mirror of https://github.com/coder/coder.git
chore: add workspaceProxy to helm chart (#7398)
This commit is contained in:
parent
164146c462
commit
667d9a7557
2
Makefile
2
Makefile
|
@ -526,7 +526,7 @@ cli/testdata/.gen-golden: $(wildcard cli/testdata/*.golden) $(wildcard cli/*.tpl
|
|||
go test ./cli -run="Test(CommandHelp|ServerYAML)" -update
|
||||
touch "$@"
|
||||
|
||||
helm/tests/testdata/.gen-golden: $(wildcard helm/tests/testdata/*.golden) $(GO_SRC_FILES)
|
||||
helm/tests/testdata/.gen-golden: $(wildcard helm/tests/testdata/*.yaml) $(wildcard helm/tests/testdata/*.golden) $(GO_SRC_FILES)
|
||||
go test ./helm/tests -run=TestUpdateGoldenFiles -update
|
||||
touch "$@"
|
||||
|
||||
|
|
|
@ -23,3 +23,5 @@
|
|||
.vscode/
|
||||
Makefile
|
||||
artifacthub-repo.yml
|
||||
|
||||
tests
|
||||
|
|
|
@ -60,6 +60,13 @@ spec:
|
|||
- name: coder
|
||||
image: {{ include "coder.image" . | quote }}
|
||||
imagePullPolicy: {{ .Values.coder.image.pullPolicy }}
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
{{- if .Values.coder.workspaceProxy }}
|
||||
- proxy
|
||||
{{- end }}
|
||||
- server
|
||||
resources:
|
||||
{{- toYaml .Values.coder.resources | nindent 12 }}
|
||||
lifecycle:
|
||||
|
|
|
@ -44,6 +44,10 @@ var TestCases = []TestCase{
|
|||
name: "labels_annotations",
|
||||
expectedError: "",
|
||||
},
|
||||
{
|
||||
name: "workspace_proxy",
|
||||
expectedError: "",
|
||||
},
|
||||
}
|
||||
|
||||
type TestCase struct {
|
||||
|
|
|
@ -134,6 +134,10 @@ spec:
|
|||
- name: coder
|
||||
image: "ghcr.io/coder/coder:latest"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
- server
|
||||
resources:
|
||||
{}
|
||||
lifecycle:
|
||||
|
|
|
@ -140,6 +140,10 @@ spec:
|
|||
- name: coder
|
||||
image: "ghcr.io/coder/coder:latest"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
- server
|
||||
resources:
|
||||
{}
|
||||
lifecycle:
|
||||
|
|
|
@ -134,6 +134,10 @@ spec:
|
|||
- name: coder
|
||||
image: "ghcr.io/coder/coder:latest"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
- server
|
||||
resources:
|
||||
{}
|
||||
lifecycle:
|
||||
|
|
|
@ -138,6 +138,10 @@ spec:
|
|||
- name: coder
|
||||
image: "ghcr.io/coder/coder:latest"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
- server
|
||||
resources:
|
||||
{}
|
||||
lifecycle:
|
||||
|
|
|
@ -0,0 +1,177 @@
|
|||
---
|
||||
# Source: coder/templates/coder.yaml
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: "coder"
|
||||
annotations:
|
||||
{}
|
||||
labels:
|
||||
helm.sh/chart: coder-0.1.0
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: coder
|
||||
app.kubernetes.io/version: "0.1.0"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
---
|
||||
# Source: coder/templates/rbac.yaml
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: Role
|
||||
metadata:
|
||||
name: coder-workspace-perms
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["pods"]
|
||||
verbs: ["*"]
|
||||
- apiGroups: [""]
|
||||
resources: ["persistentvolumeclaims"]
|
||||
verbs: ["*"]
|
||||
---
|
||||
# Source: coder/templates/rbac.yaml
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: RoleBinding
|
||||
metadata:
|
||||
name: "coder"
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: "coder"
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: Role
|
||||
name: coder-workspace-perms
|
||||
---
|
||||
# Source: coder/templates/service.yaml
|
||||
apiVersion: v1
|
||||
kind: Service
|
||||
metadata:
|
||||
name: coder
|
||||
labels:
|
||||
helm.sh/chart: coder-0.1.0
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: coder
|
||||
app.kubernetes.io/version: "0.1.0"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
annotations:
|
||||
{}
|
||||
spec:
|
||||
type: LoadBalancer
|
||||
sessionAffinity: ClientIP
|
||||
ports:
|
||||
- name: "http"
|
||||
port: 80
|
||||
targetPort: "http"
|
||||
protocol: TCP
|
||||
externalTrafficPolicy: "Cluster"
|
||||
selector:
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
---
|
||||
# Source: coder/templates/coder.yaml
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: coder
|
||||
labels:
|
||||
helm.sh/chart: coder-0.1.0
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: coder
|
||||
app.kubernetes.io/version: "0.1.0"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
annotations:
|
||||
{}
|
||||
spec:
|
||||
replicas: 1
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
helm.sh/chart: coder-0.1.0
|
||||
app.kubernetes.io/name: coder
|
||||
app.kubernetes.io/instance: release-name
|
||||
app.kubernetes.io/part-of: coder
|
||||
app.kubernetes.io/version: "0.1.0"
|
||||
app.kubernetes.io/managed-by: Helm
|
||||
annotations:
|
||||
{}
|
||||
spec:
|
||||
serviceAccountName: "coder"
|
||||
restartPolicy: Always
|
||||
terminationGracePeriodSeconds: 60
|
||||
affinity:
|
||||
podAntiAffinity:
|
||||
preferredDuringSchedulingIgnoredDuringExecution:
|
||||
- podAffinityTerm:
|
||||
labelSelector:
|
||||
matchExpressions:
|
||||
- key: app.kubernetes.io/instance
|
||||
operator: In
|
||||
values:
|
||||
- coder
|
||||
topologyKey: kubernetes.io/hostname
|
||||
weight: 1
|
||||
containers:
|
||||
- name: coder
|
||||
image: "ghcr.io/coder/coder:latest"
|
||||
imagePullPolicy: IfNotPresent
|
||||
command:
|
||||
- /opt/coder
|
||||
args:
|
||||
- proxy
|
||||
- server
|
||||
resources:
|
||||
{}
|
||||
lifecycle:
|
||||
{}
|
||||
env:
|
||||
- name: CODER_HTTP_ADDRESS
|
||||
value: "0.0.0.0:8080"
|
||||
- name: CODER_PROMETHEUS_ADDRESS
|
||||
value: "0.0.0.0:2112"
|
||||
# Set the default access URL so a `helm apply` works by default.
|
||||
# See: https://github.com/coder/coder/issues/5024
|
||||
- name: CODER_ACCESS_URL
|
||||
value: "http://coder.default.svc.cluster.local"
|
||||
# Used for inter-pod communication with high-availability.
|
||||
- name: KUBE_POD_IP
|
||||
valueFrom:
|
||||
fieldRef:
|
||||
fieldPath: status.podIP
|
||||
- name: CODER_DERP_SERVER_RELAY_URL
|
||||
value: "http://$(KUBE_POD_IP):8080"
|
||||
|
||||
- name: CODER_PRIMARY_ACCESS_URL
|
||||
value: https://dev.coder.com
|
||||
- name: CODER_PROXY_SESSION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
key: token
|
||||
name: coder-workspace-proxy-session-token
|
||||
ports:
|
||||
- name: "http"
|
||||
containerPort: 8080
|
||||
protocol: TCP
|
||||
securityContext:
|
||||
allowPrivilegeEscalation: false
|
||||
readOnlyRootFilesystem: null
|
||||
runAsGroup: 1000
|
||||
runAsNonRoot: true
|
||||
runAsUser: 1000
|
||||
seccompProfile:
|
||||
type: RuntimeDefault
|
||||
readinessProbe:
|
||||
httpGet:
|
||||
path: /api/v2/buildinfo
|
||||
port: "http"
|
||||
scheme: "HTTP"
|
||||
livenessProbe:
|
||||
httpGet:
|
||||
path: /api/v2/buildinfo
|
||||
port: "http"
|
||||
scheme: "HTTP"
|
||||
volumeMounts: []
|
||||
volumes: []
|
|
@ -0,0 +1,14 @@
|
|||
coder:
|
||||
workspaceProxy: true
|
||||
|
||||
image:
|
||||
tag: latest
|
||||
|
||||
env:
|
||||
- name: CODER_PRIMARY_ACCESS_URL
|
||||
value: "https://dev.coder.com"
|
||||
- name: CODER_PROXY_SESSION_TOKEN
|
||||
valueFrom:
|
||||
secretKeyRef:
|
||||
name: coder-workspace-proxy-session-token
|
||||
key: token
|
|
@ -1,10 +1,28 @@
|
|||
# coder -- Primary configuration for `coder server`.
|
||||
coder:
|
||||
# coder.replicaCount -- The number of Kubernetes deployment replicas.
|
||||
# This should only be increased if High Availability is enabled.
|
||||
# coder.replicaCount -- The number of Kubernetes deployment replicas. This
|
||||
# should only be increased if High Availability is enabled.
|
||||
#
|
||||
# This is an Enterprise feature. Contact sales@coder.com.
|
||||
replicaCount: 1
|
||||
|
||||
# coder.workspaceProxy -- Whether or not this deployment of Coder is a Coder
|
||||
# Workspace Proxy. Workspace Proxies reduce the latency between the user and
|
||||
# their workspace for web connections (workspace apps and web terminal) and
|
||||
# proxied connections from the CLI. Workspace Proxies are optional and only
|
||||
# recommended for geographically sparse teams.
|
||||
#
|
||||
# Make sure you set CODER_PRIMARY_ACCESS_URL and CODER_PROXY_SESSION_TOKEN in
|
||||
# the environment below. You can get a proxy token using the CLI:
|
||||
# coder proxy create \
|
||||
# --name "proxy-name" \
|
||||
# --display-name "Proxy Name" \
|
||||
# --icon "/emojis/xyz.png"
|
||||
#
|
||||
# This is an Enterprise feature. Contact sales@coder.com
|
||||
# Docs: https://coder.com/docs/v2/latest/admin/workspace-proxies
|
||||
workspaceProxy: false
|
||||
|
||||
# coder.image -- The image to use for Coder.
|
||||
image:
|
||||
# coder.image.repo -- The repository of the image.
|
||||
|
|
Loading…
Reference in New Issue