Template for a good bug report, formatted with Markdown:
versions used (SonarQube, Scanner, Plugin, and any relevant extension)
Version: 8.1.0.31237
error observed (wrap logs/code around triple quote ``` for proper formatting)
Trying to read Java heap memory size from Sonarqube CE running with the following config:
/usr/lib/jvm/java-11-openjdk-11.0.6.10-1.el7_7.x86_64/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/var/sonarqube/temp --add-opens=java.base/java.util=ALL-UNNAMED -Xmx2G -Xms128m -XX:+HeapDumpOnOutOfMemoryError -Dcom.sun.management.jmxremote.port=3332 -Dcom.sun.management.jmxremote.rmi.port=3332 -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.ssl=false -Dhttp.nonProxyHosts=localhost|127.|[::1] -cp ./lib/common/:/usr/local/sonarqube-8.1.0.31237/lib/jdbc/mssql/mssql-jdbc-7.2.2.jre11.jar org.sonar.ce.app.CeServer /var/sonarqube/temp/sq-process14733455275180470625properties
I get the following error (using nagios to retrieve data:
/usr/local/nagios/scripts/check_java -u service:jmx:rmi:///jndi/rmi://:3332/jmxrmi -t Mem -U MB -w 70 -c 85 Could not retrieve data: java.lang.SecurityException: attempt to add a Permission to a readonly Permissions object
It works when trying to retrieve data from Sonarqube WS engine for example:
/usr/local/nagios/scripts/check_java -u service:jmx:rmi:///jndi/rmi://:3331/jmxrmi -t Mem -U MB -w 70 -c 85
OK: Memory Usage: 10% (107 MB / 1024 MB)
| heapMemoryUsed=107MB;;;0;
| heapMemoryCommited=185MB;;;0;
| heapMemoryMax=1024MB;;;0;
| nonheapMemoryUsed=152MB;;;0;
| nonheapMemoryCommited=173MB;;;0;
steps to reproduce
I only used Nagios plugin check_java but one can try to read rmi with other tools.
potential workaround
Use OS tools to check memory used
Each time we try to get the JMX metrics from the CE JVM, we get the SecurityException describe above (We can eventually join a complete log with CE log level set to DEBUG).
Our sonar.ce.javaAdditionalOpts is quite the same as described above:
We have exported the ports 9270 and 9271 of the SonarQube container to make them accessible remotely.
We are currently using an incomplete workaround: we can export some JMX metrics by using the JMX Exporter as an agent in the CE JVM…
… but the the PendingTimemetric of the CE JVM is missing because it is implemented as an Option in the SonarQube code and this type is not supported by the JMX Exporter when it tries to get the attributes of the CE JMX bean.
And, as it written in the SQ monitoring Web page, this metric is important to us as it “together with PendingCount, helps you know if analyses are stacking and taking too long to start processing”.
Thus we are very interested in a fix or any workaround to get the JMX metrics of the CE JVM when SonarQube runs in a Docker container.
