 1 root 20M Jun 20 13:44 sonar-javascript-plugin-10.3.1.21905.jar
-r-xr-xr-x 1 root 36M Jun 20 13:44 sonar-kotlin-plugin-2.15.0.2579.jar
-r-xr-xr-x 1 root 5.5M Jun 20 13:44 sonar-php-plugin-3.30.0.9766.jar
-r-xr-xr-x 1 root 8.0M Jun 20 13:44 sonar-python-plugin-4.3.0.11660.jar
-r-xr-xr-x 1 root 14M Jun 20 13:44 sonar-ruby-plugin-1.13.0.4374.jar
-r-xr-xr-x 1 root 13M Jun 20 13:44 sonar-scala-plugin-1.13.0.4374.jar
-r-xr-xr-x 1 root 112K Jun 20 13:44 sonar-text-plugin-2.1.0.1163.jar
-r-xr-xr-x 1 root 4.3M Jun 20 13:44 sonar-vbnet-plugin-9.3.0.71466.jar
-r-xr-xr-x 1 root 2.4M Jun 20 13:44 sonar-xml-plugin-2.8.1.4006.jar
All files are readable to the sonarqube user.
I can go to /opt/sonarqube/data/web/deploy/plugins/ and see:
sonarqube@sonarqube-deployment-cff8497f8-5mbrb:/opt/sonarqube$ stat /opt/sonarqube/data/web/deploy/plugins/python/
File: /opt/sonarqube/data/web/deploy/plugins/python/
Size: 2 Blocks: 1 IO Block: 1048576 directory
Device: 31h/49d Inode: 65074 Links: 2
Access: (0777/drwxrwxrwx) Uid: ( 1000/sonarqube) Gid: ( 1000/sonarqube)
Access: 2023-07-02 21:55:59.219114423 +0000
Modify: 2023-07-02 21:55:59.395114311 +0000
Change: 2023-07-02 22:35:24.553474386 +0000
Birth: -
And so the directory is writeable to all users.
I believe the java application should be running under the sonarqube user, so I don’t see why there would be an issue there.
Kubernetes Declarations
Deployment (I'll use StatefulSet eventually...)
apiVersion: apps/v1
kind: Deployment
metadata:
name: sonarqube-deployment
namespace: personal-19
labels:
app: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
strategy:
type: Recreate
template:
metadata:
labels:
app: sonarqube
app-group: sonarqube
spec:
affinity:
podAffinity:
preferredDuringSchedulingIgnoredDuringExecution:
- weight: 100
podAffinityTerm:
topologyKey: "kubernetes.io/hostname"
labelSelector:
matchExpressions:
- key: app-group
operator: In
values:
- sonarqube
initContainers:
- name: set-sysctl-options
image: docker.io/busybox:1.32
command: [ "/bin/sh", "-c" ]
args:
- |
if [[ "$(sysctl -n vm.max_map_count)" -lt 524288 ]]; then
sysctl -w vm.max_map_count=524288
fi
if [[ "$(sysctl -n fs.file-max)" -lt 131072 ]]; then
sysctl -w fs.file-max=131072
fi
if [[ "$(ulimit -n)" != "unlimited" ]]; then
if [[ "$(ulimit -n)" -lt 131072 ]]; then
echo "ulimit -n 131072"
ulimit -n 131072
fi
fi
if [[ "$(ulimit -u)" != "unlimited" ]]; then
if [[ "$(ulimit -u)" -lt 8192 ]]; then
echo "ulimit -u 8192"
ulimit -u 8192
fi
fi
securityContext:
privileged: true
# runAsUser: 1000
# runAsGroup: 1000
# readOnlyRootFilesystem: false
- name: reset-filesystem-permissions
image: docker.io/ubuntu:23.04
command: [ "/bin/sh", "-c" ]
args:
- |
chown -R 1000:1000 /opt/sonarqube
chmod -R 777 /opt/sonarqube
volumeMounts:
- name: sonarqube-volume-data
mountPath: /opt/sonarqube/data/
- name: sonarqube-volume-extensions
mountPath: /opt/sonarqube/extensions/
- name: sonarqube-volume-logs
mountPath: /opt/sonarqube/logs/
containers:
- name: sonarqube
image: docker.io/sonarqube:10.1.0-community
imagePullPolicy: Always
# command: [ "sleep", "infinity" ]
# securityContext:
# privileged: true
# runAsUser: 1000
# runAsGroup: 1000
# readOnlyRootFilesystem: false
env:
- name: SONAR_JDBC_URL
value: 'jdbc:postgresql://postgresql-service:5432/sonarqube'
- name: SONAR_JDBC_USERNAME
valueFrom:
secretKeyRef:
name: personal-19-secrets
key: Database-User
- name: SONAR_JDBC_PASSWORD
valueFrom:
secretKeyRef:
name: personal-19-secrets
key: Database-Password
ports:
- protocol: TCP
containerPort: 9000
resources:
requests:
cpu: 500m
memory: 2Gi
limits:
cpu: 4000m
memory: 8Gi
volumeMounts:
- name: sonarqube-volume-data
mountPath: /opt/sonarqube/data/
- name: sonarqube-volume-extensions
mountPath: /opt/sonarqube/extensions/
- name: sonarqube-volume-logs
mountPath: /opt/sonarqube/logs/
terminationGracePeriodSeconds: 3600
volumes:
- name: sonarqube-volume-data
persistentVolumeClaim:
claimName: sonarqube-volumeclaim-data
- name: sonarqube-volume-extensions
persistentVolumeClaim:
claimName: sonarqube-volumeclaim-extensions
- name: sonarqube-volume-logs
persistentVolumeClaim:
claimName: sonarqube-volumeclaim-logs
Storage
apiVersion: v1
kind: PersistentVolume
metadata:
name: personal-19-sonarqube-persistentvolume-data
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-data
volumeMode: Filesystem
nfs:
server: 10.0.1.1
path: /mnt/ZPool1/Kubernetes/cluster0/personal-19/sonarqube/data/
mountOptions:
- nfsvers=4.2
- hard # `soft` may cause silent data corruption; `hard` requires requests to be retried indefinitely and is "not allowed to fail"
- async # `async` can always be used, as application can command when data is flushed to disk (Basic write-caching)
- proto=tcp
- timeo=10 # read & write request timeout (in tenths of a second)
- rsize=1048576 # the maximum number of bytes the client is allowed to request in a single read request
- wsize=1048576 # the maximum number of bytes the client is allowed to request in a single write request
- ac # enable file attribute caching
- noatime # do not need to update file access times
- nodiratime # do not need to update directory access times
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: personal-19-sonarqube-persistentvolume-extensions
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-extensions
volumeMode: Filesystem
nfs:
server: 10.0.1.1
path: /mnt/ZPool1/Kubernetes/cluster0/personal-19/sonarqube/extensions/
mountOptions:
- nfsvers=4.2
- hard # `soft` may cause silent data corruption; `hard` requires requests to be retried indefinitely and is "not allowed to fail"
- async # `async` can always be used, as application can command when data is flushed to disk (Basic write-caching)
- proto=tcp
- timeo=10 # read & write request timeout (in tenths of a second)
- rsize=1048576 # the maximum number of bytes the client is allowed to request in a single read request
- wsize=1048576 # the maximum number of bytes the client is allowed to request in a single write request
- ac # enable file attribute caching
- noatime # do not need to update file access times
- nodiratime # do not need to update directory access times
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: personal-19-sonarqube-persistentvolume-logs
spec:
accessModes:
- ReadWriteMany
capacity:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-logs
volumeMode: Filesystem
nfs:
server: 10.0.1.1
path: /mnt/ZPool1/Kubernetes/cluster0/personal-19/sonarqube/logs/
mountOptions:
- nfsvers=4.2
- hard # `soft` may cause silent data corruption; `hard` requires requests to be retried indefinitely and is "not allowed to fail"
- async # `async` can always be used, as application can command when data is flushed to disk (Basic write-caching)
- proto=tcp
- timeo=10 # read & write request timeout (in tenths of a second)
- rsize=1048576 # the maximum number of bytes the client is allowed to request in a single read request
- wsize=1048576 # the maximum number of bytes the client is allowed to request in a single write request
- ac # enable file attribute caching
- noatime # do not need to update file access times
- nodiratime # do not need to update directory access times
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarqube-volumeclaim-data
namespace: personal-19
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-data
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarqube-volumeclaim-extensions
namespace: personal-19
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-extensions
volumeMode: Filesystem
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarqube-volumeclaim-logs
namespace: personal-19
spec:
accessModes:
- ReadWriteMany
resources:
requests:
storage: 10Gi
storageClassName: personal-19-sonarqube-storageclass-logs
volumeMode: Filesystem
Ideas?
If anyone has any ideas on things I can look into, I would greatly appreciate any input! Thank you!
