circle-exclamation
This version of the SonarQube documentation is no longer maintained. It relates to a version of SonarQube that is not active.
search
Start Free

Setting up with Prometheus server

The SonarQube Server’s Helm chart triggers the deployment of a Prometheus server that will pull the metrics from the SonarQube Server instance.

This section explains how to use SonarQube’s native integration with Prometheus to collect Prometheus metrics in a Kubernetes deployment. To set up the monitoring, follow the steps described below. We refer here to a setup using the Prometheus Operator which requires the PodMonitor to collect the metrics.

hashtag
Introduction

The SonarQube Server’s Helm chart triggers the deployment of a Prometheus server that will pull the metrics from the SonarQube Server instance. The deployment process is as follows:

  1. When you install the SonarQube Server’s Helm chart in the Kubernetes cluster, the chart creates a PodMonitor resource (podmonitor.yaml), which configures the pulling of metrics from SonarQube Server.

  2. The Prometheus operator deploys a Prometheus server based on the created PodMonitor resource.

  3. The Prometheus server will pull the metrics from SonarQube Server according to the PodMonitor configuration. To pull the metrics from the Web API endpoint, it needs to authenticate to the Web API. (The Helm chart sets up the PodMonitor to use the Bearer authentication scheme.)

The figure below illustrates this process.

hashtag
Step 1: Set up the Prometheus server authentication to the Web API’s monitoring endpoint

The PodMonitor needs to authenticate to the SonarQube Server’s Web API for getting metrics from the /api/monitoring/metrics endpoint. To setup this authentication, you must define the monitoring password in values.yaml: the Helm chart will store this value in the SONAR_WEB_SYSTEMPASSCODE environment variable on SonarQube Server.

To set the monitoring passcode in SonarQube Server, use one of the following methods (see also the Helm chart documentationarrow-up-right):

  • Define the passcode in the monitoringPasscode property within the values.yaml file (default value is "define_it"). For security reasons, this method is not recommended.

  • Use a secret that contains the passcode that will be retrieved at runtime, and define the following properties in values.yaml:

    • monitoringPasscodeSecretName: name of the secret object.

    • monitoringPasscodeSecretKey: key identifying the passcode to be extracted from the secret object.

hashtag
Step 2: Enable the export of the JMX metrics

To expose the Prometheus JMX metrics, the JMX exporter must be enabled in the Helm chart configuration as follows:

  • Add the following block in the values.yaml file of the SonarQube Server Helm chart:

hashtag
Step 3: Enable the PodMonitor

  1. If not already done, install the Prometheus Operator in the Kubernetes cluster (it’s not installed through the Helm chart).

  2. In the SonarQube Helm chart, enable the PodMonitor by setting prometheusMonitoring.podMonitor.enabled to true.

  3. If necessary, adjust the PodMonitor created by default by the SonarQube Helm chart. Below is the default podmonitor.yaml file depending on the SonarQube Edition. To adjust the PodMonitor:

chevron-rightDefault PodMonitor: Developer and Enterprise Editionshashtag
chevron-rightDefault PodMonitor: Data Center Editionhashtag

hashtag
Step 4: Set up the export of the metrics to an observability platform

See the List of Prometheus metrics.

PreviousIntroductionNextSetting up with Datadog

Last updated

Was this helpful?