A while ago I installed SonarQube on my PC via Docker. I meant to upgrade the installation to my server so I don't have a rather large install eating memory and disk while being idle. Now I got around to do it with Ansible and docker compose.
The ansible role
The Ansible role I wrote installs SonarQube community edition (free) on a machine via docker compose. It follows the main docker compose approach with SonarQube and PostgreSQL and you can see it here.
The variables for this role are:
||The sonarqube docker image||sonarqube|
||The database docker image||postgres|
||The published HTTP port||9000|
||The API port||9001|
||Location of the docker compose configuration||/var/local/conf/sonarqube|
||The database user name||changeme|
||The database password||changeme|
You should normally customise the ports and the database credentials only. If you want, you can also use custom-built images of sonarqube (e.g. with custom plugins) and postgresql, or use specific versions.
Global machine variables
As SonarQube depends on ElasticSearch, it needs to comply with ES's requirements in terms of files and processes opened. For this, we define the variables below:
||Elastic search VM max map count||524288|
||Elastic search max files opened||131072|
||Number of files opened||131072|
||Number of processes operened||8192|
The defaults defined above are sensible ones.
Note that these are global (machine-level) variables and you need to change them if you have other software that customises them already. I use the maximum of the avilable customisations for the time being (e.g. if you have software requiruing nproc to be 10000, then set
sonarqube_nproc to 10000 too!)
Note that the role tasks setting up these values needs root elevation (via
become: true ).
Other notable mentions
The role creates named volumes, as per recommendations. I've tried to use path-based volumes, but it always failed for me in some place (most likely permissions). This impacts the backup somewhat, but I don't care too much about it because:
- The amount of projects I have opened simultaneously is low, they can be updated with the relevant tokens quickly
- I care mostly about the latest results, not historical data
If you do care about backups, you'll need to take into account the named volumes and probably create a backup image with access to those.