Devops Training

Monday, 2 May 2022

How to install sonarqube on ubuntu 18.04

How to install SonarQube on Ubuntu 18.04 Linux

SonarQube is one of the popular static code analysis tool. SonarQube is java based tool along with back end - back end can be MySQL, Oracle or PostgreSQL. We will use Postgres for set up on Ubuntu.

Please find steps for installing SonarQube on Ubuntu EC2. Make sure port 9000 is opened in security group(firewall rule).

Let us start with java install (skip java install if you already have it installed)

1. Java steps

sudo apt-get update && sudo apt-get install default-jdk -y

Verify Java Version

java -version

openjdk version "1.8.0_191"

OpenJDK Runtime Environment (build 1.8.0_191-8u191-b12-2ubuntu0.16.04.1-b12)

OpenJDK 64-Bit Server VM (build 25.191-b12, mixed mode)

2. Postgres Installation

sudo sh -c 'echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" >> /etc/apt/sources.list.d/pgdg.list'

sudo wget -q https://www.postgresql.org/media/keys/ACCC4CF8.asc -O - | sudo apt-key add -

sudo apt-get -y install postgresql postgresql-contrib

sudo systemctl start postgresql

sudo systemctl enable postgresql

Login as postgres user now

sudo su - postgres

Now create a user below

createuser sonar

Switch to sql shell by entering

psql

Execute the below three lines (one by one)

ALTER USER sonar WITH ENCRYPTED password 'password';

CREATE DATABASE sonarqube OWNER sonar;

GRANT ALL PRIVILEGES ON DATABASE sonarqube to sonar;

type exit to come out of postgres user.

3. Now install SonarQube 8.6 Web App

sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-8.6.0.39681.zip

sudo apt-get -y install unzip
sudo unzip sonarqube*.zip -d /opt

sudo mv /opt/sonarqube-8.6.0.39681 /opt/sonarqube -v

Create Group and User:

sudo groupadd sonarGroup

Now add the user with directory access

sudo useradd -c "user to run SonarQube" -d /opt/sonarqube -g sonarGroup sonar

sudo chown sonar:sonarGroup /opt/sonarqube -R

Modify sonar.properties file
sudo vi /opt/sonarqube/conf/sonar.properties
uncomment the below lines by removing # and add values highlighted yellow
sonar.jdbc.username=sonar
sonar.jdbc.password=password

Next, Add the below line
sonar.jdbc.url=jdbc:postgresql://localhost/sonarqube

Press escape, and enter :wq! to come out of the above screen.

Edit the sonar script file and set RUN_AS_USER

sudo vi /opt/sonarqube/bin/linux-x86-64/sonar.sh

Add enable the below line

RUN_AS_USER=sonar

Create Sonar as a service(this will enable to start automatically when you restart the server)

Execute the below command:

sudo vi /etc/systemd/system/sonar.service

add the below code in green color:
[Unit]
Description=SonarQube service
After=syslog.target network.target

[Service]
Type=forking

ExecStart=/opt/sonarqube/bin/linux-x86-64/sonar.sh start
ExecStop=/opt/sonarqube/bin/linux-x86-64/sonar.sh stop
LimitNOFILE=131072
LimitNPROC=8192
User=sonar
Group=sonarGroup
Restart=always

[Install]
WantedBy=multi-user.target

Save the file by entering :wq!

Kernel System changes

we must make a few modifications to a couple of kernel system limits files for sonarqube to work.

sudo vi /etc/sysctl.conf

Add the following lines to the bottom of that file:

vm.max_map_count=262144
fs.file-max=65536

Next, we're going to edit limits.conf. Open that file with the command:

sudo vi /etc/security/limits.conf
At the end of this file, add the following:

sonar - nofile 65536
sonar - nproc 4096

Reload system level changes without server boot

sudo sysctl -p

Start SonarQube Now

sudo systemctl start sonar

sudo systemctl enable sonar

sudo systemctl status sonar

type q now to come out of this mode.
Now execute the below command to see if Sonarqube is up and running. This may take a few minutes.

check the Sonar logs to make sure there is no error:

tail -f /opt/sonarqube/logs/sonar*.log

Make sure you get the below message that says sonarqube is up..

Now access sonarQube UI by going to browser and enter public dns name with port 9000

Now to go to browser --> http://your_SonarQube_publicdns_name:9000/

Friday, 11 March 2022

How to Build Terraform Script Scratch to SkyScrapper

Step 1: Create the main terraform config file - main.tf

Go to your terraform work space....and launch vscode

Step 2: Get the Code Block for The Provider Section

Go to https://registry.terraform.io/ and Select Browse Provider

Select your provider- Aws

Step 3:

Step 4: Copy the code block skeleton: See below and paste in your main.tf file

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
}

Step 5: Lets get the config options: Click on documentation nd scroll down to usage example:

Step 6: copy the config options as pictured above and replace with ur region, secret key, accesskey

So our code will now look like below:

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
  region     = "us-east-2"
  access_key = "ur access key"
  secret_key = "ur secret key"
}

Step 7: Now let us add a default tag to our code. Scroll down on the page to default tag usage and copy the code(pls modify as required)

See code to copy below, Add it below secret key

default_tags {
    tags = {
      Environment = "Test"
      Name        = "Provider Tag"
    }
  }

it will look like below:

Our Code will now look like this:

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
  region     = "us-east-2"
  access_key = "AKetetettetetettetwwuquuququq"
  secret_key = "wtwtetetett2tt22266262wfwffwf"
  default_tags {
    tags = {
      Environment = "Dev"
      Name        = "aws_dev"
    }
  }
}

This takes care of our connection to Aws. The next thing will be to create a resource. To do this you have to browse the available resource for aws

Aws has lots of resources , scroll to the one you want. this eg we will create ec2

Copy the aws_instance resource block and add to ur script, this will form our template

So our code will look like this:

terraform {

required_providers {

aws = {

source = "hashicorp/aws"

version = "4.4.0"

}

provider "aws" {

# Configuration options

region = "us-east-2"

access_key = "Axccxcxcxcxccxcxcxccxcxc"

secret_key = "pxxcxcxcxccxvxvvx"

default_tags {

tags = {

Environment = "Dev"

Name = "aws_dev"

}

resource "aws_instance" "web" {

}

Now we have the resource block ready, now its time to inject the config variables for the instance resource

Go to modules and select the resource you want. we want to create and ec2 instance so we will select a module for that

Step 8: Go to registry: https://registry.terraform.io/ ....Browse Modules

In the search type ec2 and look for the module for creating an ec2 instance, Scroll to find it under modules

Scroll Down and copy the below block and add to your code

Your code will now look like below

Pls note the ff variables arent required

name not required
source - not required
version -not required

Our new code will look like below

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
  region     = "us-east-2"
  access_key = "Axccxcxcxcxccxcxcxccxcxc"
  secret_key = "pxxcxcxcxccxvxvvx"
  default_tags {
    tags = {
      Environment = "Dev"
      Name        = "aws_dev"
    }
  }
}

resource "aws_instance""myec2-instance" {
  ami                    = "ami-ebd02392"
  instance_type          = "t2.micro"
  key_name               = "Augustkey"
  vpc_security_group_ids = ["sg-12345678"]
  tags = {
    Terraform   = "true"
    Environment = "Dev"
    Name        = "My_ec2 instance"
  }
}

Now modify the vpc_security_group_ids so that we will use the default security group

vpc_security_group_ids = [aws_security_group.ec2_sg.id]

Our code will now look like below:

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
  region     = "us-east-2"
  access_key = "xcxcxcxcvxvxbxbbxbxbx"
  secret_key = "sggsgsgsgsggsgsgsggs"
  default_tags {
    tags = {
      Environment = "Dev"
      Name        = "aws_dev"
    }
  }
}

resource "ec2_instance""single-instance" {
  ami                    = "ami-ebd02392"
  instance_type          = "t2.micro"
  key_name               = "Augustkey"
  vpc_security_group_ids = [aws_security_group.ec2_sg.id]
  tags = {
    Terraform   = "true"
    Environment = "Dev"
    Name        = "My_ec2 instance"
  }
}

Now to Add Security Group resource

Copy the code and add at the bottom of the script. we will modify to suit our enviroment

Modify the ingress port to suit your env, the egress doesnt need to be changed

vpc_id: is optional

Our code will now look like:

terraform {
  required_providers {
    aws = {
      source = "hashicorp/aws"
      version = "4.4.0"
    }
  }
}

provider "aws" {
  # Configuration options
  region     = "us-east-2"
  access_key = "xcxcxcxcvxvxbxbbxbxbx"
  secret_key = "sggsgsgsgsggsgsgsggs"
  default_tags {
    tags = {
      Environment = "Dev"
      Name        = "aws_dev"
    }
  }
}

resource "ec2_instance""single-instance" {
  ami                    = "ami-ebd02392"
  instance_type          = "t2.micro"
  key_name               = "Augustkey"
  vpc_security_group_ids = [aws_security_group.ec2_sg.id]
  tags = {
    Terraform   = "true"
    Environment = "Dev"
    Name        = "My_ec2 instance"
  }
}

resource "aws_security_group" "ec2_sg" {
    name = "ec2-dev-sg"
    description = "EC2 SG"

    ingress {
        from_port = 22
        to_port = 22
        protocol = "tcp"
        cidr_blocks = ["10.0.0.0/8"]
    }

    ingress {
        from_port = 80
        to_port = 80
        protocol = "tcp"
        cidr_blocks = ["10.0.0.0/8"]
    }

    #Allow all outbound
    egress {
        from_port = 0
        to_port = 0
        protocol = "-1"
        cidr_blocks = ["0.0.0.0/0"]
    }
tags = {
    Name = "ec2-dev-sg"
  }
}

Now we have all the code blocks to create our env. Save

in your terminal enter

$terraform init

$terraform plan

$terraform apply