Install the server
This section describes a single-node SonarQube instance. For details on clustered setup, see Install the server as a cluster.
A SonarQube instance comprises three components:
- The SonarQube server running the following processes:
- A web server that serves the SonarQube user interface.
- A search server based on Elasticsearch.
- The compute engine in charge of processing code analysis reports and saving them in the SonarQube database.
- The database to store the following:
- Metrics and issues for code quality and security generated during code scans.
- The SonarQube instance configuration.
- One or more scanners running on your build or continuous integration servers to analyze projects.
Hosts and locations
For optimal performance, the SonarQube server and database should be installed on separate hosts, and the server host should be dedicated. The server and database hosts should be located on the same network.
All hosts must be time-synchronized.
Installing the database
Several database engines are supported. Be sure to follow the requirements listed for your database. They are real requirements not recommendations.
Create an empty schema and a
sonarqube user. Grant this
sonarqube user permissions to
delete objects for this schema.
Installing SonarQube from the ZIP file
First, check the requirements. Then download and unzip the distribution (do not unzip into a directory starting with a digit).
SonarQube cannot be run as
root on Unix-based systems, so create a dedicated user account for SonarQube if necessary.
<SONARQUBE_HOME> (below) refers to the path to the directory where the SonarQube distribution has been unzipped.
Setting access to the database
<SONARQUBE_HOME>/conf/sonar.properties to configure the database settings. Templates are available for every supported database. Just uncomment and configure the template you need and comment out the lines dedicated to H2:
Adding the JDBC driver
Drivers for the supported databases (except Oracle) are already provided. Do not replace the provided drivers; they are the only ones supported.
For Oracle, copy the JDBC driver into
Configuring the Elasticsearch storage path
By default, Elasticsearch data is stored in
<SONARQUBE_HOME>/data, but this is not recommended for production instances. Instead, you should store this data elsewhere, ideally in a dedicated volume with fast I/O. Beyond maintaining acceptable performance, doing so will also ease the upgrade of SonarQube.
<SONARQUBE_HOME>/conf/sonar.properties to configure the following settings:
The user used to launch SonarQube must have read and write access to those directories.
Starting the web server
The default port is
9000 and the context path is
/. These values can be changed in
Execute the following script to start the server:
- On Linux:
- On macOS:
- On Windows:
You can now browse SonarQube at http://localhost:9000 (the default system administrator credentials are
Adjusting the Java installation
If there are multiple versions of Java installed on your server, you may need to explicitly define which version of Java is used.
To change the Java JVM used by SonarQube, edit $SONARQUBE-HOME/conf/wrapper.conf and update the following line:
Advanced installation features
- Running SonarQube as a service on Windows or Linux
- Running SonarQube behind a proxy
- Monitoring and adjusting Java process memory
Installing SonarQube from the Docker image
Follow these steps for your first installation:
- Creating the following volumes helps prevent the loss of information when updating to a new version or upgrading to a higher edition:
sonarqube_data: contains data files, such as the embedded H2 database and Elasticsearch indexes
sonarqube_logs: contains SonarQube logs about access, web process, CE process, and Elasticsearch
sonarqube_extensions: will contain any plugins you install and the Oracle JDBC driver if necessary.
Create the volumes with the following commands:
Make sure you're using volumes as shown with the above commands, and not bind mounts. Using bind mounts prevents plugins from populating correctly.
Drivers for supported databases (except Oracle) are already provided. If you're using an Oracle database, you need to add the JDBC driver to the
sonar_extensions volume. To do this:
a. Start the SonarQube container with the embedded H2 database:
b. Exit once SonarQube has started properly.
c. Copy the Oracle JDBC driver into
3. Run the image with your database properties defined using the
-e environment variable flag:
For more configuration environment variables, see the Docker environment variables.
Use of the environment variables
SONARQUBE_JDBC_URL is deprecated and will stop working in future releases.
Example Docker Compose configuration
If you're using Docker Compose, use the following example as a reference when configuring your
.yml file. Click the heading below to expand the
The example below will use the latest version of the SonarQube Docker image. If want to use the LTS version of SonarQube, you need to update the example with the
sonarqube:lts-community image tag.
Once your server is installed and running, you may also want to install a plugin. Then you're ready to begin analyzing source code.
Failed to connect to the marketplace via proxy
Double-check that settings for proxy are correctly set in
<SONARQUBE_HOME>/conf/sonar.properties. Note that if your proxy username contains a backslash, then it should be escaped; a username
domain\user in the file should look like this example:
For some proxies, the exception
java.net.ProtocolException: Server redirected too many times might mean an incorrect username or password has been configured.
Exception java.lang.RuntimeException: cannot run elasticsearch as root
SonarQube starts an Elasticsearch process, and the same account that is running SonarQube itself will be used for the Elasticsearch process. Since Elasticsearch cannot be run as root, that means SonarQube can't be either. You must choose some other, non-root account with which to run SonarQube, preferably an account dedicated to the purpose.
Sonarqube fails to decorate merge requests when DNS entry to ALM changes
If you run SonarQube in an environment with a lot of DNS friction, you should define a DNS cache time to live policy as, by default, SonarQube will hold the DNS cache until it is restarted. You can set this policy to five seconds by doing the following:
Please be aware that this increases the risk of DNS spoofing attacks.
© 2008-2023, SonarSource S.A, Switzerland. Except where otherwise noted, content in this space is licensed under a Creative Commons Attribution-NonCommercial 3.0 United States License. SONARQUBE is a trademark of SonarSource SA. All other trademarks and copyrights are the property of their respective owners.