SonarQube is a powerful open-source tool used for code quality analysis, static code analysis, and security vulnerability detection. It is widely used in DevOps and CI/CD pipelines to maintain clean and secure codebases.
In this article, you will learn how to install SonarQube on an AWS EC2 instance using Docker, completely automated with an EC2 user data script.
This guide is beginner-friendly and suitable for DevOps engineers, backend developers, and cloud learners.
Architecture Overview
This setup uses:
- Docker for containerization
- PostgreSQL as SonarQube database
- Persistent volumes for data safety
- Docker network for secure container communication
Step 1: Launch an EC2 Instance
- Go to AWS EC2 Console
- Click Launch Instance
- Select Amazon Linux 2 AMI
- Choose instance type:
t3.medium - Configure Security Group:
- SSH (22) – Your IP
- Custom TCP (9000) – Public or restricted IP
- Scroll to Advanced Details
Step 2: Add SonarQube User Data Script
Paste the following user data script in the User data section while launching the EC2 instance.
#!/bin/bash
sudo yum update -y
# Install Docker
sudo yum install -y docker
sudo systemctl start docker
sudo systemctl enable docker
# Add ec2-user to docker group
sudo usermod -aG docker ec2-user
# Kernel params required by SonarQube
sudo sysctl -w vm.max_map_count=524288
sudo sysctl -w fs.file-max=131072
echo "vm.max_map_count=524288" | sudo tee -a /etc/sysctl.conf
echo "fs.file-max=131072" | sudo tee -a /etc/sysctl.conf
# Persist ulimit values
cat <<EOF | sudo tee -a /etc/security/limits.conf
* soft nofile 131072
* hard nofile 131072
* soft nproc 8192
* hard nproc 8192
EOF
# Create SonarQube directories
sudo mkdir -p /opt/sonarqube_data/{data,logs,extensions}
sudo chown -R 1000:1000 /opt/sonarqube_data
# Create PostgreSQL directory
sudo mkdir -p /opt/postgres_data
# Create Docker network
docker network create sonarnet
# Run PostgreSQL container
docker run -d \
--name sonarqube-db \
--network sonarnet \
--restart unless-stopped \
-e POSTGRES_USER=sonar \
-e POSTGRES_PASSWORD=sonarpass \
-e POSTGRES_DB=sonarqube \
-v /opt/postgres_data:/var/lib/postgresql/data \
postgres:15-alpine
# Run SonarQube container
docker run -d \
--name sonarqube \
--network sonarnet \
--restart unless-stopped \
-p 9000:9000 \
-e SONAR_JDBC_URL=jdbc:postgresql://sonarqube-db:5432/sonarqube \
-e SONAR_JDBC_USERNAME=sonar \
-e SONAR_JDBC_PASSWORD=sonarpass \
-v /opt/sonarqube_data/data:/opt/sonarqube/data \
-v /opt/sonarqube_data/logs:/opt/sonarqube/logs \
-v /opt/sonarqube_data/extensions:/opt/sonarqube/extensions \
sonarqube:lts-community
📌 Note: User data runs only during the first boot of the EC2 instance.
Step 3: Launch the Instance
- Review configuration
- Click Launch Instance
- Wait until instance status becomes Running
Step 4: Access SonarQube Dashboard
Open your browser and visit:
http://<EC2-PUBLIC-IP>:9000
SonarQube may take 1–2 minutes to fully start.
Step 5: Login to SonarQube
Default credentials:
Username: admin Password: admin
You will be asked to change the password after first login.
Step 6: Verify Containers (Optional)
SSH into the EC2 instance and run:
docker ps
You should see:
sonarqubesonarqube-db
To check logs:
docker logs sonarqube
Common Issues and Fixes
SonarQube Not Loading on Port 9000
- Ensure Security Group allows port 9000
- Check instance memory (
free -m) - Wait at least 2 minutes
Container Exits Immediately
- Kernel parameters not applied correctly
- Instance size too small
Why Use Docker for SonarQube on EC2?
- Easy installation
- Isolated environment
- Persistent data storage
- Ideal for CI/CD pipelines
- Easy upgrades and rollback
Frequently Asked Questions (FAQ)
Which EC2 instance type is best for SonarQube?
t3.medium minimum, t3.large recommended for production.
Which database does SonarQube use?
PostgreSQL is the recommended database.
Is SonarQube free on AWS?
Yes, the Community Edition is free.
Can I use this in production?
Yes, with proper security hardening (SSL, backups, IAM).
Conclusion
Installing SonarQube on AWS EC2 using Docker and a user data script is the fastest and most reliable approach.