Kubernetes集群中部署SonarQube服务
以下是在Kubernetes集群中部署SonarQube服务的分步指南,包含持久化存储、数据库配置和高可用性建议:
1. 前置条件
- 已部署Kubernetes集群(版本≥1.19)
- 安装
kubectl和helm工具 - 配置StorageClass(如NFS、Ceph、EBS等)
2. 部署PostgreSQL数据库
创建PersistentVolumeClaim(PVC)
# postgres-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: postgres-pvc
spec:
storageClassName: "standard" # 替换为实际StorageClass
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 10Gi
部署PostgreSQL
# postgres-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: postgres
spec:
replicas: 1
selector:
matchLabels:
app: postgres
template:
metadata:
labels:
app: postgres
spec:
containers:
- name: postgres
image: postgres:13
env:
- name: POSTGRES_USER
value: sonar
- name: POSTGRES_PASSWORD
value: sonar-secret
- name: POSTGRES_DB
value: sonarqube
ports:
- containerPort: 5432
volumeMounts:
- name: postgres-data
mountPath: /var/lib/postgresql/data
volumes:
- name: postgres-data
persistentVolumeClaim:
claimName: postgres-pvc
---
apiVersion: v1
kind: Service
metadata:
name: postgres
spec:
selector:
app: postgres
ports:
- protocol: TCP
port: 5432
targetPort: 5432
执行命令:
kubectl apply -f postgres-pvc.yaml
kubectl apply -f postgres-deployment.yaml
3. 部署SonarQube
创建SonarQube PVC
# sonarqube-pvc.yaml
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonarqube-pvc
spec:
storageClassName: "standard"
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 20Gi
部署SonarQube
# sonarqube-deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: sonarqube
spec:
replicas: 1
selector:
matchLabels:
app: sonarqube
strategy:
type: Recreate # 确保单副本时数据一致性
template:
metadata:
labels:
app: sonarqube
spec:
containers:
- name: sonarqube
image: sonarqube:9.9.1-community
env:
- name: SONAR_JDBC_URL
value: jdbc:postgresql://postgres:5432/sonarqube
- name: SONAR_JDBC_USERNAME
value: sonar
- name: SONAR_JDBC_PASSWORD
value: sonar-secret
ports:
- containerPort: 9000
volumeMounts:
- name: sonarqube-data
mountPath: /opt/sonarqube/data
- name: sonarqube-extensions
mountPath: /opt/sonarqube/extensions
volumes:
- name: sonarqube-data
persistentVolumeClaim:
claimName: sonarqube-pvc
- name: sonarqube-extensions
emptyDir: {}
---
apiVersion: v1
kind: Service
metadata:
name: sonarqube
spec:
type: NodePort # 生产环境建议使用Ingress
selector:
app: sonarqube
ports:
- protocol: TCP
port: 9000
targetPort: 9000
nodePort: 31000
执行命令:
kubectl apply -f sonarqube-pvc.yaml
kubectl apply -f sonarqube-deployment.yaml
4. 验证部署
# 检查Pod状态
kubectl get pods -l app=sonarqube
# 查看日志
kubectl logs -f deployment/sonarqube
# 获取访问地址
kubectl get svc sonarqube
访问地址:http://<NodeIP>:31000
默认账号:admin/admin(首次登录需修改)
5. 进阶配置
(a) 使用Ingress暴露服务
# sonarqube-ingress.yaml
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: sonarqube
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
spec:
rules:
- host: sonarqube.demonlg.cn
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: sonarqube
port:
number: 9000
(b) 高可用配置(企业版)
# 需要SonarQube企业版支持集群模式
spec:
replicas: 3
strategy:
type: RollingUpdate
containers:
- name: sonarqube
env:
- name: SONAR_CLUSTER_ENABLED
value: "true"
- name: SONAR_CLUSTER_SEARCH_HOSTS
value: "sonarqube-0.sonarqube-headless:9000,sonarqube-1.sonarqube-headless:9000"
© 资源限制
resources:
requests:
memory: "2Gi"
cpu: "1000m"
limits:
memory: "4Gi"
cpu: "2000m"
6. 备份与维护
数据库备份
# 手动备份PostgreSQL数据
kubectl exec postgres-pod -- pg_dump -U sonar sonarqube > sonarqube-backup.sql
升级SonarQube
- 停止当前Deployment
- 备份数据库和存储卷
- 修改镜像版本(如
sonarqube:10.0.0-community) - 逐步滚动更新
7. 故障排查
- Pod启动失败:
- 检查数据库连接配置(
SONAR_JDBC_URL) - 确认PVC是否正确挂载(
kubectl describe pod sonarqube-pod)
- 检查数据库连接配置(
- 性能问题:
- 增加JVM堆内存:
-Dsonar.ce.javaOpts=-Xmx4g -Dsonar.web.javaOpts=-Xmx4g
- 增加JVM堆内存:
通过以上步骤,您可以在Kubernetes集群中部署一个生产可用的SonarQube服务,实现代码质量的持续分析。