Install SonarQube RIGHT NOW !!
Prerequisites
You have a fresh Ubuntu instance (e.g., 22.04).
You have sudo access as your normal user.
Step 1: Install required software
sudo apt update
sudo apt install openjdk-17-jdk wget unzip ntp -y
Why:
openjdk-17-jdk → Java 17, required by SonarQube.
wget → to download SonarQube.
unzip → to extract the .zip.
ntp → keeps system clock synced (very important for token expiry, JWT, Elasticsearch timing).
Step 2: Find and confirm Java path (JAVA_HOME)
Find which Java was installed:
update-java-alternatives -l
Output looks like:
java-1.17.0-openjdk-amd64 1711 /usr/lib/jvm/java-1.17.0-openjdk-amd64
Use the part /usr/lib/jvm/java-1.17.0-openjdk-amd64 as JAVA_HOME.
(In most Ubuntu systems installed from apt, it usually is /usr/lib/jvm/java-17-openjdk-amd64.)
Verify Java works:
java -version
Should show:
openjdk version "17.x.x"
Step 3: Create a dedicated sonar user
sudo useradd -m -d /opt/sonarqube -U -r -s /bin/bash sonar
Why:
Command/Option | Meaning |
useradd | create a new user |
-m | create home directory |
-d /opt/sonarqube | set /opt/sonarqube as home directory |
-U | create a group named sonar |
-r | make this a system user (non-login user usually, but we’ll give shell) |
-s /bin/bash | assign Bash shell (so we can log in) |
Step 4: Give sonar user sudo access without password
sudo visudo
At the end of the file, add:
sonar ALL=(ALL) NOPASSWD:ALL
Why:
Allows sonar user to run any sudo command on any host.
NOPASSWD → no password prompt.
(handy in dev; risky in prod).
Step 5: Download and extract SonarQube
cd /opt
sudo wget https://binaries.sonarsource.com/Distribution/sonarqube/sonarqube-10.6.0.8109.zip
sudo unzip sonarqube-10.6.0.8109.zip
sudo mv sonarqube-10.6.0.8109/* /opt/sonarqube/
Why:
/opt is standard for optional/3rd party apps.
We move everything into /opt/sonarqube so it’s clean.
Step 6: Change ownership to sonar user
sudo chown -R sonar:sonar /opt/sonarqube
Why:
Make sure sonar user can read/write all files.
-R → recursive.
Step 7: Configure JAVA_HOME and PATH for sonar user
Switch to sonar user:
sudo su - sonar
Edit .bashrc:
echo 'export JAVA_HOME=/usr/lib/jvm/java-17-openjdk-amd64' >> ~/.bashrc
echo 'export PATH=$JAVA_HOME/bin:$PATH' >> ~/.bashrc
Then apply immediately:
source ~/.bashrc
Why:
SonarQube scripts use Java.
sonar user must know where Java is installed.
Verify:
java -version
Step 8: Set kernel and system parameters (important)
As your main sudo user (not sonar):
8.1 Increase max map count (needed by Elasticsearch inside SonarQube):
sudo nano /etc/sysctl.conf
Add:
vm.max_map_count=262144
fs.file-max=65536
Apply:
sudo sysctl -p
8.2 Increase user limits (number of open files and processes):
sudo nano /etc/security/limits.conf
Add:
sonar - nofile 65536
sonar - nproc 4096
Why:
Setting | Why |
vm.max_map_count | Elasticsearch needs it; prevents memory map errors |
fs.file-max | total max open files |
nofile | max open files per user |
nproc | max processes per user |
Step 9: Enable and start NTP (time sync)
Why: Elasticsearch uses tokens with expiry; time drift can break login or cause cluster errors.
sudo systemctl enable ntp
sudo systemctl start ntp
timedatectl status
Make sure it says NTP synchronized: yes.(if you find some error and this line means just leave that error its due to some depreciated packages)
Step 10: Start SonarQube
Switch to sonar user:
sudo su - sonar
Start:
cd /opt/sonarqube/bin/linux-x86-64
./sonar.sh start
Check status:
./sonar.sh status
Step 11: Access SonarQube UI
- Open browser:
http://<your-server-ip>:9000
Default login:
Username: admin
Password: admin (you’ll be asked to change).
After Successful Login It prompts you to change the default password, Change it and you are good to go !
