Sonarqube pod probes KO after AWS account migration


I have recently deployed sonarqube helm chart 10.2.0-community on EKS cluster and everything is working fine
Now we are migrating the AWS account to a new one with ipv6 (with backup/restore of the database), I have then reinstalled the same chart on this new account and I encounter a problem with the startup/liveness/readiness probes being KO and the pod reboot all the time.

Readiness probe failed:
Liveness probe failed:

I don’t see any problem in the logs.
From inside the pod, I have noticed this:

wget http://[2a04:1f41:0:6:4325::2]:9000/api/system/status
--2024-01-16 23:01:31--  http://[2a04:1f41:0:6:4325::2]:9000/api/system/status
Connecting to [2a04:1f41:0:6:4325::2]:9000... connected.
HTTP request sent, awaiting response... 200
Length: unspecified [application/json]
status: Permission denied
Cannot write to ‘status’ (Permission denied).

wget --timeout=30 --header="X-Sonar-Passcode: $SONAR_WEB_SYSTEMPASSCODE" "http://[2a04:1f41:0:6:4325::2]:9000/api/system/liveness"
--2024-01-16 23:03:43--  http://[2a04:1f41:0:6:4325::2]:9000/api/system/liveness
Connecting to [2a04:1f41:0:6:4325::2]:9000... connected.
HTTP request sent, awaiting response... 204
2024-01-16 23:03:43 (0.00 B/s) - ‘liveness’ saved [0]

whereas the liveness command:

wget --quiet -O /dev/null --timeout=30 --header="X-Sonar-Passcode: $SONAR_WEB_SYSTEMPASSCODE" "http://[2a04:1f41:0:6:4325::2]:9000/api/system/liveness"

does not return anything fro inside the pod.

The settings I have changed to install on the new account to be ipv6 compliant:

    value: ""
  - name: SONAR_WEB_HOST
    value: "[::]"

I have also tried to increase probes timeout.

Am I missing anything?

Best regards!

1 Like

I think I have identified the problem.
In ipv6, hooks are missing in liveness and readiness probes test url.

This PR should solve it: Fix probes for IPv6 and DualStack by p-fruck · Pull Request #404 · SonarSource/helm-chart-sonarqube · GitHub


Hello @sonarCool, thanks a lot for participating in the community.

We looked back at Helm/Docker IPv6 compatibility and identified that your PR works well for non-dce editions due to localhost being compatible with dual-stack. Nonetheless the datacenter edition requires changes directly inside the product.

A product ticket will be created soon.

In the meantime are you fine closing this? We will wait for sonarqube-dce to implement IPv6 before implementing the Helm/Docker one.