archive-gh-me/gitpod
1
0
Fork 0
mirror of https://github.com/gitpod-io/gitpod.git synced 2025-12-08 17:36:30 +00:00
Code Issues Projects Releases Wiki Activity
11,481 Commits 1,231 Branches 1,883 Tags
Commit Graph

62 Commits

Author SHA1 Message Date
Manuel Alejandro de Brito Fontes
692963d2e9
Update containerd and buildkit go modules (#19376) 
* Update containerd and buildkit go modules

* Fix build

* Fix typecheck errors

---------

Co-authored-by: Thomas Schubart <thomas@gitpod.io>
 2024-02-01 20:22:44 +02:00
Manuel Alejandro de Brito Fontes
d464ef8ecd
Cleanup installer (#18784) 
* Cleanup installer

* Remove MessageBus references
 2023-09-25 10:58:04 +02:00
Manuel Alejandro de Brito Fontes
64994160d9
Remove FUSE support (#18536) 
* Remove FUSE support

* Update docs

* Remove fuse-overlayfs

* Fix installer validation
 2023-08-18 16:13:44 +02:00
Thomas Schubart
460875058f
[ws-manager-mk2] Remove ws-manager-mk2 from experimental section (#17848) 
* [wsman-mk2] Remove ws-manager-mk2 from experimental

* [ws-daemon] Remove readiness check for service

* [ws-daemon] Use mk2 working area only

* [preview] Remove mk2 customization

* [installer] Remove constant
 2023-06-06 22:56:57 +08:00
Manuel Alejandro de Brito Fontes
541f6f65c5
Remove unused PodSecurityPolicy feature (#17176) 2023-04-13 22:13:53 +02:00
Manuel Alejandro de Brito Fontes
9cf0243e54
Add new feature for custom workspace network CIDR (#17145) 
* Add new feature for custom workspace network CIDR

* Cleanup
 2023-04-07 13:17:47 +02:00
Thomas Schubart
4edc0ef4e2
[installer] Increase rollout speed (#17060) 2023-03-28 13:40:26 +02:00
Manuel Alejandro de Brito Fontes
5b30eb5b8c
Remove unused caCertSecret (#16793) 
* Add trust.cert-manager.io for to bundle CA certificates

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

* Configure CA volume and volumemount in components

* Update ws-manager golden files

* Deploy trust manager in preview

* Remove duplicated volume

* Update installer golden files

* Generate a bundle only for registry-facade

* Update golden files

* Fix initcontainer volume mounts

* Update golden files

* Fix registry-facade certificate

* Update golden files

* Disable skip_verify

* Enable force conflict with apply server side

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

* Avoid random werft namespace errors

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>

---------

Signed-off-by: Manuel de Brito Fontes <aledbf@gmail.com>
 2023-03-21 11:44:13 +01:00
Thomas Schubart
42a3602fce
[ws-manager-mk2] Emit events for workspaces and snapshots (#16907) 
* [wsman-mk2] Emit workspace events

* [installer] Permissions for events

* [ws-man-mk2] Emit snapshot events

* [installer] Update render tests

* [wsman-mk2] Include review comments
 2023-03-20 13:59:12 +01:00
Thomas Schubart
c800175c72
[ws-manager-mk2] Protect tokens (#16806) 
* [wsman-mk2] Create token secret

* [installer] Fix casing for namespace type metadata

* [installer] Create secrets namespace

* [installer] Configure roles and bindings

* [installer] Move namespace constant to common pkg

* [installer] Create permissions for ws-daemon

* [wsman-mk2] Watch on multiple ns

* [ws-daemon] Use token secret

* [wsman-mk2] Remove secret from initializer

* [wsman-mk2] Test token secret

* [werft] Fix document index

* [installer] Update render tests

* [wsman-mk2] Fix imports

* [wsman-mk2] Ensure maintenance controller required permissions

* [wsman-mk2] Retry deleting secret

* [installer] Ensure objects in secrets namespace are only created with mk2 option
 2023-03-15 12:57:07 +01:00
Manuel Alejandro de Brito Fontes
97f8d4b802
Ensure the spread of pods on different nodes (#16810) 
* Ensure the spread of pods on different nodes

* Replace string ClusterFirst

* Replace Always string in DNSPolicy

* Fix registry-facade affinity

* Fix ws-proxy affinity

* Address feedback

* Update golden files
 2023-03-15 10:21:07 +01:00
Manuel Alejandro de Brito Fontes
218f64f7c1
Replace node labeler component with a dedicated deployment (#16712) 
* Replace node labeler component with a dedicated deployment

* Update go modules

* Fix invalid module name

* Fix modules
 2023-03-09 23:38:45 +01:00
Wouter Verlaek
1631a4a038
[ws-manager-mk2] Loadgen fixes, concurrent reconciliation (#16613) 
* [ws-manager-mk2] Loadgen fixes, concurrent reconciliation

* [ws-manager-mk2] Update tests with content readiness

* Simplify content ready check

* Fix json tags

* Revert poll interval
 2023-03-06 15:18:04 +01:00
Manuel Alejandro de Brito Fontes
41ddf50849
[ws-daemon] Check connection to containerd socket (#16654) 
* Check connection to containerd socket

* Mount containerd socket directory to avoid reconnect issues if containerd restarts

* Update golden files

* Break loop
 2023-03-03 12:59:01 +01:00
Manuel Alejandro de Brito Fontes
b958873e90
Allow registry-facade and ws-daemon to run in dedicated GPU node pools (#16608) 
* Allow registry-facade and ws-daemon to run in dedicated GPU node pools

* Update golden files
 2023-03-01 12:23:58 +01:00
Manuel Alejandro de Brito Fontes
dc69bb20ca
Remove host controller from ws-daemon (#16615) 
* Remove host controller from ws-daemon

* Configure /etc/hosts file in registry-facade

* Update golden files
 2023-03-01 00:55:58 +01:00
Manuel Alejandro de Brito Fontes
329e56580e
Switch registry-facade from hostPort to nodePort and remove hostPort from ws-daemon (#16518) 
* Switch registry-facade and ws-daemon from hostPort to nodePort

* Update golden files

* Update ports

* Remove old setting

* Remove $WS_DAEMON_PORT

* Switch to podIP

* Tune GCE VM

* Use withObservability flag
 2023-02-24 21:40:54 +01:00
Thomas Schubart
116a5b97b2
[ws-manager-mk2] Support workspace snapshots (#16471) 
* [ws-manager-mk2] Scaffold snapshot CRD

* [ws-mangaer-mk2] Generate snapshot type

* [ws-manger-mk2] Provide snapshot endpoint

* [ws-daemon] Handle snapshots

* [ws-manager-mk2] Harmonize imports

* [ws-manger-mk2] Set owner reference

* [installer] Install snapshot CRD

* [ws-manager-api] Fix descriptions

* [ws-manager-mk2] Review comments

- Name controller
- Return early in case of error
- Reduce scope of permissions
 2023-02-23 16:45:53 +01:00
Thomas Schubart
9490cc90f2 [installer] Fix content init 2023-01-23 14:14:30 +01:00
Christian Weichel
572fcbb008 [ws-daemon] Start workspace controller based content init 2023-01-23 14:14:30 +01:00
Manuel Alejandro de Brito Fontes
9e173ca7a4 Remove shiftfs module loader 2023-01-18 11:07:26 +01:00
Manuel Alejandro de Brito Fontes
82dde8af88 Remove disable kube health monitor 2023-01-17 12:57:25 +01:00
Thomas Schubart
0f555fb72a Set oom scores 2023-01-03 15:08:43 +01:00
utam0k
a7accce55d ws-daemon: Ensure that node-labeler always monitors the ws-daemon container 2022-12-12 04:00:21 -03:00
Thomas Schubart
06074b311b [content-service] Review Comments 
- Ensure all items are fetched
- Remove double init of client
- Specify region and credentials from config
- Remove insecure s3 test (deprecated)
 2022-12-09 10:29:19 -03:00
Thomas Schubart
c3a97c9ccb [installer] Configure S3 2022-12-09 10:29:19 -03:00
Christian Weichel
478a75e744 Switch license to AGPL 2022-12-08 13:05:19 -03:00
Tarun Pothulapati
c2eb0c15d1 [installer] manually set allowPrivilegeEscalation to false 
This PR manually sets the `allowPrivilegeEscalation` container
config to false where we don't need extra capabilities. This
is needed as not setting this explicitely could mean that
it could still be `true` based on other settings.

This also helps us future proof on any behaviour changes around
this.

Signed-off-by: Tarun Pothulapati <tarun@gitpod.io>
 2022-12-05 06:28:15 -03:00
Thomas Schubart
8c6141246c [installer] Make oom scores configurable 2022-11-10 14:43:40 +02:00
Thomas Schubart
0a3895649a [installer] Add enforce flag 2022-10-18 15:24:33 +02:00
Manuel Alejandro de Brito Fontes
def55ee7ba Add option to add authentication to Jaeger and custom tags 2022-10-11 13:51:26 +02:00
Simon Emms
90ee6fdc06 [installer]: set proxy server configuration in installer 2022-09-13 12:38:14 +02:00
Simon Emms
99c53cce9b [installer]: create config cluster shiftfs to detect shiftfs status 2022-09-12 21:17:14 +02:00
Thomas Schubart
95b6194816 [installer] Add netlimit to configmap 2022-08-26 14:23:11 +02:00
Thomas Schubart
43f85df67c [installer] Configuration for network limiting 2022-08-24 14:14:40 +02:00
Simon Emms
7cee528fb8 [installer]: conditionally remove podsecuritypolicies 2022-08-24 13:32:40 +02:00
Simon Emms
e6849ab09f Revert "[installer]: remove all references to pod security policies" 
This reverts commit 8063b1052a1fb8519869f4089abe4c7e0f8f1b5a.
 2022-08-23 20:42:39 +02:00
Manuel Alejandro de Brito Fontes
64b4d6fcf9 Fix typecheck errors 2022-08-23 08:18:39 +02:00
Simon Emms
8063b1052a [installer]: remove all references to pod security policies 2022-08-22 15:00:39 +02:00
Simon Emms
2fd3dd3586 [installer]: remove the custom labels from the selector labels 2022-08-09 04:16:53 -03:00
Thomas Schubart
e437e18680 [ws-daemon/manager] Use feature flag 2022-08-05 11:42:49 -03:00
Thomas Schubart
0571d40d16 [installer] Configure resource limits 2022-08-05 11:42:49 -03:00
Manuel Alejandro de Brito Fontes
afc5bb6880 [ws-daemon] Increase resources more real values 2022-08-01 16:46:45 -03:00
Manuel Alejandro de Brito Fontes
14095f470b Refactor configuration of localhost address, metric and debug ports 2022-07-23 11:19:18 -03:00
Manuel Alejandro de Brito Fontes
316b493057 Refactor ws-daemon and registry-facade postStart hook 2022-07-21 20:22:16 -03:00
Simon Emms
3aa56e64b4 [installer]: set secretTemplate for certs 
This allows them to be picked up by the KOTS support bundle
 2022-07-21 11:15:16 -03:00
Manuel Alejandro de Brito Fontes
8130107b0f [ws-daemon] Add support for limiting the number of processes in a workspace 2022-07-18 23:25:14 +02:00
Pavel Tumik
a8b550aee4 [installer] fix ws-daemon config 2022-07-08 01:02:54 +05:30
Simon Emms
8fad588e6b [installer]: add customization functions to components 2022-06-24 17:02:33 +05:30
Christian Weichel
67ce7d01a7 [ws-daemon] Use baseserver to run services 2022-05-30 20:23:49 +05:30