In this article, We are going to perform, How to Install SonarQube on CentOS 7,Install and Setup PostgreSQL 10 Database For SonarQube,Configure SonarQube,Configure Reverse Proxy in Apache to Run Sonarqube over HTTPS.
Table of Contents
Introduction
SonarQube is an opensource web based tool to manage code quality and code analysis. It is most widely used in continuous code inspection which performs reviews of code to detect bugs, code smells and vulnerability issues of programming languages.
Prerequisites
- CentOS 7 with minimum 2GB RAM and 1 CPU.
- PostgreSQL Version 9.3 or higher
- SSH access with sudo privileges
- Firewall Port: 9000
Here, We are installing SonarQube 7.9.1 version and have to install Oracle JAVA/Open JDK, Postgres-SQL as database and Latest browser before installing SonarQube. To know Prerequisite visit sonarqube official page
Note: MySQL Support for SonarQube is depricated.
Increase the vm.max_map_count kernal ,file discriptor and ulimit for current session at runtime.
sudo sysctl -w vm.max_map_count=262144
sudo sysctl -w fs.file-max=65536
sudo ulimit -n 65536
sudo ulimit -u 4096
To Increase the vm.max_map_count kernal ,file discriptor and ulimit permanently .
Open the below config file and Insert the below value as shown below,
sudo nano /etc/security/limits.conf
sonarqube - nofile 65536
sonarqube - nproc 4096
OR
If you are using systemd to manage the sonarqube services then add below value in sonarqube unit file under [service] section.
[Service]
...
LimitNOFILE=65536
LimitNPROC=4096
...
Before installing, Lets update and upgrade System Packages
sudo yum update -y
Install wget and unzip package
sudo yum install wget unzip -y
Step #1: Install OpenJDK
Install OpenJDK and JRE 11 using following command,
sudo yum install openjdk-11-jdk -y sudo yum install openjdk-11-jre -y
1.1. SET Default JDK
To set default JDK or switch to OpenJDK enter below command,
$ sudo update-alternatives --config java
You will see below choices for the alternative java (providing /usr/bin/java).
Selection Path Priority Status ------------------------------------------------------------ 0 /usr/lib/jvm/java-11-openjdk-amd64/bin/java 1111 auto mode 1 /usr/lib/jvm/java-11-openjdk-amd64/bin/java 1111 manual mode 2 /usr/lib/jvm/java-8-openjdk-amd64/jre/bin/java 1081 manual mode * 3 /usr/lib/jvm/java-8-oracle/jre/bin/java 1081 manual mode
Type 1 to switch OpenJDK 11.
1.2. Check JAVA Version:
$ java -version
Output:
$ java -version openjdk version "11.0.4" 2019-07-16 OpenJDK Runtime Environment (build 11.0.4+11-post-Ubuntu-116.04.1) OpenJDK 64-Bit Server VM (build 11.0.4+11-post-Ubuntu-116.04.1, mixed mode, sharing)
Step #2: Install and Setup PostgreSQL 10 Database For SonarQube
Install the PostgreSQL Repository
sudo yum install https://download.postgresql.org/pub/repos/yum/10/redhat/rhel-7-x86_64/pgdg-centos10-10-2.noarch.rpm -y
Install the PostgreSQL 10 database Server by using following command,
sudo yum install postgresql10-server postgresql10-contrib -y
Initialize the Postgres database.
sudo /usr/pgsql-10/bin/postgresql-10-setup initdb
Open the /var/lib/pgsql/data/pg_hba.conf file.
sudo vi /var/lib/pgsql/10/data/pg_hba.conf
Once Opened Find the below lines at the bottom of the file and change peer to trust and idnet to md5
# TYPE DATABASE USER ADDRESS METHOD # "local" is for Unix domain socket connections only local all all peer # IPv4 local connections: host all all 127.0.0.1/32 ident # IPv6 local connections: host all all ::1/128 ident
Once changed, it should look like the as below
# TYPE DATABASE USER ADDRESS METHOD # "local" is for Unix domain socket connections only local all all trust # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5
Start PostgreSQL Database server
sudo systemctl start postgresql-10
Enable it to start automatically at System Startup
sudo systemctl enable postgresql-10
Change the password for the default PostgreSQL user.
sudo passwd postgres
Switch to the postgres user.
su - postgres
Create a new user by typing:
createuser sonar
Switch to the PostgreSQL shell.
psql
Set a password for the newly created user for SonarQube database.
ALTER USER sonar WITH ENCRYPTED password 'sonar';
Create a new database for PostgreSQL database by running:
CREATE DATABASE sonarqube OWNER sonar;
grant all privileges to sonar user on sonarqube Database.
grant all privileges on sonarqube to sonar;
Exit from the psql shell:
\q
Switch back to the sudo user by running the exit command.
exit
Step #3: Download and Install SonarQube on CentOS
Download sonaqube installer files archieve To download latest version of visit SonarQube download page.
cd /tmp
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-7.9.1.zip
Unzip the archeve setup to /opt directory
sudo unzip sonarqube-7.9.1.zip -d /opt
Move extracted setup to /opt/sonarqube directory
sudo mv /opt/sonarqube-7.9.1 /opt/sonarqube
Step #4:Configure SonarQube
We can’t run Sonarqube as a root user , if you run using root user it stops automatically. We have found solution on this to create saparate group and user to run sonarqube.
4.1. Create Group and User:
Create a group as sonar
sudo groupadd sonar
Now add the user with directory access.
sudo useradd -c "user to run SonarQube" -d /opt/sonarqube -g sonar sonar
Give the ownership permission to sonar user and group.
sudo chown -R sonar:sonar /opt/sonarqube
Open the SonarQube configuration file using your favorite text editor.
sudo nano /opt/sonarqube/conf/sonar.properties
Find the following lines.
#sonar.jdbc.username=
#sonar.jdbc.password=
Uncomment and Type the PostgreSQL Database username and password which we have created in above steps.
sonar.jdbc.username=your_user sonar.jdbc.password=your_password
Edit the sonar script file and set RUN_AS_USER
sudo nano /opt/sonarqube/bin/linux-x86-64/sonar.sh
RUN_AS_USER=sonar
Type CTRL+X to save and close the file.
4.2. Start SonarQube:
Now to start SonarQube we need to do following: Switch to sonar user
sudo su sonar
Move to the script directory
cd /opt/sonar/bin/linux-x86-64/
Run the script to start SonarQube
./sonar.sh start
We can also add this in service and can run as a service.
4.3. Check SonarQube Running Status:
To check if sonaqube is running enter below command,
./sonar.sh status
4.4. SonarQube Logs:
To check sonarqube logs, navigate to /opt/sonarqube/logs/sonar.log directory
tail /opt/sonarqube/logs/sonar.log
Step #5: Configure Systemd service
Create a systemd service file for SonarQube to run as System Startup.
sudo nano /etc/systemd/system/sonar.service
Add the below lines,
[Unit]
Description=SonarQube service
After=syslog.target network.target
[Service]
Type=forking
ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
User=sonar
Group=sonar
Restart=always
LimitNOFILE=65536
LimitNPROC=4096
[Install]
WantedBy=multi-user.target
Save and close the file. Now stop the sonarqube script earlier we started to run using as daemon. Start the Sonarqube daemon by running:
sudo systemctl start sonar
Enable the SonarQube service to automatically at boot time System Startup.
sudo systemctl enable sonar
check if the sonarqube service is running,
sudo systemctl status sonar
Step #6: Access SonarQube
To access the SonarQube using browser type server IP followed by port 9000.
http://server_IP:9000 OR http://localhost:9000
Login to SonarQube with default administrator username and password is admin.
Finally, We have successfully performed all steps to install sonarqube setup.
Step #7:Configure Reverse Proxy in Apache to Run Sonarqube over HTTPS
Here, We are going to configure reverse proxy in Apache to Run SonarQube over HTTPS. I am assuming you have already installed apache2 on this server.
7.1 : Enable Mod and Reverse Proxy Modules
First enable mod and reverse proxy modules in CentOs 7 if not enables as shown below.Open the below path
sudo vim /etc/httpd/conf/httpd.conf
Copy below lines in /etc/httpd/conf/httpd.conf file
LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so
Sample Output:
Test the configuration file syntax with
sudo apachectl configtest
If there are no errors you will see the following output:
Output:
Syntax OK
Restart httpd service to take effect
sudo systemctl restart httpd
7.2 : Create Virtual Host Configuration
Create a virtual host for a specific website open your editor of choice and create the following basic Virtual Host configuration file in /etc/httpd/conf.d directory , paste the below lines, replace domain name and SSL certificate path accordingly.
For Example, Here i am using sonarqube-test.fosstechnix.com domain .
ProxyRequests Off ProxyPreserveHost On <VirtualHost *:80> ServerName sonarqube-test.fosstechnix.com ServerAdmin [email protected] Redirect / https:// sonarqube-test.fosstechnix.com/ RewriteEngine On RewriteCond %{HTTPS} Off RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] ErrorLog /var/log/httpd/error.log CustomLog /var/log/httpd//access.log common </VirtualHost> <VirtualHost *:443> ServerName sonarqube-test.fosstechnix.com ServerAlias sonarqube-test.fosstechnix.com SSLEngine On SSLCertificateFile /var/www/ssl/56a17ac0a3ef2345.crt SSLCertificateKeyFile /var/www/ssl/*.fosstechnix.key ProxyPass / http://sonarqube-test.fosstechnix.com:9000/ ProxyPassReverse / http://sonarqube-test.fosstechnix.com/ </VirtualHost>
Test the virtual host configuration.
sudo apachectl configtest
If there are no errors you will see the following output:
Output:
Syntax OK
To activate a newly created virtual host, restart the Apache service
sudo systemctl restart httpd
Verify that everything is working as expected, by opening https:// sonarqube-test.fosstechnix.com/
Troubleshooting
loaded plugin [org.elasticsearch.transport.Netty4Plugin] ERROR: [1] bootstrap checks failed. max virtual memory areas vm.max_map_count [65530] is too low, increase to at least [262144].
Solution:
Elasticsearch uses a MMap FS directory to store its indices. The default operating system limits on mmap counts is possibly to be too low, which may result in out of memory exceptions. Enter the below command to increase virtual memory value using sudo privileges,
sudo sysctl -w vm.max_map_count=262144
Output:
sudo sysctl -w vm.max_map_count=262144 vm.max_map_count = 262144
To set value permanently, update the vm.max_map_count value in /etc/sysctl.conf. To verify after rebooting,
sysctl vm.max_map_count
Conclusion:
In this article, We have performed ,How to Download and Install SonarQube on CentOS 7 with Configure Sonarqube, Creating Systemd Service and Configure reverse proxy in apache to run sonarqube over https.
Thanks Shivdas for sharing this massive step by step guide!
I love it!
– Mayur
Thanks for your kind words.
grant all privileges on DATABASE sonarqube to sonar; 😉
Thank you for this simple tutorial, this still works on version 9.1. Other tutorial either uses SonarQube 6.x (making root as a user) or making installing nginx sort of mandatory for it to be able to start properly. Some of them even messing with java path which we actually don’t really need to and that’s one thing that I found to be my issue when trying to set this up on local & cloud server.
Thanks for your feedback.