Skip to content

Commit

Permalink
Removed mentions of namespace strategies other than per-user (#1983)
Browse files Browse the repository at this point in the history
* Removed mentions of namespace strategies other than per-user

* fixup! Removed mentions of namespace strategies other than per-user

Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>

* fixup! Merge remote-tracking branch 'origin/che19536' into che19536

Signed-off-by: Sergii Kabashniuk <skabashniuk@redhat.com>

Co-authored-by: Fabrice Flore-Thébault <ffloreth@redhat.com>
  • Loading branch information
skabashnyuk and themr0c authored May 12, 2021
1 parent 876640f commit 72aafed
Show file tree
Hide file tree
Showing 4 changed files with 8 additions and 96 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,6 @@
Property: Description
airGapContainerRegistryHostname: Optional host name, or URL, to an alternate container registry to pull images from. This value overrides the container registry host name defined in all the default container images involved in a {prod-short} deployment. This is particularly useful to install {prod-short} in a restricted environment.
airGapContainerRegistryOrganization: Optional repository name of an alternate container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a {prod-short} deployment. This is particularly useful to install {prod-short} in a restricted environment.
allowUserDefinedWorkspaceNamespaces: Defines that a user is allowed to specify a {platforms-namespace}, which differs from the default. It's NOT RECOMMENDED to set to `true` without OpenShift OAuth configured. The OpenShift infrastructure also uses this property.
cheClusterRoles: A comma-separated list of ClusterRoles that will be assigned to {prod-short} ServiceAccount. Be aware that the {prod-short} Operator has to already have all permissions in these ClusterRoles to grant them.
cheDebug: Enables the debug mode for {prod-short} server. Defaults to `false`.
cheFlavor: Specifies a variation of the installation. The options are `che` for upstream {prod-short} installations, or `codeready` for link\:https\://developers.redhat.com/products/codeready-workspaces/overview[CodeReady Workspaces] installation. Override the default value only on necessary occasions.
Expand Down Expand Up @@ -59,7 +58,7 @@ singleHostGatewayConfigSidecarImage: The image used for the gateway sidecar that
singleHostGatewayImage: The image used for the gateway in the single host mode. Omit it or leave it empty to use the default container image provided by the Operator.
tlsSupport: Deprecated. Instructs the Operator to deploy {prod-short} in TLS mode. This is enabled by default. Disabling TLS sometimes cause malfunction of some {prod-short} components.
useInternalClusterSVCNames: Use internal cluster SVC names to communicate between components to speed up the traffic and avoid proxy issues. The default value is `true`.
workspaceNamespaceDefault: Defines default {platforms-namespace} in which user's workspaces are created for a case when a user does not override it. It's possible to use `<username>`, `<userid>` and `<workspaceid>` placeholders, such as `che-workspace-<username>`. In that case, a new {platforms-namespace} will be created for each user or workspace.
workspaceNamespaceDefault: Defines {platforms-namespace} in which user's workspaces are created. It's possible to use `<username>`, `<userid>` placeholders, such as `che-workspace-<username>`. In that case, a new {platforms-namespace} will be created for each user.
:===

[id="checluster-custom-resource-database-settings_{context}"]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[id="configuring-namespace-strategies"]
// = Configuring namespace strategies
:navtitle: Configuring namespace strategies
:keywords: installation-guide, configuring-namespace-strategies
:page-aliases: .:configuring-namespace-strategies
:navtitle: Configuring workspace target {orch-namespace}
:keywords: installation-guide, configuring-namespace
:page-aliases: .:Configuring workspace target {orch-namespace}

include::partial$proc_configuring-namespace-strategies.adoc[]
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@

[id="configuring-namespace-strategies_{context}"]
= Configuring {orch-namespace} strategies
= Configuring workspace target {orch-namespace}

The {platforms-namespace} where a new workspace Pod is deployed depends on the {prod-short} server configuration. By default, every workspace is deployed in a distinct {platforms-namespace}, but the user can configure the {prod-short} server to deploy all workspaces in one specific {platforms-namespace}. The name of a {platforms-namespace} must be provided as a {prod-short} server configuration property and cannot be changed at runtime.
The {platforms-namespace} where a new workspace Pod is deployed depends on the {prod-short} server configuration. By default, every workspace is deployed in an individual {orch-namespace} per user. The name of a {platforms-namespace} must be provided as a {prod-short} server configuration property or pre-created by {prod-short} administrator.

ifeval::["{project-context}" == "che"]
NOTE: The term _{orch-namespace}_ ({kubernetes}) is used interchangeably with _project_ (OpenShift).
Expand Down Expand Up @@ -44,12 +44,8 @@ endif::[]

NOTE: The underlying environment variable that {prod-short} server uses is `CHE_INFRA_KUBERNETES_NAMESPACE_DEFAULT`.

WARNING: `CHE_INFRA_KUBERNETES_NAMESPACE` and `CHE_INFRA_OPENSHIFT_PROJECT` are legacy variables. Keep these variables unset for a new installations. Changing these variables during an update can lead to data loss.

WARNING: By default, only one workspace in the same {orch-namespace} can be running at one time. See xref:running-more-than-one-workspace-at-a-time.adoc[].

WARNING: The {orch-namespace} strategies other than per user are deprecated and are subject to removal.

[WARNING]
====
{kubernetes} limits the length of a {orch-namespace} name to 63 characters (this includes the evaluated placeholders). Additionally, the names (after placeholder evaluation) must be valid DNS names.
Expand All @@ -67,7 +63,7 @@ Use <<pre-creating-namespace>> when:
pass:[<!-- vale Vale.Terms = NO -->]
* OpenShift OAuth with a `self-provisioner` cluster role is not linked to the`system:authenticated:oauth` group
* OpenShift OAuth with a `self-provisioner` cluster role is not linked to the `system:authenticated:oauth` group
pass:[<!-- vale Vale.Terms = YES -->]
Expand Down Expand Up @@ -103,89 +99,6 @@ $ helm ... --set global.cheWorkspacesNamespace=__{prod-workspace}__-__<username>
endif::[]
====

== One {orch-namespace} per workspace strategy

The strategy creates a new {orch-namespace} for each new workspace.

To use the strategy, set the _{prod-short} workspace {orch-namespace} configuration_ value to contain the `_<workspaceID>_` identifier. It can be used alone or combined with other identifiers or any string.

.One {orch-namespace} per workspace
====
To assign {orch-namespace} names composed of a __`{prod-workspace}`__ prefix and workspace id, set:
*Operator installer (CheCluster CustomResource)*
[subs="+quotes,+attributes"]
----
...
spec:
server:
workspaceNamespaceDefault: __{prod-workspace}__-__<workspaceID>__
...
----
ifeval::["{project-context}" == "che"]
*Helm*
[subs="+quotes,+attributes"]
----
$ helm ... --set global.cheWorkspacesNamespace=__{prod-workspace}__-__<workspaceID>__
----
endif::[]
====
WARNING: This strategy is deprecated and is subject to removal.

== One {orch-namespace} for all workspaces strategy

The strategy uses one predefined {orch-namespace} for all workspaces.

To use the strategy, set the _{prod-short} workspace {orch-namespace} configuration_ value to the name of the desired {orch-namespace} to use.

.One {orch-namespace} for all workspaces
====
To have all workspaces created in __`{prod-workspace}`__ {orch-namespace}, set:
*Operator installer (CheCluster CustomResource)*
[subs="+quotes,+attributes"]
----
...
spec:
server:
workspaceNamespaceDefault: __{prod-workspace}__
...
----
ifeval::["{project-context}" == "che"]
*Helm*
[subs="+quotes,+attributes"]
----
$ helm ... --set global.cheWorkspacesNamespace=__{prod-workspace}__
----
endif::[]
====
WARNING: This strategy is deprecated and is subject to removal.

== Allowing user-defined workspace {orch-namespace}s

{prod-short} server can be configured to honor the user selection of a {orch-namespace} when a workspace is created. This feature is disabled by default. To allow user-defined workspace {orch-namespace}s:

ifeval::["{project-context}" == "che"]
* For Helm Chart deployments, set the following environment variable in the {prod-short} ConfigMap:
+
[subs="+quotes,macros"]
----
pass:[CHE_INFRA_KUBERNETES_NAMESPACE_ALLOW__USER__DEFINED]=true
----
endif::[]

* For Operator deployments, set the following field in the CheCluster Custom Resource:
+
----
...
server:
allowUserDefinedWorkspaceNamespaces: true
...
----
WARNING: This parameter is deprecated and is subject to removal.

== Handling incompatible usernames or user IDs

{prod-short} server automatically checks usernames and IDs for compatibility with {orch-name} objects naming convention before creating a {orch-namespace} from a template.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ metadata:
spec:
server:
# ...
workspaceNamespaceDefault: 'che'
workspaceNamespaceDefault: __{prod-workspace}__-__<username>__
# ...
storage:
# ...
Expand Down

0 comments on commit 72aafed

Please sign in to comment.