Aug 24, 2022 · Aug 22, 2022 · Aug 22, 2022 · Aug 22, 2022 · Aug 24, 2022
diff --git a/examples/templates/kubernetes-multi-service/main.tf b/examples/templates/kubernetes-multi-service/main.tf
diff --git a/...plates/kubernetes-multi-service/README.md → examples/templates/kubernetes-pod/README.md b/...plates/kubernetes-multi-service/README.md → examples/templates/kubernetes-pod/README.md

 Then start the Coder host with `serviceAccountName: coder` in the pod spec.

 ## Namespace

 The target namespace in which the pod will be deployed is defined via the `coder_workspace`
 variable. The namespace must exist prior to creating workspaces.

 ## Persistence

 The `/home/coder` directory in this example is persisted via the attached PersistentVolumeClaim.
 Any data saved outside of this directory will be wiped when the workspace stops.

 Since most binary installations and environment configurations live outside of
 the `/home` directory, we suggest including these in the `startup_script` argument
 of the `coder_agent` resource block, which will run each time the workspace starts up.

 For example, when installing the `aws` CLI, the install script will place the
 `aws` binary in `/usr/local/bin/aws`. To ensure the `aws` CLI is persisted across
 workspace starts/stops, include the following code in the `coder_agent` resource
 block of your workspace template:

 ```terraform
 resource "coder_agent" "main" {
  startup_script = <<EOT
    #!/bin/bash

    # install AWS CLI
    curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
    unzip awscliv2.zip
    sudo ./aws/install
  EOT
 }
 ```

 ## code-server

 `code-server` is installed via the `startup_script` argument in the `coder_agent`
 resource block. The `coder_app` resource is defined to access `code-server` through
 the dashboard UI over `localhost:13337`.
diff --git a/examples/templates/kubernetes-pod/main.tf b/examples/templates/kubernetes-pod/main.tf
 terraform {
  required_providers {
    coder = {
      source  = "coder/coder"
      version = "0.4.9"
    }
    kubernetes = {
      source  = "hashicorp/kubernetes"
      version = "~> 2.12.1"
    }
  }
 }

 variable "use_kubeconfig" {
  type        = bool
  sensitive   = true
  description = <<-EOF
  Use host kubeconfig? (true/false)

  Set this to false if the Coder host is itself running as a Pod on the same
  Kubernetes cluster as you are deploying workspaces to.

  Set this to true if the Coder host is running outside the Kubernetes cluster
  for workspaces.  A valid "~/.kube/config" must be present on the Coder host.
  EOF
 }

 variable "coder_namespace" {
  type        = string
  sensitive   = true
  description = "The namespace to create workspaces in (must exist prior to creating workspaces)"
  default     = "coder-namespace"
 }

 variable "disk_size" {
  type = number
  description = "Disk size (__ GB)"
  default     = 10
 }

 provider "kubernetes" {
  # Authenticate via ~/.kube/config or a Coder-specific ServiceAccount, depending on admin preferences
  config_path = var.use_kubeconfig == true ? "~/.kube/config" : null
 }

 data "coder_workspace" "me" {}

 resource "coder_agent" "main" {
  os   = "linux"
  arch = "amd64"
  startup_script = <<EOT
    #!/bin/bash

    # install and start code-server
    curl -fsSL https://code-server.dev/install.sh | sh  | tee code-server-install.log
    code-server --auth none --port 13337 | tee code-server-install.log &
  EOT
 }

 # code-server
 resource "coder_app" "code-server" {
  agent_id      = coder_agent.main.id
  name          = "code-server"
  icon          = "/icon/code.svg"
  url           = "http://localhost:13337?folder=/home/coder"
  relative_path = true
 }

 resource "kubernetes_pod" "main" {
  count = data.coder_workspace.me.start_count
  metadata {
    name      = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
    namespace = var.coder_namespace
  }
  spec {
    security_context {
      run_as_user = "1000"
      fs_group    = "1000"
    }
    container {
      name    = "dev"
      image   = "codercom/enterprise-base:ubuntu"
      command = ["sh", "-c", coder_agent.main.init_script]
      security_context {
        run_as_user = "1000"
      }
      env {
        name  = "CODER_AGENT_TOKEN"
        value = coder_agent.main.token
      }
      volume_mount {
        mount_path = "/home/coder"
        name       = "home-directory"
      }
    }
    volume {
      name = "home-directory"
      persistent_volume_claim {
        claim_name = kubernetes_persistent_volume_claim.home-directory.metadata.0.name
      }
    }
  }
 }

 resource "kubernetes_persistent_volume_claim" "home-directory" {
  metadata {
    name      = "home-coder-java-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
    namespace = var.coder_namespace
  }
  spec {
    access_modes = ["ReadWriteOnce"]
    resources {
      requests = {
        storage = "${var.disk_size}Gi"
      }
    }
  }
 }
Original file line number	Diff line number	Diff line change
Expand Up		@@ -72,3 +72,40 @@ roleRef:

		Then start the Coder host with `serviceAccountName: coder` in the pod spec.

		## Namespace

		The target namespace in which the pod will be deployed is defined via the `coder_workspace`
		variable. The namespace must exist prior to creating workspaces.

		## Persistence

		The `/home/coder` directory in this example is persisted via the attached PersistentVolumeClaim.
		Any data saved outside of this directory will be wiped when the workspace stops.

		Since most binary installations and environment configurations live outside of
		the `/home` directory, we suggest including these in the `startup_script` argument
		of the `coder_agent` resource block, which will run each time the workspace starts up.

		For example, when installing the `aws` CLI, the install script will place the
		`aws` binary in `/usr/local/bin/aws`. To ensure the `aws` CLI is persisted across
		workspace starts/stops, include the following code in the `coder_agent` resource
		block of your workspace template:

		```terraform
		resource "coder_agent" "main" {
		startup_script = <<EOT
		#!/bin/bash

		# install AWS CLI
		curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
		unzip awscliv2.zip
		sudo ./aws/install
		EOT
		}
		```

		## code-server

		`code-server` is installed via the `startup_script` argument in the `coder_agent`
		resource block. The `coder_app` resource is defined to access `code-server` through
		the dashboard UI over `localhost:13337`.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,118 @@
		terraform {
		required_providers {
		coder = {
		source = "coder/coder"
		version = "0.4.9"
		}
		kubernetes = {
		source = "hashicorp/kubernetes"
		version = "~> 2.12.1"
		}
		}
		}

		variable "use_kubeconfig" {
		type = bool
		sensitive = true
		description = <<-EOF
		Use host kubeconfig? (true/false)

		Set this to false if the Coder host is itself running as a Pod on the same
		Kubernetes cluster as you are deploying workspaces to.

		Set this to true if the Coder host is running outside the Kubernetes cluster
		for workspaces. A valid "~/.kube/config" must be present on the Coder host.
		EOF
		}

		variable "coder_namespace" {
		type = string
		sensitive = true
		description = "The namespace to create workspaces in (must exist prior to creating workspaces)"
		default = "coder-namespace"
		}

		variable "disk_size" {
		type = number
		description = "Disk size (__ GB)"
		default = 10
		}

		provider "kubernetes" {
		# Authenticate via ~/.kube/config or a Coder-specific ServiceAccount, depending on admin preferences
		config_path = var.use_kubeconfig == true ? "~/.kube/config" : null
		}

		data "coder_workspace" "me" {}

		resource "coder_agent" "main" {
		os = "linux"
		arch = "amd64"
		startup_script = <<EOT
		#!/bin/bash

		# install and start code-server
		curl -fsSL https://code-server.dev/install.sh \| sh \| tee code-server-install.log
		code-server --auth none --port 13337 \| tee code-server-install.log &
		EOT
		}

		# code-server
		resource "coder_app" "code-server" {
		agent_id = coder_agent.main.id
		name = "code-server"
		icon = "/icon/code.svg"
		url = "http://localhost:13337?folder=/home/coder"
		relative_path = true
		}

		resource "kubernetes_pod" "main" {
		count = data.coder_workspace.me.start_count
		metadata {
		name = "coder-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
		namespace = var.coder_namespace
		}
		spec {
		security_context {
		run_as_user = "1000"
		fs_group = "1000"
		}
		container {
		name = "dev"
		image = "codercom/enterprise-base:ubuntu"
		command = ["sh", "-c", coder_agent.main.init_script]
		security_context {
		run_as_user = "1000"
		}
		env {
		name = "CODER_AGENT_TOKEN"
		value = coder_agent.main.token
		}
		volume_mount {
		mount_path = "/home/coder"
		name = "home-directory"
		}
		}
		volume {
		name = "home-directory"
		persistent_volume_claim {
		claim_name = kubernetes_persistent_volume_claim.home-directory.metadata.0.name
		}
		}
		}
		}

		resource "kubernetes_persistent_volume_claim" "home-directory" {
		metadata {
		name = "home-coder-java-${data.coder_workspace.me.owner}-${data.coder_workspace.me.name}"
		namespace = var.coder_namespace
		}
		spec {
		access_modes = ["ReadWriteOnce"]
		resources {
		requests = {
		storage = "${var.disk_size}Gi"
		}
		}
		}
		}