This post will show you how to run Sonarqube, or any other service, inside a container on AWS Fargate.
Fargate is the next incarnation of Amazon Elastic Container Service (ECS). With classic ECS you had to create dedicated instances to run your containers on. Fargate gives you the ability to use ECS without the need to manage servers or clusters.
No cluster provisioning is necessary, no worrying about server types or scaling. This is all abstracted with Fargate.
We were looking for a service to run inside Fargate to see what we can do with it. A customer wanted to run a Sonarqube installation inside a container. So, we thought: Hey, that fits!
Sonarqube checks your code for health, vulnerabilities and other issues. You can check it out on sonarqube.org.
It doesn’t matter what you want to run on Fargate as long as it fits inside a Docker container. In our case, we use Sonarqube. It could be any application you can think of.
Important to remember is, that Fargate does not handle persistence. If your service needs a database, make sure to use a database outside of the container. The same goes for all data that might be written to disk by the service. In the event a restart of the container, the data will be gone.
Sonarqube saves all persisting data into a database. We will use a AWS RDS Postgres database for this. You could of course use a volume to fix this issue as well. We do not use a volume as this makes the example a bit easier.
Our Sonarqube Docker image is super simple. We just extend from the official Docker image and add a little magic.
For us, pre-installing Sonarqube plugins was important. If the Sonarqube users install the plugins through the web dashboard, the plugins will be gone in the event of a re-creating of the container. We need to make sure to have it already baked in. Here is the Dockerfile:
Then we build the image from the Dockerfile:
docker build -t jaybrueder/sonarqube:1.0 .
And we can run and test that everything works:
docker run -d --name sonarqube -p 9000:9000 -p 9092:9092 jaybrueder/sonarqube:1.0
If we connect through
localhost:9000 we should see the dashboard.
Please note: This step is still using the internal H2 database of Sonarqube. This is not what we want for Fargate.
We will need to push this image directly into the AWS Elastic Container Registry (ECR).
Click “Create repository” and give it a name (e.g. “sonarqube”). You will be presented with commands you need to trigger in your local CLI to push your Docker image. You will need to have the AWC CLI installed for this.
They will look something like this:
source AWS_PROFILE=your_profile # Get login credentials aws ecr get-login --no-include-email --region us-east-1 # Run the docker login command returned from the previous step docker login -u AWS -p <SUPER_LONG_KEY> https://1234567890.dkr.ecr.us-east-1.amazonaws.com # Tag the image docker tag sonarqube:1.0 1234567890.dkr.ecr.us-east-1.amazonaws.com/sonarqube:1.0 # And push docker push 1234567890.dkr.ecr.us-east-1.amazonaws.com/sonarqube:1.0
The image is now available for ECS to use!
Inside the ECS dashboard, click “Create Cluster” and choose the one that says, “Powered by AWS Fargate”.
Click next and give it a name. If you want to use a new VPC, check the checkbox. Click “Create”.
Your Cluster is done! Easy, right?
After creating the cluster, we also need a “Task Definition”. Select “Task Definitions” from the ECS menu and click “Create new Task definition”. Select “Fargate” and give it a name.
You can give your task a memory and CPU here. You can select which container image to use and, if needed, you can attach a volume.
This is also the place where we put in any environment variables for our docker image and which ports to expose. For Sonarqube to work properly, we need to expose port 9000 and 9092. For it to use our Amazon RDS PostgreSQL database, we also need to add some environment variables. You can find them here https://hub.docker.com/_/sonarqube under “Database Configuration”. Also make sure to define an IAM role for this task that allows for access to Amazon RDS.
All there is left to do is to head over to your Fargate cluster and start a new service. Choose your created task definition and make sure to choose your desired VPC and subnet. When you have chosen all desired settings for your service, hit “Create Service”.
After the creation for the service, you will receive an internal IP address that you can hook-up to a load balancer to access the Sonarqube dashboard. It’s also possible to make the service public on creation by choosing “enabled” on “Auto-assign public IP”.