Deploying sonarqube in the cloud with an external ingress

anthonylondon · March 3, 2022, 9:00pm

hi, I am deploying sonar on GKE - I installed sonar using a helm chart ,using the GKE native ingress, so I disabled the sonarqube ingress ,

but get no traffic into the sonarqube pod - I have a http timeout , and no logs to see.

i can’t see how to turn on debug level on sonar

I wonder what I need to do to get the GKE native ingress working with sonarqube?

Tobias_Trabelsi · March 4, 2022, 7:34am

Hi @anthonylondon ,

if you are using our official helm chart, you can configure the ingress like this:

---
ingress:
  enabled: true
  # Used to create an Ingress record.
  hosts:
    - name: sonarqube.your-org.com
      # Different clouds or configurations might need /* as the default path
      path: /
      # For additional control over serviceName and servicePort
      # serviceName: someService
      # servicePort: somePort
      # the pathType can be one of the following values: Exact|Prefix|ImplementationSpecific(default)
      pathType: Prefix
  annotations:
    kubernetes.io/ingress.class: "gce"
  # kubernetes.io/tls-acme: "true"

  # Set ingressClassName if kubernetes version is >= 1.18
  # Reference: https://kubernetes.io/blog/2020/04/02/improvements-to-the-ingress-api-in-kubernetes-1.18/
  ingressClassName: gce

# Additional labels for Ingress manifest file
  # labels:
  #  traffic-type: external
  #  traffic-type: internal
  tls: []
  # Secrets must be manually created in the namespace.
  # - secretName: chart-example-tls
  #   hosts:
  #     - chart-example.local

or if you don’t want the ingress to be deployed via our helm chart, you can create on based on the rendered template on your own

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    kubernetes.io/ingress.class: gce
  labels:
    app: sonarqube
  name: sonarqube-sonarqube
spec:
  ingressClassName: gce <--- if kubernetes version is >= 1.18
  rules:
  - host: sonarqube.your-org.com
    http:
      paths:
      - backend:
          service:
            name: sonarqube-sonarqube
            port:
              number: 9000
        path: /
        pathType: Prefix

that all said i would really recommand using the nginx-ingress class as depending on the scanner size you will need to increase the body size of the ingress and as far as i know this is currently not possible with gce ingress. with nginx-ingress you can define the body size using the annotation nginx.ingress.kubernetes.io/proxy-body-size.

hope that helps

anthonylondon · March 4, 2022, 8:50am

Thanks
May I ask
for us port 8080 is better than 9000
i tried using the helm parameter -service.internalPort to replace 9000 with 8080

but the port-forward still uses 9000 , the helm chart does not seem to pick up 8080 for the internal port?

Tobias_Trabelsi · March 4, 2022, 10:08am

internal port is the port where sonarqube is exposed from the container. if you want to change the port where sonarqube is exposed to the service you need to change the external port.

service:
  type: ClusterIP
  externalPort: 8080
  internalPort: 9000
  labels:
  annotations: {}

our helm chart picks up this change so this will change the ingress, but if you deployed the ingress manually, you will need to change the backends service port as well.

anthonylondon · March 7, 2022, 4:38pm

Hi, thanks for your reply
i changed to
service.internalPort 8080

but from the pod logs i can still see it starting http on 9000

some blogs mention : #sonar.web.port=9000 , but i tried to add it in the manifest with no success

some blogs mention this issue, i have tried your LTE version and the latest 2.0.0 helm chart - all the same , they all start on 9000 not 8080

Tobias_Trabelsi · March 8, 2022, 7:17am

I think there is a little misunderstanding here.
The application can start on the port that is defined on sonar.web.port (if using properties) or SONAR_WEB_PORT (if using env vars) and defaults to 9000. This is translated to the service.internalPort of the helm chart. The service.externalPort still exposes this service on port 9000 if not modified.

So if you want to change the internal port AND the external port for whatever reason you need to set the following values in the helm chart:

env:
  - name: SONAR_WEB_PORT
    value: 8080
service:
  type: ClusterIP
  externalPort: 8080
  internalPort: 8080
  labels:
  annotations: {}

anthonylondon · March 8, 2022, 11:34am

it finally worked,
I had to add:
SONAR_WEB_PORT to get port 8080 for the pod exposed

in my argoCD

apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
  name: sonar-app-install
  namespace: argocd
  finalizers:
    - resources-finalizer.argocd.argoproj.io
spec:
  project: sonar
  source:
    repoURL: 'https://SonarSource.github.io/helm-chart-sonarqube'
    targetRevision: 2.0.0+248
    helm:
      values: |-
        env:
          - name: SONAR_WEB_PORT
            value: "8080"
      parameters:
        - name: 'ingress.hosts[0].name'
          value: 'http://localhost'
        - name: service.internalPort
          value: '8080'
        - name: service.externalPort
          value: '8080'
        - name: ingress.enabled
          value: 'false'
        - name: service.type
          value: NodePort

my health check failed due to port 9000 even though i am using 8080 for LTS 1.x helm chart

so using 2.x version

system · March 15, 2022, 11:34am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.