SonarQube 6.7.1使用推荐的解决方案解决了SECCOMP的ES问题

时间:2018-01-09 04:00:56

标签: sonarqube elasticsearch-5

我将SonarQube的安装从5.6.6升级到6.7.1,在RHEL上托管而没有编译CONFIG_SECCOMP。更新数据库后,运行sonar.sh start命令会短暂启动,然后终止。

根据SonarQube 6.7 failed to start because CONFIG_SECCOMP not compiled into kernelhttps://docs.sonarqube.org/display/SONAR/Requirements#Requirements-seccompfilter,我在 sonar.properties 中的设置是处理CONFIG_SECCOMP问题的建议值设置为:

sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false

对于sonar.search.javaOpts,sonar.search.port和sonar.search.host,值都是默认值。

每个日志(下面)看起来引入了引导值,但它似乎没有传播到临时目录中生成的elasticsearch.yml。

sonar.log包含:

--> Wrapper Started as Daemon
Launching a JVM...
Wrapper (Version 3.2.3) http://wrapper.tanukisoftware.org
  Copyright 1999-2006 Tanuki Software, Inc.  All Rights Reserved.

2018.01.08 22:44:43 INFO  app[][o.s.a.AppFileSystem] Cleaning or creating temp directory /opt/sonar/sonarqube-6.7.1/temp
2018.01.08 22:44:43 INFO  app[][o.s.a.es.EsSettings] Elasticsearch listening on /127.0.0.1:9001
2018.01.08 22:44:43 INFO  app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='es', ipcIndex=1, logFilenamePrefix=es]] from [/opt/sonar/sonarqube-6.7.1/elasticsearch]: /opt/sonar/sonarqube-6.7.1/elasticsearch/bin/elasticsearch -Epath.conf=/opt/sonar/sonarqube-6.7.1/temp/conf/es
2018.01.08 22:44:43 INFO  app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
2018.01.08 22:44:43 INFO  app[][o.e.p.PluginsService] no modules loaded
2018.01.08 22:44:43 INFO  app[][o.e.p.PluginsService] loaded plugin [org.elasticsearch.transport.Netty4Plugin]
2018.01.08 22:44:51 INFO  app[][o.s.a.SchedulerImpl] Process[es] is up
2018.01.08 22:44:51 INFO  app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [/opt/sonar/sonarqube-6.7.1]: /usr/lib/jvm/jdk1.8.0_131/jre/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonar/sonarqube-6.7.1/temp -server -Xms1G -Xmx1G -XX:MaxPermSize=256m -XX:+HeapDumpOnOutOfMemoryError -XX:+AggressiveOpts -XX:InlineSmallCode=3072 -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -Djava.net.preferIPv4Stack=true -cp ./lib/common/*:./lib/server/*:/opt/sonar/sonarqube-6.7.1/lib/jdbc/postgresql/postgresql-42.1.4.jar org.sonar.server.app.WebServer /opt/sonar/sonarqube-6.7.1/temp/sq-process6699142698739435554properties
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
2018.01.08 22:45:00 INFO  app[][o.s.a.SchedulerImpl] Process [web] is stopped
2018.01.08 22:45:00 INFO  app[][o.s.a.SchedulerImpl] Process [es] is stopped
2018.01.08 22:45:00 INFO  app[][o.s.a.SchedulerImpl] SonarQube is stopped
2018.01.08 22:45:00 WARN  app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143
<-- Wrapper Stopped

ES日志包括:

2018.01.08 22:44:45 WARN  es[][o.e.b.JNANatives] unable to install syscall filter:
java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
        at org.elasticsearch.bootstrap.SystemCallFilter.linuxImpl(SystemCallFilter.java:364) ~[elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.SystemCallFilter.init(SystemCallFilter.java:639) ~[elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.JNANatives.tryInstallSystemCallFilter(JNANatives.java:258) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Natives.tryInstallSystemCallFilter(Natives.java:113) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Bootstrap.initializeNatives(Bootstrap.java:111) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Bootstrap.setup(Bootstrap.java:195) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Bootstrap.init(Bootstrap.java:342) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Elasticsearch.init(Elasticsearch.java:132) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Elasticsearch.execute(Elasticsearch.java:123) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.cli.EnvironmentAwareCommand.execute(EnvironmentAwareCommand.java:70) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.cli.Command.mainWithoutErrorHandling(Command.java:134) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.cli.Command.main(Command.java:90) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:91) [elasticsearch-5.6.3.jar:5.6.3]
        at org.elasticsearch.bootstrap.Elasticsearch.main(Elasticsearch.java:84) [elasticsearch-5.6.3.jar:5.6.3]
2018.01.08 22:44:45 INFO  es[][o.e.n.Node] initializing ...
2018.01.08 22:44:45 INFO  es[][o.e.e.NodeEnvironment] using [1] data paths, mounts [[/opt (/dev/mapper/vg_sys-lv_opt)]], net usable_space [2.3gb], net total_space [9.7gb], spins? [possibly], types [ext4]
2018.01.08 22:44:45 INFO  es[][o.e.e.NodeEnvironment] heap size [495.3mb], compressed ordinary object pointers [true]
2018.01.08 22:44:45 INFO  es[][o.e.n.Node] node name [sonarqube], node ID [S0XGTf7ATGC2HuVlIcIwYQ]
2018.01.08 22:44:45 INFO  es[][o.e.n.Node] version[5.6.3], pid[3915], build[1a2f265/2017-10-06T20:33:39.012Z], OS[Linux/2.6.32-573.3.1.el6.x86_64/amd64], JVM[Oracle Corporation/Java HotSpot(TM) 64-Bit Server VM/1.8.0_131/25.131-b11]
2018.01.08 22:44:45 INFO  es[][o.e.n.Node] JVM arguments [-XX:+UseConcMarkSweepGC, -XX:CMSInitiatingOccupancyFraction=75, -XX:+UseCMSInitiatingOccupancyOnly, -XX:+AlwaysPreTouch, -Xss1m, -Djava.awt.headless=true, -Dfile.encoding=UTF-8, -Djna.nosys=true, -Djdk.io.permissionsUseCanonicalPath=true, -Dio.netty.noUnsafe=true, -Dio.netty.noKeySetOptimization=true, -Dio.netty.recycler.maxCapacityPerThread=0, -Dlog4j.shutdownHookEnabled=false, -Dlog4j2.disable.jmx=true, -Dlog4j.skipJansi=true, -Xms512m, -Xmx512m, -XX:+HeapDumpOnOutOfMemoryError, -Dbootstrap.system_call_filter=false, -Des.path.home=/opt/sonar/sonarqube-6.7.1/elasticsearch]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [aggs-matrix-stats]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [ingest-common]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [parent-join]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [percolator]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [reindex]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] loaded module [transport-netty4]
2018.01.08 22:44:46 INFO  es[][o.e.p.PluginsService] no plugins loaded
2018.01.08 22:44:47 INFO  es[][o.e.d.DiscoveryModule] using discovery type [zen]
2018.01.08 22:44:48 INFO  es[][o.e.n.Node] initialized
2018.01.08 22:44:48 INFO  es[][o.e.n.Node] starting ...
2018.01.08 22:44:48 INFO  es[][o.e.t.TransportService] publish_address {127.0.0.1:9001}, bound_addresses {127.0.0.1:9001}
2018.01.08 22:44:48 WARN  es[][o.e.b.BootstrapChecks] system call filters failed to install; check the logs and fix your configuration or disable system call filters at your own risk
2018.01.08 22:44:51 INFO  es[][o.e.c.s.ClusterService] new_master {sonarqube}{S0XGTf7ATGC2HuVlIcIwYQ}{CSVhU1O1QF6rU3a9IolATA}{127.0.0.1}{127.0.0.1:9001}{rack_id=sonarqube}, reason: zen-disco-elected-as-master ([0] nodes joined)
2018.01.08 22:44:51 INFO  es[][o.e.n.Node] started
2018.01.08 22:44:51 INFO  es[][o.e.g.GatewayService] recovered [0] indices into cluster_state
2018.01.08 22:45:00 INFO  es[][o.e.n.Node] stopping ...
2018.01.08 22:45:00 INFO  es[][o.e.n.Node] stopped
2018.01.08 22:45:00 INFO  es[][o.e.n.Node] closing ...
2018.01.08 22:45:00 INFO  es[][o.e.n.Node] closed

2 个答案:

答案 0 :(得分:3)

  

每个日志(下面)看起来引入了引导值,但它似乎没有传播到临时目录中生成的elasticsearch.yml。

预计elasticsearch.yml不会更新。 .yml是一个静态内部配置文件。当您传递-Dbootstrap.system_call_filter=false时,它会在运行时设置,而不会反映在静态配置文件中。

事实上,您会注意到es.log仅包含警告,并且在seccomp方面根本没有失败。每sonar.log,ElasticSearch JVM甚至成功启动:

2018.01.08 22:44:51 INFO  app[][o.s.a.SchedulerImpl] Process[es] is up

所以问题出在其他地方,而你的sonar.log告诉你它与Web进程有关:

2018.01.08 22:44:51 INFO  app[][o.s.a.p.ProcessLauncherImpl] Launch process[[key='web', ipcIndex=2, logFilenamePrefix=web]] from [/opt/sonar/sonarqube-6.7.1]: /usr/lib/jvm/jdk1.8.0_131/jre/bin/java -Djava.awt.headless=true -Dfile.encoding=UTF-8 -Djava.io.tmpdir=/opt/sonar/sonarqube-6.7.1/temp -server -Xms1G -Xmx1G -XX:MaxPermSize=256m -XX:+HeapDumpOnOutOfMemoryError -XX:+AggressiveOpts -XX:InlineSmallCode=3072 -XX:+UseParNewGC -XX:+UseConcMarkSweepGC -Djava.net.preferIPv4Stack=true -cp ./lib/common/*:./lib/server/*:/opt/sonar/sonarqube-6.7.1/lib/jdbc/postgresql/postgresql-42.1.4.jar org.sonar.server.app.WebServer /opt/sonar/sonarqube-6.7.1/temp/sq-process6699142698739435554properties
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=256m; support was removed in 8.0
2018.01.08 22:45:00 INFO  app[][o.s.a.SchedulerImpl] Process [web] is stopped

SonarQube Troubleshooting documentation,现在是检查web.log的好时机,看看那里发生了什么。

答案 1 :(得分:0)

杀死所有JDK实例(pids)并重启sonarqube服务对我有用。

相关问题
最新问题