由於 Synology NAS 上不存在 CONFIG_SECCOMP,SonarQube 無法在 Synology NAS Docker 上啟動。 SonarQube 啟動 ElasticSearch 時是否可以選擇忽略 SECCOMP?
2022-11-26T11:00:50.430590094Z stdout java.lang.UnsupportedOperationException: seccomp unavailable: CONFIG_SECCOMP not compiled into kernel, CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER are needed
2022-11-26T11:00:50.429641210Z stdout 2022.11.26 11:00:50 WARN es[][o.e.b.JNANatives] unable to install syscall filter:
2022-11-26T11:00:47.894977919Z stdout 2022.11.26 11:00:47 INFO app[][o.s.a.SchedulerImpl] Waiting for Elasticsearch to be up and running
答案1
為了啟動 ElasticSearch,也必須安裝附加設定檔:sonar.properties該檔案位於/opt/sonarqube/conf/sonar.properties並包含 option sonar.search.javaAdditionalOpts=。
sonar.search.javaAdditionalOpts=-Dbootstrap.system_call_filter=false
ElasticSearch 允許停用 SECCOMP 檢查,但這是不安全的。預設情況下,可以/etc/elasticsearch/elasticsearch.yaml根據以下內容修改此配置這個答案