k8s部署sonarqube

参考
https://www.cnblogs.com/ssgeek/p/11972773.html

下载sonarqube、postgres镜像

docker pull sonarqube:lts
docker tag sonarqube:lts harbor.uat.wuxingge.com.cn/uat/sonarqube:lts
docker push harbor.uat.wuxingge.com.cn/uat/sonarqube:lts

docker pull postgres:11.4
docker tag postgres:11.4 harbor.uat.wuxingge.com.cn/uat/postgres:11.4
docker push harbor.uat.wuxingge.com.cn/uat/postgres:11.4

部署postgresql

vim postgre_deploy_service.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: postgres-sonar
  namespace: devops
  labels:
    app: postgres-sonar
spec:
  replicas: 1
  selector:
    matchLabels:
      app: postgres-sonar
  template:
    metadata:
      labels:
        app: postgres-sonar
    spec:
      containers:
      - name: postgres-sonar
        image: harbor.uat.wuxingge.com.cn/uat/postgres:11.4
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 5432
        env:
        - name: POSTGRES_DB
          value: "sonarDB"
        - name: POSTGRES_USER
          value: "sonarUser"
        - name: POSTGRES_PASSWORD 
          value: "123456"
#        resources:
#          limits:
#            cpu: 1000m
#            memory: 2048Mi
#          requests:
#            cpu: 500m
#            memory: 1024Mi
        volumeMounts:
          - name: data
            mountPath: /var/lib/postgresql/data
      volumes:
      - name: data
        nfs: 
          server: 10.10.98.32
          path: /devops/postgresql
---
apiVersion: v1
kind: Service
metadata:
  name: postgres-sonar
  namespace: devops
  labels:
    app: postgres-sonar
spec:
  clusterIP: None
  ports:
  - port: 5432
    protocol: TCP
    targetPort: 5432
  selector:
    app: postgres-sonar

部署sonarqube

vim sonarqube_deploy_service.yaml

apiVersion: apps/v1
kind: Deployment
metadata:
  name: sonarqube
  namespace: devops
  labels:
    app: sonarqube
spec:
  replicas: 1
  selector:
    matchLabels:
      app: sonarqube
  template:
    metadata:
      labels:
        app: sonarqube
    spec:
      initContainers:
      - name: init-sysctl
        image: busybox
        imagePullPolicy: IfNotPresent
        command: ["sysctl", "-w", "vm.max_map_count=262144"]
        securityContext:
          privileged: true
      containers:
      - name: sonarqube
        image: harbor.uat.wuxingge.com.cn/uat/sonarqube:lts
        ports:
        - containerPort: 9000
        env:
        - name: SONARQUBE_JDBC_USERNAME
          value: "sonarUser"
        - name: SONARQUBE_JDBC_PASSWORD
          value: "123456"
        - name: SONARQUBE_JDBC_URL
          value: "jdbc:postgresql://postgres-sonar:5432/sonarDB"
#        livenessProbe:
#          httpGet:
#            path: /sessions/new
#            port: 9000
#          initialDelaySeconds: 60
#          periodSeconds: 30
#        readinessProbe:
#          httpGet:
#            path: /sessions/new
#            port: 9000
#          initialDelaySeconds: 60
#          periodSeconds: 30
#          failureThreshold: 6
#        resources:
#          limits:
#            cpu: 2000m
#            memory: 2048Mi
#          requests:
#            cpu: 1000m
#            memory: 1024Mi
        volumeMounts:
        - mountPath: /opt/sonarqube/conf
          name: data
          subPath: conf
        - mountPath: /opt/sonarqube/data
          name: data
          subPath: data
        - mountPath: /opt/sonarqube/extensions
          name: data
          subPath: extensions
      volumes:
      - name: data
        nfs: 
          server: 10.10.98.32
          path: /devops/sonarqube
---
apiVersion: v1
kind: Service
metadata:
  name: sonarqube
  namespace: devops
  labels:
    app: sonarqube
spec:
  ports:
  - name: sonarqube
    port: 9000
    targetPort: 9000
    protocol: TCP
  selector:
    app: sonarqube

vim ingress.yaml

---
kind: Ingress
apiVersion: extensions/v1beta1
metadata: 
  name: sonarqube
  namespace: devops
spec:
  rules:
  - host: sonarqube.uat.wuxingge.com.cn
    http:
      paths:
      - path:
        backend:
          serviceName: sonarqube
          servicePort: 9000

默认用户名密码:admin/admin

sonarqube ldap认证

参考
https://docs.sonarqube.org/8.9/instance-administration/delegated-auth/

vim /opt/sonarqube/conf/sonar.properties

# LDAP configuration
sonar.security.realm=LDAP
ldap.url=ldap://192.168.44.20
ldap.bindDn=cn=writeuser,cn=manager,dc=wuxingge,dc=com,dc=cn
ldap.bindPassword=password123

ldap.user.baseDn=ou=4474,ou=4260,ou=4259,ou=employee,dc=wuxingge,dc=com,dc=cn
ldap.user.request=(&(objectClass=inetOrgPerson)(uid={login}))
ldap.user.realNameAttribute=displayName
ldap.user.emailAttribute=mail
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

wuxingge

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值