1. 相应的yaml
devops-test-ns.yaml
yaml
apiVersion: v1
kind: Namespace
metadata:
name: devops-testsonarqube.yaml
yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarqube-data
namespace: devops-test
spec:
accessModes:
- ReadWriteOnce
storageClassName: "local-path"
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: sonarqube
namespace: devops-test
labels:
app: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
template:
metadata:
labels:
app: sonarqube
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/master
operator: In
values: [ "true" ]
tolerations: # 允许调度到master节点
- key: node-role.kubernetes.io/control-plane # 控制平面节点
effect: NoSchedule # 容忍该污点的影响NoSchedule
operator: Exists # 该标签存在
initContainers:
- name: init-sysctl
image: busybox:1.28.4
imagePullPolicy: IfNotPresent
command:
- sysctl
- -w
- vm.max_map_count=262144
securityContext:
privileged: true
containers:
- name: sonarqube
image: sonarqube
imagePullPolicy: IfNotPresent
ports:
- containerPort: 9000
env:
- name: SONARQUBE_JDBC_USERNAME
value: "sonarUser"
- name: SONARQUBE_JDBC_PASSWORD
value: "123456"
- name: SONARQUBE_JDBC_URL
value: "jdbc:postgresql://postgres-sonar:5432/sonarDB"
livenessProbe:
httpGet:
path: /sessions/new
port: 9000
initialDelaySeconds: 30
periodSeconds: 30
readinessProbe:
httpGet:
path: /sessions/new
port: 9000
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 6
volumeMounts:
- mountPath: /opt/sonarqube/conf
name: data
- mountPath: /opt/sonarqube/data
name: data
- mountPath: /opt/sonarqube/extensions
name: data
volumes:
- name: data
persistentVolumeClaim:
claimName: sonarqube-data
---
apiVersion: v1
kind: Service
metadata:
name: sonarqube
namespace: devops-test
labels:
app: sonarqube
spec:
type: NodePort
ports:
- name: sonarqube
port: 9000
targetPort: 9000
protocol: TCP
selector:
app: sonarqubepgsql.yaml
yaml
---
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-data
namespace: devops-test
spec:
accessModes:
- ReadWriteOnce
storageClassName: "local-path"
resources:
requests:
storage: 1Gi
---
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres-sonar
namespace: devops-test
spec:
replicas: 1
selector:
matchLabels:
app: postgres-sonar
template:
metadata:
labels:
app: postgres-sonar
spec:
affinity:
nodeAffinity:
requiredDuringSchedulingIgnoredDuringExecution:
nodeSelectorTerms:
- matchExpressions:
- key: node-role.kubernetes.io/master
operator: In
values: [ "true" ]
tolerations: # 允许调度到master节点
- key: node-role.kubernetes.io/control-plane # 控制平面节点
effect: NoSchedule # 容忍该污点的影响NoSchedule
operator: Exists # 该标签存在
# imagePullSecrets:
# - name: harbor-secret
containers:
- name: postgres-sonar
image: postgres:14.2
imagePullPolicy: IfNotPresent
ports:
- containerPort: 5432
env:
- name: POSTGRES_DB
value: "sonarDB"
- name: POSTGRES_USER
value: "sonarUser"
- name: POSTGRES_PASSWORD
value: "123456"
volumeMounts:
- mountPath: /var/lib/postgresql/data
name: data
volumes:
- name: data
persistentVolumeClaim:
claimName: postgres-data
---
apiVersion: v1
kind: Service
metadata:
name: postgres-sonar
namespace: devops-test
labels:
app: postgres-sonar
spec:
type: NodePort
ports:
- name: postgres-sonar
port: 5432
targetPort: 5432
protocol: TCP
selector:
app: postgres-sonar2. 安装
bash
#创建资源
kubectl create -f devops-test-ns.yaml -f pgsql.yaml -f sonarqube.yaml
#查看资源
kubectl get deploy,po,svc -n devops-test3. 访问Sonarqube
bash
kubectl get service/sonarqube -n devops-test
获取到sonarqube对应的svc的端口为32700
因此,访问链接为http://{master-host}:32700/, 此处的host为k8s任意一个master节点的ip
默认的用户名密码为admin/admin,第一次登录之后会要求修改密码,此处修改密码为Reset_password1
http://{host}:32700/
admin/Reset_password14. 配置
登录到 sonarqube 后台 http://{master-host}/{sonarqube-svc-nodeport} admin/Reset_password1
- 生成token
点击头像 > MyAccount > Security > Generate Tokens > Type选择User Token > generate 生成 token 并复制 - 创建webhook服务
点击菜单栏Administration >Configuration > Webhooks > Create >
Name: jenkins
URL: http://{master-host}:{jenkins-svc-nodeport}/sonarqube-webhook/
Secret: 空置