circle-info
This version of the SonarQube documentation is no longer maintained. It relates to a version of SonarQube that is not active.
search
Start Free

On Linux systems

This section explains pre-installation steps on SonarQube Server host for the Community, Developer and Enterprise Editions on Linux systems.

hashtag
Making sure FIPS is not enforced

SonarQube will not run on Linux hosts where FIPS (Federal Information Processing Standard) is enforced.

hashtag
Configuring the host to comply with Elasticsearch

Because SonarQube uses an embedded Elasticsearch, make sure that your host configuration complies with the Elasticsearch production mode requirementsarrow-up-right and File Descriptors configurationarrow-up-right.

hashtag
Configuring the maximum number of open files and other limits

You must ensure that:

  • The maximum number of memory map areas a process may have (vm.max_map_count) is greater than or equal to 524288.

  • The maximum number of open file descriptors (fs.file-max) is greater than or equal to 131072.

  • The user running SonarQube can open at least 131072 file descriptors.

  • The user running SonarQube can open at least 8192 threads.

You must set these limits on the host system, whatever the installation type:

  • For a Docker installation: These settings will then apply to the Docker container.

  • For a Kubernetes deployment: Check also these guidelinesarrow-up-right.

To check and change these limits, login as the user used to run SonarQube and proceed as described below depending on the type of this user.

chevron-rightFor a non-systemd userhashtag

1. Verify the values listed above with the following commands:

sysctl vm.max_map_count

sysctl fs.file-max

ulimit -n

ulimit -u

2. To change the max map count and the file-max, insert the following in /etc/sysctl.d/99-sonarqube.conf (or in /etc/sysctl.conf if you use the default file (not recommended)). To apply the changes, run the corresponding Linux command.

 vm.max_map_count=524288
 fs.file-max=13107

3. To change the limits on the user running SonarQube, insert the following in /etc/security/limits.d/99-sonarqube.conf (or in /etc/security/limits.conf if you use the default file (not recommended)) where sonarqube is the user used to run SonarQube. To apply the changes, run the corresponding Linux command.

sonarqube   -   nofile   131072

sonarqube   -   nproc    8192
chevron-rightFor a systemd userhashtag

Specify those limits inside your unit file in the section [Service] :

circle-info

To change these values dynamically for the current session, run the following commands as root:

hashtag
Enabling seccomp on the Linux kernel

By default, Elasticsearch uses the seccomp filter. Make sure you use a kernel with seccomp enabled.

To check that seccomp is available on your kernel, use:

If your kernel has seccomp, you’ll see the following:

hashtag
Managing SonarQube Server access to fonts

Generating executive reports requires that fonts be installed on the server hosting SonarQube.

If you use a Linux server, you should ensure that Fontconfig is installed on the server host.

circle-info

A package of FreeType fonts is installed on the SonarQube Server host. The exact packages available will vary by distribution, but a commonly used package is libfreetype6.

hashtag
If using an Oracle database

In case your SonarQube Server is running on Linux and you are using Oracle, the Oracle JDBC Driver may be blocked due to /dev/random. See this Oracle articlearrow-up-right for more details about this problem.

To avoid it, you may want to add this JVM parameter to your SonarQube web server (sonar.web.javaOpts) configuration:

PreviousPerform pre-installation stepsNextOn Unix-based systems

Last updated

Was this helpful?