A while ago I installed SonarQube on my PC via Docker. I meant to upgrade the installation to my server so I don't have a rather large install eating memory and disk while being idle. Now I got around to do it with Ansible and docker compose.

The ansible role

The Ansible role I wrote installs SonarQube community edition (free) on a machine via docker compose. It follows the main docker compose approach with SonarQube and PostgreSQL and you can see it here.

Configure

The variables for this role are:

Name Description Default
sonarqube_image The sonarqube docker image sonarqube
sonarqube_db_image The database docker image postgres
sonarqube_http_port The published HTTP port 9000
sonarqube_api_port The API port 9001
sonarqube_config_path Location of the docker compose configuration /var/local/conf/sonarqube
sonarqube_db_user The database user name changeme
sonarqube_db_password The database password changeme

You should normally customise the ports and the database credentials only. If you want, you can also use custom-built images of sonarqube (e.g. with custom plugins) and postgresql, or use specific versions.

Global machine variables

As SonarQube depends on ElasticSearch, it needs to comply with ES's requirements in terms of files and processes opened. For this, we define the variables below:

Name Description Default
sonarqube_vm_max_map_count Elastic search VM max map count 524288
sonarqube_fs_file_max Elastic search max files opened 131072
sonarqube_nofile Number of files opened 131072
sonarqube_nproc Number of processes operened 8192

The defaults defined above are sensible ones.

Note that these are global (machine-level) variables and you need to change them if you have other software that customises them already. I use the maximum of the avilable customisations for the time being (e.g. if you have software requiruing nproc to be 10000, then set sonarqube_nproc to 10000 too!)

Note that the role tasks setting up these values needs root elevation (via become: true ).

Other notable mentions

The role creates named volumes, as per recommendations. I've tried to use path-based volumes, but it always failed for me in some place (most likely permissions). This impacts the backup somewhat, but I don't care too much about it because:

  1. The amount of projects I have opened simultaneously is low, they can be updated with the relevant tokens quickly
  2. I care mostly about the latest results, not historical data

If you do care about backups, you'll need to take into account the named volumes and probably create a backup image with access to those.

OK, where it is?

You can grab the role from the Ansible galaxy, or you can look at its source code on github.

If you want more information, look here (SonarQube installation page), here (Running SonarQube With Docker Compose) or here (Full SonarQube installation via Ansible - via Docker images)