SonarQube Installation Hardware and Software Requirements

In this article we are going to cover SonarQube Pre-requisites, hardware prerequisites and software prerequisites, platform notes like linux, seccomp filter, fonts | SonarQube Installation Hardware and Software Requirements.

To set up SonarQube successfully, you’ll need to consider both hardware and software prerequisites.

SonarQube Installation Hardware and Software Requirements

Here’s a breakdown of the requirements in two parts:

  • Hardware Prerequisites
  • Software Prerequisites

Hardware Prerequisites:

  • CPU: The CPU requirements can vary based on the size and complexity of your codebase. For smaller projects, a multi-core processor should be sufficient. Larger projects with more code may require a more powerful CPU.
  • Memory (RAM): SonarQube’s memory requirements depend on the size of the codebase you’re analyzing. As a general guideline:
    • Small projects (less than 100,000 lines of code) can work with around 2 GB of RAM.
    • Medium-sized projects (100,000 to 500,000 lines of code) might need 4 GB or more.
    • Large projects (over 500,000 lines of code) may require 8 GB or more.
  • Disk Space: You’ll need disk space for the SonarQube installation and the database. The exact space required depends on the codebase size, but you should plan for a minimum of 10 GB for SonarQube and additional space for the database.
  • Network: A stable and reasonably fast network connection is required, especially if multiple users will access the SonarQube server simultaneously.
  • Elasticsearch: Elasticsearch for SonarQube’s performance involves:
    • Version Compatibility: Ensure that the version of Elasticsearch you’re using is compatible with your SonarQube version to avoid compatibility issues and ensure smooth operation.
    • Hardware Resources: Allocate sufficient resources to Elasticsearch, including memory (RAM), storage (preferably SSDs), and CPU cores. Elasticsearch benefits from having adequate resources for its operations.
    • Cluster Configuration: Configure Elasticsearch in a cluster setup for scalability and high availability. Plan the number of nodes and shards based on your workload and data volume to distribute the load effectively.
    • Indexing and Search Optimization: Tune Elasticsearch settings related to indexing, such as replicas, refresh intervals, and merge settings, to balance between indexing speed and search performance. Configure mappings and analyzers based on your data and search needs.
    • Monitoring and Maintenance: Set up monitoring tools to track Elasticsearch performance metrics. Regularly perform maintenance tasks like index optimization, shard management, and cluster health checks to ensure efficient operation.
    • Security Measures: Implement security measures such as authentication, encryption, and access control to secure Elasticsearch endpoints and data.
    • Upgrades and Configuration Settings: Stay updated with the latest Elasticsearch versions, apply patches, and fine-tune Elasticsearch configuration settings (e.g., thread pools, caching) based on your system’s resources and workload.

Software Prerequisites:

  • Operating System: SonarQube can be installed on various operating systems, including Windows, Linux, and macOS. Make sure your chosen operating system is supported by the version of SonarQube you plan to use.
  • Java Runtime Environment (JRE) or Java Developement Kit (JDK): You must have Java installed on the machine where you plan to run SonarQube. SonarQube 9.x requires Java 11 or higher.
  • SonarQube Server: Java version 17 is required for the SonarQube server. You must ensure that you have Java 17 installed on the machine where you plan to run the SonarQube server.
  • SonarScanners: The minimum recommended version for SonarScanners is also Java 17. Using Java 17 is advised to get the best performance and compatibility with the SonarQube ecosystem. Java 11 is deprecated for scanner runtime environments, so it’s recommended to avoid using it.
  • Database: SonarQube relies on a database to store its configuration and analysis data. You can use one of the following databases:
    • PostgreSQL (recommended): You can used PostgreSQL version 11 or higher.
    • Microsoft SQL Server: You can used Microsoft SQL version 2014, 2016, 2017, 2019 or 2022.
    • Oracle: You can used oracle version 21C, 19C or XE Editions.
  • Database Driver: Ensure you have the appropriate JDBC driver for the database you choose. SonarQube doesn’t come bundled with these drivers, so you need to download and configure them separately.
  • Web Browser: You’ll need a modern web browser (e.g., Chrome, Firefox, Safari, Microsoft edge) to access the SonarQube web interface. Enabling JavaScript in your web browser is essential to fully experience SonarQube and its interactive features.
  • Network Configuration: Ensure the necessary network configurations and firewall rules are set up to allow access to the SonarQube server, especially if it will be accessed by multiple team members.

Platforms Notes For running SonarQube:

  1. LINUX:

The necessary system parameters and user limits are properly configured for running SonarQube on a Linux system. Here’s a breakdown of the steps:

Checking Current Values:

Use the following commands to check the current values:

sysctl vm.max_map_count  	# View the value of vm.max_map_count
sysctl fs.file-max     	# View the value of fs.file-max
ulimit -n               		# View the current maximum open file descriptors for the user
ulimit -u               		# View the current maximum user processes (threads) limit

Setting Values Dynamically for the Current Session (as root):

To set these values temporarily for the current session, use these commands:

sysctl -w vm.max_map_count=524288  # Set vm.max_map_count
sysctl -w fs.file-max=131072       	   # Set fs.file-max
ulimit -n 131072                		   # Set maximum open file descriptors
ulimit -u 8192                  		   # Set maximum user processes (threads)

Setting Values More Permanently:

Update /etc/sysctl.d/99-sonarqube.conf (or /etc/sysctl.conf):

echo "vm.max_map_count=524288" >> /etc/sysctl.d/99-sonarqube.conf
echo "fs.file-max=131072" >> /etc/sysctl.d/99-sonarqube.conf
sysctl -p /etc/sysctl.d/99-sonarqube.conf  # Apply the changes

Update /etc/security/limits.d/99-sonarqube.conf (or /etc/security/limits.conf):

echo "sonarqube - nofile 131072" >> /etc/security/limits.d/99-sonarqube.conf
echo "sonarqube - nproc 8192" >> /etc/security/limits.d/99-sonarqube.conf

If Using systemd for SonarQube:

Update the unit file for SonarQube to include the limits:

[Service]
...
LimitNOFILE=131072
LimitNPROC=8192
...

These steps ensure that the necessary system parameters (vm.max_map_count, fs.file-max) and user limits (nofile and nproc) are configured properly for SonarQube to function optimally on a Linux system. Adjustments to these settings may require administrative privileges (root access).

2. seccomp filter:

The use of seccomp (secure computing mode) filters in Elasticsearch and the necessary configurations related to this security feature when running SonarQube.

Seccomp Filters and Elasticsearch:

  • Seccomp: It’s a feature in the Linux kernel that provides an additional layer of security by restricting the system calls available to a process.
  • Elasticsearch and Seccomp: Elasticsearch utilizes seccomp filters by default for enhanced security.

Here are the steps and information provided regarding seccomp usage with Elasticsearch in SonarQube:

Checking if seccomp is Available on the Kernel:

You can check if seccomp is available on your kernel using the following command:

grep SECCOMP /boot/config-$(uname -r)

If your kernel supports seccomp, the output should contain lines indicating support for SECCOMP, SECCOMP_FILTER, and SECCOMP:

CONFIG_HAVE_ARCH_SECCOMP_FILTER=y
CONFIG_SECCOMP_FILTER=y
CONFIG_SECCOMP=y

Configuration for Distributions Without Seccomp or Deactivated Seccomp:

In certain cases, distributions like Red Hat Linux 6 might have seccomp deactivated by default. If you cannot upgrade to a newer version with seccomp activated, you may need to explicitly deactivate this security layer for Elasticsearch used in SonarQube.

To deactivate seccomp for Elasticsearch in SonarQube, update the sonar.search.javaAdditionalOpts property in the sonar.properties file:

sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false

This configuration explicitly disables the seccomp security layer for Elasticsearch used by SonarQube.

3. Font in SonarQube:

The components required for font support in SonarQube on Linux servers:

Fontconfig: Fontconfig is a font configuration and customization system for Linux, essential for managing font settings, providing font matching, and enabling font customization across various applications.

Installation:

  • Debian/Ubuntu-based Systems:
sudo apt-get install fontconfig
  • Red Hat-based Systems (CentOS, Fedora):
sudo yum install fontconfig

FreeType Fonts (libfreetype6): FreeType is a font rendering engine used by various applications to accurately render fonts in different formats.

Installation:

  • Debian/Ubuntu-based Systems (libfreetype6):
sudo apt-get install libfreetype6
  • Red Hat-based Systems (freetype):
sudo yum install freetype

The libfreetype6 or freetype package includes necessary components and libraries required for rendering fonts using FreeType.

In this article we have covered SonarQube Pre-requisites, hardware prerequisites and software prerequisites, platform notes like linux, seccomp filter, fonts.

Related Articles:

How to Install SonarQube on Amazon Linux 2

Reference:

SonarQube Prerequisites and overview official page

About Priti Adkine

I am Priti Adkine working as Software Engineer and having 1+ years of Experience. Likes to share knowledge.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share via
Copy link