[self-hosted] Gitpod local preview install method #10532
Conversation
install/preview/Dockerfile
Outdated
| @@ -0,0 +1,21 @@ | |||
| FROM eu.gcr.io/gitpod-core-dev/build/installer:release-2022.05.0.5 AS installer | |||
There was a problem hiding this comment.
Currently, I pinned to the latest installer release but this means that we have to update this in each release which isn't a great way. Any ideas? 🤔
There was a problem hiding this comment.
Once this is part of gitpod-io/gitpod, we can build this image on main by default, and add an annotation to build from branches.
Pothulapati
force-pushed
the
tar/preview-install
branch
5 times, most recently
from
6155f06 to
8a68ace
Compare
install/preview/README.md
Outdated
| ## Installation | ||
|
|
||
| ```bash | ||
| docker run --privileged --name gitpod --rm -it -v /tmp/gitpod:/var/gitpod eu.gcr.io/gitpod-core-dev/build/installer:tar-preview-install.4 |
There was a problem hiding this comment.
Will update the image tag, in a separate PR to be a release tag
|
Marking this PR ready for review, and expect the following changes in separate PR's:
|
github-actions
bot
added
the
team: delivery
|
I've tested this on a Mac running Docker for Desktop, and get the following result: The testing notes indicate that this requires Linux, and I'm not sure how this is interacting with Mac. I just tested this on a GCP image and I got the same results: Is this user error on my part? |
|
started the job as gitpod-build-tar-preview-install.6 because the annotations in the pull request description changed |
|
started the job as gitpod-build-tar-preview-install.7 because the annotations in the pull request description changed |
|
@adrienthebo My bad, I put the wrong image tag. It should instead be |
Fixes #9075 This PR adds a new install method called `preview` under the `install` directory. This includes a sh script i.e `entrypoint.sh` that gets loaded into a docker container in the `Dockerfile`. This `entrypoint.sh` does the following: - Checks for minimum system requirements - Generates a root certificate using `mkcerts`, and loads into the host's `/tmp/gitpod/gitpod-ca.crt`. - Renders `cert-manager` resources, self-signed Gitpod into `/var/lib/rancher/k3s/server/manifests`. - Initialises `k3s` inside the container. Signed-off-by: Tarun Pothulapati <[email protected]>
Pothulapati
force-pushed
the
tar/preview-install
branch
from
8a68ace to
6c5fdab
Compare
|
Test cases:
LGTM! 👍 |
There was a problem hiding this comment.
@Pothulapati I know, I'm late to the party. Good work! 🚀
I have just 2 smaller comments probably for follow-up improvements.
| echo "extracting images to download ahead..." | ||
| /gitpod-installer render --config config.yaml | grep 'image:' | sed 's/ *//g' | sed 's/image://g' | sed 's/\"//g' | sed 's/^-//g' | sort | uniq > /gitpod-images.txt | ||
| echo "downloading images..." | ||
| while read -r image "$(cat /gitpod-images.txt)"; do | ||
| # shellcheck disable=SC2154 | ||
| ctr images pull "$image" >/dev/null & | ||
| done |
There was a problem hiding this comment.
What is the rationale behind pulling the images ahead?
There was a problem hiding this comment.
To make the pods startup faster? 🤔
There's not a lot of gain here (as our main painpoint is the workspace image build) but I was able to see around 2-3 minutes when I added this 🤔
| /gitpod-installer render --config config.yaml --output-split-files /var/lib/rancher/k3s/server/manifests/gitpod | ||
| for f in /var/lib/rancher/k3s/server/manifests/gitpod/*.yaml; do (cat "$f"; echo) >> /var/lib/rancher/k3s/server/gitpod.debug; done | ||
| rm /var/lib/rancher/k3s/server/manifests/gitpod/*NetworkPolicy* | ||
| for f in /var/lib/rancher/k3s/server/manifests/gitpod/*PersistentVolumeClaim*.yaml; do yq e -i '.spec.storageClassName="local-path"' "$f"; done | ||
| yq eval-all -i ". as \$item ireduce ({}; . *+ \$item)" /var/lib/rancher/k3s/server/manifests/gitpod/*_StatefulSet_messagebus.yaml /app/manifests/messagebus.yaml | ||
| for f in /var/lib/rancher/k3s/server/manifests/gitpod/*StatefulSet*.yaml; do yq e -i '.spec.volumeClaimTemplates[0].spec.storageClassName="local-path"' "$f"; done | ||
|
|
||
| # removing init container from ws-daemon (systemd and Ubuntu) | ||
| yq eval-all -i 'del(.spec.template.spec.initContainers[0])' /var/lib/rancher/k3s/server/manifests/gitpod/*_DaemonSet_ws-daemon.yaml |
There was a problem hiding this comment.
This a quite a lot of pre-processing. Could you add comments on why they are actually needed?
There was a problem hiding this comment.
Added them in #10695
Description
This PR adds a new install method called
previewunder theinstalldirectory. This includes a sh script i.eentrypoint.shthat gets loaded into a docker container in the
Dockerfile.This
entrypoint.shdoes the following:mkcerts, and loads into thehost's
/tmp/gitpod/gitpod-ca.crt.cert-managerresources, self-signed Gitpod into/var/lib/rancher/k3s/server/manifests.k3sinside the container.This is the first iteration of this method, a number of planned
improvements have been noted and will be added in the
coming days.
Signed-off-by: Tarun Pothulapati [email protected]
Related Issue(s)
Fixes #9075
How to test
Run the following on a linux machine
Switch to a different tag and interact with the cluster by running
docker exec gitpod kubectl get pods -AOnce you see all the pods running, Retrieve the gitpod URL by runnning
Load the SSL cert at
/tmp/gitpod/gitpod-ca.crtinto your browser, and access the retrieved URL.Release Notes
Documentation