Reputation: 55
I would like to use sonar-qube and deploy it on AKS (Azure Kubernetes). I want to store sonar logs, data, conf and extension on persistent volumes. However, it looks like AKS is not able to mount the volumes due to timeout.
I have build a single script that create volume + service + deployment and ingress. --> no success
I have tried to separate the volume creation from application creation and volume attachement --> no success
However, volumes are created and available on AZURE
Configuration :
Here is the scripts I use to create the volumes :
#Namespace creation
apiVersion: v1
kind: Namespace
metadata:
name: cicd
labels:
name: cicd
---
#PVC for Sonar’s data directory creation
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-data
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5G
---
#PVC for Sonar’s conf directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-conf
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5Gi
---
#PVC for Sonar’s logs directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-logs
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 10Gi
---
#PVC for Sonar’s extensions directory
apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: sonar-extensions
namespace: cicd
spec:
accessModes:
- ReadWriteOnce
storageClassName: default
resources:
requests:
storage: 5Gi
---
#Create secretKeyRef
apiVersion: v1
kind: Secret
metadata:
name: sonar-secret
namespace: cicd
type: Opaque
data:
password: *****************
Here is the script I use to create sonar :
#SonarQube deployment
apiVersion: extensions/v1beta1
kind: Deployment
metadata:
labels:
app: sonarqube
name: sonarqube
namespace: cicd
spec:
replicas: 1
template:
metadata:
labels:
app: sonarqube
spec:
securityContext:
runAsUser: 0
fsGroup: 0
containers:
- name: sonarqube
image: sonarqube:latest
resources:
requests:
cpu: 500m
memory: 1024Mi
limits:
cpu: 2000m
memory: 2048Mi
volumeMounts:
- mountPath: "/opt/sonarqube/data/"
name: sonar-data
- mountPath: "/opt/sonarqube/extensions/"
name: sonar-extensions
- mountPath: "/opt/sonarqube/logs/"
name: sonar-logs
- mountPath: "/opt/sonarqube/conf/"
name: sonar-conf
env:
- name: "SONARQUBE_JDBC_USERNAME"
value: "sonar"
- name: "SONARQUBE_JDBC_URL"
value: "jdbc:sqlserver://internal-sql-az-westeurope.database.windows.net:1433;databaseName=Sonar;user=SONARQUBE_JDBC_USERNAME;password=SONAR_SQL_LOGIN_PASSWORD"
- name: "SONARQUBE_JDBC_PASSWORD"
valueFrom:
secretKeyRef:
name: sonar-secret
key: password
ports:
- containerPort: 9000
protocol: TCP
volumes:
- name: sonar-data
persistentVolumeClaim:
claimName: sonar-data
- name: sonar-extensions
persistentVolumeClaim:
claimName: sonar-extensions
- name: sonar-logs
persistentVolumeClaim:
claimName: sonar-logs
- name: sonar-conf
persistentVolumeClaim:
claimName: sonar-conf
---
# --------------
# Service Object
# --------------
apiVersion: v1
kind: Service
metadata:
labels:
name: sonarqube
name: sonarqube-service
namespace: cicd
spec:
ports:
- port: 80 # Default port for image
protocol: TCP
selector:
name: sonarqube
# -----------------
# Ingress object
# -----------------
---
apiVersion: extensions/v1beta1
kind: Ingress
metadata:
name: sonarqube-api-ingress
namespace: cicd
annotations:
kubernetes.io/ingress.class: nginx
#Default is 'true'
#nginx.ingress.kubernetes.io/ssl-redirect: "false"
nginx.ingress.kubernetes.io/rewrite-target: /$1
#https://github.com/kubernetes/ingress-nginx/blob/master/docs/user-guide/nginx-configuration/annotations.md#whitelist-source-range
nginx.ingress.kubernetes.io/whitelist-source-range: "******"
spec:
tls:
- hosts:
- sonar.traceparts.com
secretName: aks-ingress-tls-star-traceparts-com
rules:
- host: sonar.traceparts.com
http:
paths:
- backend:
serviceName: sonarqube-service
servicePort: 80
path: /(.*)
Can someone helps me to understand the issue?
Upvotes: 1
Views: 6300
Reputation: 497
I talked to the Azure support guy and he told me to run the following command. This command fixed my issue immediately.
az resource update --ids /subscriptions/<SUBSCRIPTION-ID>/resourcegroups/<RESOURCE-GROUP>/providers/Microsoft.ContainerService/managedClusters/<AKS-CLUSTER-NAME>/agentpools/<NODE-GROUP-NAME>
Upvotes: 0
Reputation: 31472
Actually, when you create the persistent volumes via the YAML file and mount the Azure disks to the nodes, you need to wait for a while, Azure needs some time to attach the disks to the nodes. So the first failure because of the disks does not attach to the nodes.
Just be painted and wait for a while, then take a check with the command:
kubectl describe pvc --namespace cicd
It shows like below:
By the way, when you create the AKS cluster, it's service principal already have the Contributor role of the resource group which the nodes in. So generally the permission is enough, at least for the persistent volumes.
Upvotes: 2