SonarQube with MySQL 5.7
Welcome back.
Last time we used some tricks to get SonarQube running on Solaris 11.3/SPARC again (see SonarQube 6.3.1 on Solaris 11 SPARC).
There's a big warning when you open http://your.hostname:9000
in a browser though:
Embedded database should be used for evaluation purpose only
The embedded database will not scale, it will not support upgrading to newer versions of SonarQube, and there is no support for migrating your data out of it into a different database engine.
Let's fix that and use a real database management system. We're doing this in a LDOM again with c1d1
as our non-OS database LUN.
# pkg install --no-backup-be database/mysql-57 database/mysql-57/client # zpool create tank c1d1 # zfs create tank/mysql # zfs create -o recordsize=16k -o primarycache=metadata tank/mysql/data # zfs create -o compression=lz4 tank/mysql/log # chown -R mysql:mysql /tank/mysql
Now setup the MySQL database for SonarQube.
# cat << EOF >> /etc/mysql/5.7/my.cnf bind_address=localhost datadir=/tank/mysql/data innodb_log_group_home_dir=/tank/mysql/log datadir=/tank/mysql/data innodb_buffer_pool_size=2g innodb_buffer_pool_instances=4 innodb_log_file_size=256M innodb_log_buffer_size=4M innodb_checksum_algorithm=strict_crc32 query_cache_type=0 innodb_flush_log_at_trx_commit=2 skip-innodb_doublewrite max_allowed_packet=128M # use 256M pages on SPARC large-pages super-large-pages secure_file_priv=NULL explicit_defaults_for_timestamp ssl-ca=ca.pem ssl-cert=server-cert.pem ssl-key=server-key.pem EOF # svccfg -s mysql:version_57 setprop mysql/data=/tank/mysql/data # svccfg -s mysql:version_57 refresh # svcadm enable mysql:version_57 # /usr/mysql/5.7/bin/mysql_ssl_rsa_setup Generating a 2048 bit RSA private key ... writing new private key to 'client-key.pem' # chown mysql:mysql /tank/mysql/data/*.pem
Good, the database is up and running. Let's set a new root password, secure the database and create the sonar MySQL user.
# grep 'temporary password' /tank/mysql/data/$(uname -n).err 2017-04-19T10:00:19.759911Z 1 [Note] A temporary password is generated for root@localhost: ziIzhs/Kl8_X # /usr/mysql/5.7/bin/mysql_secure_installation ... # /usr/mysql/5.7/bin/mysql -u root -p << EOF CREATE DATABASE sonar CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci; GRANT ALL PRIVILEGES ON sonar.* TO 'sonar'@'localhost' IDENTIFIED BY 'HsOzwm78vxJz0JlE'; FLUSH PRIVILEGES; quit EOF
Last thing, tell SonarQube how to use the new sonar MySQL database.
# perl -w -pi -e 's/^#(sonar.jdbc.username=)$/${1}sonar/; s/^#(sonar.jdbc.password=)$/${1}HsOzwm78vxJz0JlE/' \ /opt/sonarqube-6.3.1/conf/sonar.properties # perl -w -pi -e 's/^#(sonar.jdbc.url=jdbc:mysql.*)$/${1}&useSSL=false&maxAllowedPacket=67108864/' \ /opt/sonarqube-6.3.1/conf/sonar.properties
Restart SonarQube and check if it works.
# /opt/sonarqube-6.3.1/bin/solaris-sparc-64/sonar.sh restart Stopping SonarQube... Waiting for SonarQube to exit... Stopped SonarQube. Starting SonarQube... Started SonarQube. # tail -f /opt/sonarqube-6.3.1/logs/sonar.log ... 2017.04.19 12:18:14 INFO app[][o.s.application.App] SonarQube is up
Excellent.
SonarQube System Info |
Read the next part at SonarQube running as non-root behind a SSL reverse proxy.
No comments:
Post a Comment