Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitff9252c

Browse files
spikecurtismatifalijohnstcn
authored
feat: add provisioner chart to release and docs (#9050)
* Add provisioner chart to release and docsSigned-off-by: Spike Curtis <spike@coder.com>* Update docs/admin/provisioners.mdCo-authored-by: Muhammad Atif Ali <atif@coder.com>* PrettierSigned-off-by: Spike Curtis <spike@coder.com>* spell out PSK first time per sectionCo-authored-by: Cian Johnston <cian@coder.com>---------Signed-off-by: Spike Curtis <spike@coder.com>Co-authored-by: Muhammad Atif Ali <atif@coder.com>Co-authored-by: Cian Johnston <cian@coder.com>
1 parent6fd9975 commitff9252c

File tree

7 files changed

+139
-33
lines changed

7 files changed

+139
-33
lines changed

‎.github/workflows/release.yaml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -141,7 +141,8 @@ jobs:
141141
build/coder_"$version"_linux_{amd64,armv7,arm64}.{tar.gz,apk,deb,rpm} \
142142
build/coder_"$version"_{darwin,windows}_{amd64,arm64}.zip \
143143
build/coder_"$version"_windows_amd64_installer.exe \
144-
build/coder_helm_"$version".tgz
144+
build/coder_helm_"$version".tgz \
145+
build/provisioner_helm_"$version".tgz
145146
env:
146147
CODER_SIGN_DARWIN:"1"
147148
AC_CERTIFICATE_FILE:/tmp/apple_cert.p12
@@ -295,9 +296,11 @@ jobs:
295296
version="$(./scripts/version.sh)"
296297
mkdir -p build/helm
297298
cp "build/coder_helm_${version}.tgz" build/helm
299+
cp "build/provisioner_helm_${version}.tgz" build/helm
298300
gsutil cp gs://helm.coder.com/v2/index.yaml build/helm/index.yaml
299301
helm repo index build/helm --url https://helm.coder.com/v2 --merge build/helm/index.yaml
300302
gsutil -h "Cache-Control:no-cache,max-age=0" cp build/helm/coder_helm_${version}.tgz gs://helm.coder.com/v2
303+
gsutil -h "Cache-Control:no-cache,max-age=0" cp build/helm/provisioner_helm_${version}.tgz gs://helm.coder.com/v2
301304
gsutil -h "Cache-Control:no-cache,max-age=0" cp build/helm/index.yaml gs://helm.coder.com/v2
302305
gsutil -h "Cache-Control:no-cache,max-age=0" cp helm/artifacthub-repo.yml gs://helm.coder.com/v2
303306

‎Makefile

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -344,15 +344,19 @@ push/$(CODER_MAIN_IMAGE): $(CODER_MAIN_IMAGE)
344344
docker manifest push"$$image_tag"
345345
.PHONY: push/$(CODER_MAIN_IMAGE)
346346

347+
# Helm charts that are available
348+
charts = coder provisioner
349+
347350
# Shortcut for Helm chart package.
348-
build/coder_helm.tgz: build/coder_helm_$(VERSION).tgz
351+
$(foreach chart,$(charts),build/$(chart)_helm.tgz): build/%_helm.tgz: build/%_helm_$(VERSION).tgz
349352
rm -f"$@"
350353
ln"$<""$@"
351354

352355
# Helm chart package.
353-
build/coder_helm_$(VERSION).tgz:
356+
$(foreach chart,$(charts),build/$(chart)_helm_$(VERSION).tgz): build/%_helm_$(VERSION).tgz:
354357
./scripts/helm.sh\
355358
--version"$(VERSION)"\
359+
--chart$*\
356360
--output"$@"
357361

358362
site/out/index.html: site/package.json$(shell find ./site$(FIND_EXCLUSIONS) -type f \( -name '*.ts' -o -name '*.tsx' \))

‎docs/admin/provisioners.md

Lines changed: 73 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -10,22 +10,23 @@ By default, the Coder server runs [built-in provisioner daemons](../cli/server.m
1010

1111
-**Reduce server load**: External provisioners reduce load and build queue times from the Coder server. See[Scaling Coder](./scale.md#concurrent-workspace-builds) for more details.
1212

13-
>External provisioners are in an[alpha state](../contributing/feature-stages.md#alpha-features) and the behavior is subject to change. Use[GitHub issues](https://github.com/coder/coder) to leave feedback.
14-
15-
##Running external provisioners
16-
1713
Each provisioner can run a single[concurrent workspace build](./scale.md#concurrent-workspace-builds). For example, running 30 provisioner containers will allow 30 users to start workspaces at the same time.
1814

1915
Provisioners are started with the[coder provisionerd start](../cli/provisionerd_start.md) command.
2016

21-
###Authentication
17+
##Authentication
18+
19+
The provisioner daemon must authenticate with your Coder deployment.
2220

23-
The provisioner server must authenticate with your Coder deployment. There are two authentication methods:
21+
Set a[provisioner daemon pre-shared key (PSK)](../cli/server.md#--provisioner-daemon-psk) on the Coder server and start the provisioner with
22+
`coder provisionerd start --psk <your-psk>`. If you are[installing with Helm](../install/kubernetes#install-coder-with-helm),
23+
see the[Helm example](#example-running-an-external-provisioner-with-helm) below.
2424

25-
- PSK: Set a[provisioner daemon PSK](../cli/server#--provisioner-daemon-psk) on the Coder server and start the provisioner with`coder provisionerd start --psk <your-psk>`
26-
- User token:[Authenticate](../cli.md#--token) the Coder CLI as a user with the Template Admin or Owner role.
25+
>Coder still supports authenticating the provisioner daemon with a[token](../cli.md#--token) from a user with the
26+
>Template Admin or Owner role. This method is deprecated in favor of the PSK, which only has permission to access
27+
>provisioner daemon APIs. We recommend migrating to the PSK as soon as practical.
2728
28-
###Types of provisioners
29+
##Types of provisioners
2930

3031
-**Generic provisioners** can pick up any build job from templates without provisioner tags.
3132

@@ -65,7 +66,68 @@ The provisioner server must authenticate with your Coder deployment. There are t
6566
--provisioner-tag scope=user
6667
```
6768

68-
###Example: Running an external provisioner on a VM
69+
##Example: Running an external provisioner with Helm
70+
71+
Coder provides a Helm chart for running external provisioner daemons, which you will use in concert with the Helm chart
72+
for deploying the Coder server.
73+
74+
1. Create a long, random pre-shared key (PSK) and store it in a Kubernetes secret
75+
76+
```shell
77+
kubectl create secret generic coder-provisioner-psk --from-literal=psk=`head /dev/urandom| tr -dc A-Za-z0-9| head -c 26`
78+
```
79+
80+
1. Modify your Coder`values.yaml` to include
81+
82+
```yaml
83+
provisionerDaemon:
84+
pskSecretName:"coder-provisioner-psk"
85+
```
86+
87+
1. Redeploy Coder with the new`values.yaml` to roll out the PSK. You can omit `--version <your version>` to also upgrade
88+
Coder to the latest version.
89+
90+
```shell
91+
helm upgrade coder coder-v2/coder \
92+
--namespace coder \
93+
--version <your version> \
94+
--values values.yaml
95+
```
96+
97+
1. Create a `provisioner-values.yaml` file for the provisioner daemons Helm chart. For example
98+
99+
```yaml
100+
coder:
101+
env:
102+
- name: CODER_URL
103+
value: "https://coder.example.com"
104+
replicaCount: 10
105+
provisionerDaemon:
106+
pskSecretName: "coder-provisioner-psk"
107+
tags:
108+
location: auh
109+
kind: k8s
110+
```
111+
112+
This example creates a deployment of 10 provisioner daemons (for 10 concurrent builds) with the listed tags. For
113+
generic provisioners, remove the tags.
114+
115+
> Refer to the [values.yaml](https://github.com/coder/coder/blob/main/helm/provisioner/values.yaml) file for the
116+
> coder-provisioner chart for information on what values can be specified.
117+
118+
1. Install the provisioner daemon chart
119+
120+
```shell
121+
helm install coder-provisioner coder-v2/coder-provisioner \
122+
--namespace coder \
123+
--version <your version> \
124+
--values provisioner-values.yaml
125+
```
126+
127+
You can verify that your provisioner daemons have successfully connected to Coderd by looking for a log with message
128+
`provisionerd successfully connected to coderd`from each Pod.
129+
130+
## Example: Running an external provisioner on a VM
69131

70132
```sh
71133
curl -L https://coder.com/install.sh | sh
@@ -74,7 +136,7 @@ export CODER_SESSION_TOKEN=your_token
74136
coder provisionerd start
75137
```
76138

77-
###Example: Running an external provisioner via Docker
139+
## Example: Running an external provisioner via Docker
78140

79141
```sh
80142
docker run --rm -it \

‎helm/coder/charts/libcoder-0.1.0.tgz

-1 Bytes
Binary file not shown.

‎helm/provisioner/README.md

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
#Coder Helm Chart
2+
3+
This directory contains the Helm chart used to deploy Coder provisioner daemons onto a Kubernetes
4+
cluster.
5+
6+
External provisioner daemons are an Enterprise feature. Contactsales@coder.com.
7+
8+
##Getting Started
9+
10+
>**Warning**: The main branch in this repository does not represent the
11+
>latest release of Coder. Please reference our installation docs for
12+
>instructions on a tagged release.
13+
14+
View
15+
[our docs](https://coder.com/docs/v2/latest/admin/provisioners)
16+
for detailed installation instructions.
17+
18+
##Values
19+
20+
Please refer to[values.yaml](values.yaml) for available Helm values and their
21+
defaults.
22+
23+
A good starting point for your values file is:
24+
25+
```yaml
26+
coder:
27+
env:
28+
-name:CODER_URL
29+
value:"https://coder.example.com"
30+
# This env enables the Prometheus metrics endpoint.
31+
-name:CODER_PROMETHEUS_ADDRESS
32+
value:"0.0.0.0:2112"
33+
replicaCount:10
34+
provisionerDaemon:
35+
pskSecretName:"coder-provisioner-psk"
36+
```
5 Bytes
Binary file not shown.

‎scripts/helm.sh

Lines changed: 20 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -4,40 +4,39 @@
44
# .tgz file at the specified path, and may optionally push it to the Coder OSS
55
# repo.
66
#
7-
# ./helm.sh [--version 1.2.3] [--output path/to/coder.tgz] [--push]
7+
# ./helm.sh [--version 1.2.3] [--chart coder|provisioner] [--output path/to/coder.tgz]
88
#
99
# If no version is specified, defaults to the version from ./version.sh.
1010
#
11-
# If no output path is specified, defaults to
12-
# "$repo_root/build/coder_helm_$version.tgz".
11+
# If no chart is specified, defaults to 'coder'
1312
#
14-
# Ifthe --push parameter is specified,the resulting artifact will be published
15-
#to the Coder OSS repo. This requires `gsutil` to be installed and configured.
13+
# Ifno output path is specified,defaults to
14+
#"$repo_root/build/$chart_helm_$version.tgz".
1615

1716
set -euo pipefail
1817
# shellcheck source=scripts/lib.sh
1918
source"$(dirname"${BASH_SOURCE[0]}")/lib.sh"
2019

2120
version=""
2221
output_path=""
23-
push=0
22+
chart=""
2423

25-
args="$(getopt -o"" -l version:,output:,push --"$@")"
24+
args="$(getopt -o"" -l version:,chart:,output:,push --"$@")"
2625
evalset --"$args"
2726
whiletrue;do
2827
case"$1"in
2928
--version)
3029
version="$2"
3130
shift 2
3231
;;
32+
--chart)
33+
chart="$2"
34+
shift 2
35+
;;
3336
--output)
3437
output_path="$(realpath"$2")"
3538
shift 2
3639
;;
37-
--push)
38-
push="1"
39-
shift
40-
;;
4140
--)
4241
shift
4342
break
@@ -54,10 +53,17 @@ if [[ "$version" == "" ]]; then
5453
version="$(execrelative ./version.sh)"
5554
fi
5655

56+
if [["$chart"=="" ]];then
57+
chart="coder"
58+
fi
59+
if! [["$chart"=~ ^(coder|provisioner)$ ]];then
60+
error"--chart value must be one of (coder, provisioner)"
61+
fi
62+
5763
if [["$output_path"=="" ]];then
5864
cdroot
5965
mkdir -p build
60-
output_path="$(realpath"build/coder_helm_$version.tgz")"
66+
output_path="$(realpath"build/${chart}_helm_${version}.tgz")"
6167
fi
6268

6369
# Check dependencies
@@ -69,10 +75,10 @@ cdroot
6975
temp_dir="$(mktemp -d)"
7076

7177
cdroot
72-
cd ./helm/coder
78+
cd ./helm/$chart
7379
log"--- Updating dependencies"
7480
helm dependency update.
75-
log"--- Packaging helm chart for version$version ($output_path)"
81+
log"--- Packaging helm chart$chartfor version$version ($output_path)"
7682
helm package \
7783
--version"$version" \
7884
--app-version"$version" \
@@ -82,8 +88,3 @@ helm package \
8288
log"Moving helm chart to$output_path"
8389
cp"$temp_dir"/*.tgz"$output_path"
8490
rm -rf"$temp_dir"
85-
86-
if [["$push"== 1 ]];then
87-
log"--- Publishing helm chart..."
88-
# TODO: figure out how/where we want to publish the helm chart
89-
fi

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp