Expose Che server and workspaces through one single TCP port #4269
Conversation
Signed-off-by: Mario Loriedo <[email protected]>
l0rd
added
the
kind/enhancement
|
Can one of the admins verify this patch? |
l0rd
added
the
status/code-review
|
Can you point in issue description relation of this PR to mentioned issues. Some people might think that it fixes both issues whereas it is just related to it. Please re-phrase changelog to reflect then fact that it works with external reverse proxy (Openshift only or can be another one?). Can you elaborate on how to access terminals from 2 machines in single workspace with this notation? |
|
@l0rd - thank you for the contribution! Let's identify a plan for what we would like to have accomplished before we merge this PR. First, I have added a couple additional maintainers as reviewers for this issue. We'd like to make sure that any changes here are compatible with other custom assemblies, particularly Codenvy as well. Some items that I'd like to organize for this PR:
|
|
@TylerJewell |
|
@TylerJewell please note that this single port strategy is enabled only if property In other words this PR, as the rest of the OpenShift connector related PR, should not break anything and can be merged safely. And even if I agree with all your points this PR should not be blocked by these. We can merge it now (that will help us and won't break anything) and still continue improving it together via other PRs in the next weeks. |
|
for me the wording "single-port" is not obvious as it requires extra front-end tools to use that. It could be seen by end users as a property that can be used directly while it won't work directly. |
|
@l0rd - while the initiation of this was for openshift, it's a core evaluation strategy, so will only want to merge this into the system until we have provided for enhancements to the various utilities that will be affected by it - including diagnostic utility, CLI, configuration and docs. Otherwise, if we have a policy that we'll commit the core and then delay the other PRs, there is a chance that the other PRs are never completed. |
|
|
||
| return getExposedPortsToAddressPorts(externalAddress, containerInfo.getNetworkSettings().getPorts()); | ||
| protected String getCheExternalAddress(ContainerInfo containerInfo, String internalHost) { |
There was a problem hiding this comment.
Looks like it is external address of container in WS, not Che itself. Previous name of variable with this value was more precise.
| * Represents a server evaluation strategy for the configuration where the workspace server and workspace | ||
| * containers are running on the same Docker network and are exposed through the same single port. | ||
| * | ||
| * This server evaluation strategy will return a completed {@link ServerImpl} with internal addresses set |
There was a problem hiding this comment.
Can you elaborate on what completed {@link ServerImpl} means? I don't really understand, so probably I'm missing something.
| * This server evaluation strategy will return a completed {@link ServerImpl} with internal addresses set | ||
| * as {@link LocalDockerServerEvaluationStrategy} does. Contrarily external addresses will have the following format: | ||
| * | ||
| * serverName.workspaceID.cheExternalAddress (e.g. terminal.79rfwhqaztq2ru2k.che.local) |
There was a problem hiding this comment.
As I said in comment to the PR it's not clear how workspaces with multiple machines will work.
| @@ -61,10 +61,13 @@ | |||
| * @param internalAddress | |||
| * address passed into {@code getServers}; used as fallback if address cannot be | |||
| * retrieved from containerInfo. | |||
| * @param serverConfMap | |||
| * additional Map of {@link ServerConfImpl}. | |||
There was a problem hiding this comment.
It is unclear from javadocs why this additional map is needed. Please explain it in javadocs.
There was a problem hiding this comment.
While I agree more than 100% on the final goal, I find the implementation of the strategy too specific for a given product.
Let's say we use a different reverse proxy, we would need another pattern, etc
Could it be possible to name it instead of "single-port" something more generic ?
and instead of always using pattern
ref.workspace-id.che-address
to allow to pickup the pattern through a list of predefined properties
like in your case it could be
".."
but we could have
<che.protocol>://:/-
or any pattern built upon a set of properties
|
@garagatyi @benoitf @TylerJewell thanks for your review. I've opened a second PR (#4351) to merge that work in the openshift-connector branch as it is to get it tested/run by our CI. In the meantime I will push more commits on this PR to address your comments and to get that merged to master too. |
|
I am going to invite Florent to help us explore how we can get it ready for a master merge. It is a challenging exercise but one we have in our objectives for the year. |
|
We have merged that on openshift connector branch a long time ago. |
benoitf
removed
the
status/code-review
What does this PR do?
Add a new ServerEvaluationStrategy: SinglePortLocalDockerServerEvaluationStrategy.
This server strategy can be enabled adding
che.docker.server_evaluation_strategy=single-portin
che.properties.When the single-port strategy is enabled a workspace server address has the format
server-ref.workspace-id.che-addresslike for example:To use the single-port strategy a reverse proxy should be used. This PR comes with the changes needed to use OpenShift embedded reverse-proxy too.
What issues does this PR fix or reference?
#2847 #1560
Changelog
Release Notes
che.docker.server_evaluation_strategy=single-portin
che.properties.Docs PR
How to use single-port strategy with OpenShift embedded reverse proxy will described in the upcoming documentation to run Che with OpenShift.