Skip to main content

Secure nginx with Let's Encrypt on Ubuntu 18.04

Deploy Sonarqube on Kubernete GCP - Linuxguru

Image by sonarqube

Sonarqube deployment on Kubernetes GCP.

Sonarqube is an opensource software for code analysis and code inspection utility. You can detect bugs, security vunerabilities and code smells using sonarqube analysis. it's support 20+ programming languages. In this tutorial I will deploy sonarqube on Kubernetes. So let's start the deploying.

Prerequisites

Sonarqube will require database, I am using postgres, You can use other database also.
  • Bash/PowerShell terminal with kubectl installed
  • PostgreSQL database to store SonarQube’s data
  • Kubernetes cluster

1. Create Postgress DB GCP Cloud SQL.

Click here to create postgress db along with username and password.

2. Generate base64 encoded password.

Create a Secret to store PostgreSQL password, Kubernetes has a built-in capability to store secrets. To create a secret you need to base64 encode a secret value.

* Put your postgress db password here for encode.
echo -n 'yourpassword' | base64
It will give you encode password , Copy the password and put it in the secret file.

3. Apply secret file.

apiVersion: v1
kind: Secret
metadata:
  name: postgres
type: Opaque
data:
  password: MjM0dsdsdsJCNAITU=

4. Create PVC storage.

We need to create 2 PVCs since SonarQube uses two locations to store data /opt/sonarqube/data/ and /opt/sonarqube/extensions/.
  • PVC for Sonar’s data directory
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: sonar-data
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 3Gi
  • PVC for Sonar’s extensions directory
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
  name: sonar-extensions
spec:
  accessModes:
    - ReadWriteOnce
  resources:
    requests:
      storage: 3Gi

5. Apply deployment file.

After creating PVCs and Postgres secret we are ready to deploy using the following YAML file.
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
  labels:
    app: sonarqube
  name: sonarqube
spec:
  replicas: 1
  template:
    metadata:
      labels:
        app: sonarqube
    spec:
      containers:
        - name: sonarqube
          image: sonarqube:7.1
          volumeMounts:
          - mountPath: "/opt/sonarqube/data/"
            name: sonar-data
          - mountPath: "/opt/sonarqube/extensions/"
            name: sonar-extensions
          env:
          - name: "SONARQUBE_JDBC_USERNAME"
            value: "dbusername"  #Put your db username
          - name: "SONARQUBE_JDBC_URL"
            value: "jdbc:postgresql://yourdatabaseip/sonar" #DB URL
          - name: "SONARQUBE_JDBC_PASSWORD"
            valueFrom:
              secretKeyRef:
                name: postgres #don't change it 
                key: password # don't change it
          ports:
          - containerPort: 9000
            protocol: TCP
      volumes:
      - name: sonar-data
        persistentVolumeClaim:
          claimName: sonar-data
      - name: sonar-extensions
        persistentVolumeClaim:
          claimName: sonar-extensions
* Update database username and DB URL in deployment file. don't change password field, it will fetch password from the secret file which we have applied.

6. Expose it service to the load balancer.

apiVersion: v1
kind: Service
metadata:
  name: sonarqube-service
spec:
  type: LoadBalancer
  selector:
    app: sonarqube
  ports:
  - protocol: TCP
    port: 9000
    targetPort: 9000

  • Check the endpoint
kubectl get svc
NAME                            TYPE           CLUSTER-IP      EXTERNAL-IP     PORT(S)        AGE
Sonarqube                      LoadBalancer   10.10.10.40      35.25.35.25   80:31546/TCP     10m

You can access it by URL. Default username and password will be admin/admin. Please change it after login.


Plugin Installation.

You have to go to the Administration > Marketplace and search the plugin name you want and install, Restart server after plugin installed.

Here we have successfully deploy sonarqube on Kubernetes engine. Here is part 2 for how you can add your code to sonarqube and analysis them. Click here to read the part 2

Comments

Post a Comment

Popular posts from this blog

Another instance of Certbot is already running - Solved - Linux guru

Error : Another instance of Certbot is already runningcertbot --server https://acme-v02.api.letsencrypt.org/directory --manual --preferred-challenges dns --installer nginx -d *.vishalvyas.com Another instance of Certbot is already running Reason : when you run certbot form your machine and unexpectedly stop the command, Then cert bot is not running but it left some .certbot.lock files behind.You need to kill the certbot instance form your machine. Solution : Run the below command to find killed certbot.find / -type f -name ".certbot.lock" You can see result of the command, If there are, you can remove them. Run below command to remove them.find / -type f -name ".certbot.lock" -exec rm {} \; And try again.

Install Apache Using Ansible Playbooks

Ansible is a automation tool which is widely used, you can install and install, configure and manage number of system and services remotely. you can install software and manage services and tasks without needing manually log in to each servers. you have to install ansible in one machine and use ssh to communicate host each other.



Ansible uses Playbooks which is written in YAML format. it's uses module base format. with playbook can run multiple tasks at time and provide more advance functionality, YAML file always start with "---" syntax. In this article we will see how to install and configure apahce2 using ansible YAML script. Master server : 10.80.253.11 [Ansible server, ] Slave 1 : 10.80.253.12 [need to install apache2 in slave 1] Slave 2 : 10.80.253.13 [need to install apache2 in slave 2] We need to configure slave server info in our ansible configuration file, click here to know how to add client machine to ansible. Let's update our apache2.yml file and install…

Create aws s3 bucket using cli

In this article i will explain you to how to manage s3 bucket and objects using AWS cli command line interface. for that you will have to configure AWS cli interface to your local linux machine. You can configure cli from. HERE.




After configured aws cli to your local machine, you can run all below commands. How to create bucket using AWS Cli.root@master:~# aws s3 mb s3://linuxgurubucket make_bucket: linuxgurubucket Listing Bucket : To list all bucket : root@master:~# aws s3 ls 2018-05-01 15:28:37 linuxgurubucket To list all objects from bucket :root@master:~# aws s3 ls s3://linuxgurubucket 2018-05-01 15:32:16 71515 vishal.jpg How to copy local file to s3 using aws cp command :root@master:~# aws s3 cp ansible.sh s3://linuxgurubucket/ upload: ./ansible.sh to s3://linuxgurubucket/ansible.sh To check it's upload or not :root@master:~# aws s3 ls s3://linuxgurubucket/ 2018-05-01 15:34:19 82 ansible.sh 2018-05-01 15:32:16 71515 vishal.jpg To remove file from s3 bucket using cli: