Openshift connector improvements #5052
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Build # 2568 - FAILED Please check console output at https://ci.codenvycorp.com/job/che-pullrequests-build/2568/ to view the results. |
sunix
force-pushed
the
openshift-connector-rebased
branch
9 times, most recently
from
e75f860 to
7482a09
Compare
|
Build # 2616 - FAILED Please check console output at https://ci.codenvycorp.com/job/che-pullrequests-build/2616/ to view the results. |
benoitf
reviewed
May 18, 2017
pom.xml
Outdated
| @@ -32,7 +32,7 @@ | |||
| <module>plugins</module> | |||
| <module>ide/che-ide-core</module> | |||
| <module>samples</module> | |||
| <module>dashboard</module> | |||
| <!--<module>dashboard</module>--> | |||
benoitf
reviewed
May 18, 2017
pom.xml
Outdated
| @@ -520,7 +520,7 @@ | |||
| <dependency> | |||
| <groupId>org.eclipse.che.dashboard</groupId> | |||
| <artifactId>che-dashboard-war</artifactId> | |||
| <version>${che.version}</version> | |||
| <version>5.0.0</version> | |||
sunix
force-pushed
the
openshift-connector-rebased
branch
2 times, most recently
from
463703a to
b769fd9
Compare
|
Build # 2632 - FAILED Please check console output at https://ci.codenvycorp.com/job/che-pullrequests-build/2632/ to view the results. |
benoitf
reviewed
May 29, 2017
| @@ -13,7 +13,7 @@ unset PACKAGES | |||
| unset SUDO | |||
| command -v tar >/dev/null 2>&1 || { PACKAGES=${PACKAGES}" tar"; } | |||
| command -v curl >/dev/null 2>&1 || { PACKAGES=${PACKAGES}" curl"; } | |||
| test "$(id -u)" = 0 || SUDO="sudo -E" | |||
| test "$(id -u)" = 0 || test -f ${HOME}/is_arbitrary_user || SUDO="sudo -E" | |||
There was a problem hiding this comment.
can we have more details about this test ?
commit message being : "Modifications to the shell scripts that bootstrap the servers"
There was a problem hiding this comment.
For security reasons, by default, a container in OpenShift is run by an arbitrary user. An arbitrary user is a user with a random UID (and not a sudoer in the container).
We use this trick to be able to run a *scripts.sh even if the user is an arbitrary user.
File ${HOME}/is_arbitrary_user is added using the following mechanism: https://github.com/redhat-developer/che-dockerfiles/blob/master/recipes/centos_jdk8/entrypoint.sh#L30
There was a problem hiding this comment.
could we check instead if sudo access is granted or not ?
https://superuser.com/questions/195781/sudo-is-there-a-command-to-check-if-i-have-sudo-and-or-how-much-time-is-left (so we don't need special trick in images. We can use any existing images)
There was a problem hiding this comment.
Yes of course that's what we've tried first. It did not work so we added this file to be able to skip sudo.
And to use existing images we would still need more work too. That's because in case of arbitrary user we need to modify /etc/passwd/ and /etc/group as soon as the container is started https://github.com/redhat-developer/che-dockerfiles/blob/master/recipes/centos_jdk8/entrypoint.sh#L16.
There was a problem hiding this comment.
if I exclude these ones from the PR, would this PR be mergeable ? @skabashnyuk @benoitf @garagatyi
There was a problem hiding this comment.
yes, removing that part would be better for this PR
benoitf
reviewed
May 29, 2017
| @@ -212,9 +212,14 @@ che.docker.ip.external=NULL | |||
| # - 'docker-local': internal address is address of container within docker network, and exposed ports | |||
| # are used. | |||
| # - 'custom': The evaluation strategy may be customized through a template property. | |||
| # - 'single-port': internal address is set as in docker-local strategy, external address is composed | |||
There was a problem hiding this comment.
I think the single port could reuse the custom strategy as the expression "serverName-workspaceID-cheExternalAddress" can be addressed by using the template <serverName>-<workspaceId>-< externalAddresss>
There was a problem hiding this comment.
so, AFAIK there is no need to introduce a new "hardcoded" strategy, the strategy based upon templating should provide the expected result
There was a problem hiding this comment.
Agreed. When we introduced the single port strategy the custom strategy wasn't implemented yet. And since then we haven't had the chance to rework it yet. But that's the direction we need to take.
There was a problem hiding this comment.
@benoitf is it ok with @davidfestal 's #5110
There was a problem hiding this comment.
This is fixed in PR #5456. But it has not been merged to openshift-connector-rebased for now.
There was a problem hiding this comment.
#5110 was a first step to the final fix.
benoitf
reviewed
May 29, 2017
| import com.google.inject.Inject; | ||
|
|
||
| @Singleton | ||
| public class ServerIdleDetector implements EventSubscriber<WorkspaceStatusEvent> { |
There was a problem hiding this comment.
there is missing a lot of javadoc/comments
benoitf
reviewed
May 29, 2017
| if (timeout > 0) { | ||
| this.executor = Executors.newSingleThreadScheduledExecutor(); | ||
| this.future = executor.schedule(this::run, timeout, TimeUnit.MILLISECONDS); | ||
| LOG.info("Idling che server scheduled [timeout=" + timeout/1000 + " seconds]"); |
There was a problem hiding this comment.
I'm not sure it requires INFO level and we should probably avoid string concatenation there
benoitf
reviewed
May 29, 2017
| import org.slf4j.LoggerFactory; | ||
|
|
||
| @Singleton | ||
| public class WorkspaceIdleFilter implements Filter { |
There was a problem hiding this comment.
I don't see unit tests for this class.
benoitf
reviewed
May 29, 2017
| * @author amisevsk | ||
| */ | ||
| @Singleton | ||
| public class OpenShiftWorkspaceFilesCleaner implements WorkspaceFilesCleaner { |
benoitf
reviewed
May 29, 2017
| .withVolumes(volume) | ||
| .withRestartPolicy("Never") | ||
| .endSpec() | ||
| .build(); |
There was a problem hiding this comment.
the indent is looking strange
Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com>
…om strategy as the basis of other strategies (#5366) * Pull-up the local docker port management (use exposed ports) Signed-off-by: David Festal <dfestal@redhat.com> * Make all the strategies extend `CustomEvaluationStrategy` Signed-off-by: David Festal <dfestal@redhat.com> * Add a `workspaceIdWithoutPrefix` macro and use it for `single-port` This macro is based on the `workspaceId` macro, but without the `workspace` prefix. Signed-off-by: David Festal <dfestal@redhat.com> * Add the `isDevMachine` to allow conditions in the ST template. This is required to allow the `single-port` strategy to have a different url according to the type of machine. (see the work done for CHE-175 : Support multi-container workspaces on OpenShift) Signed-off-by: David Festal <dfestal@redhat.com> * Small fixes after comments from @fbenoit Signed-off-by: David Festal <dfestal@redhat.com> * Fix unnecessary space pointed out by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Remove unnecessary `else` as suggested by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Keep the method signatures compatible with the `condenvy` strategy Signed-off-by: David Festal <dfestal@redhat.com> * Align names of parameters of constructors (requested by @garagatyi) Signed-off-by: David Festal <dfestal@redhat.com> * Add a default implementation to avoid breaking the Codenvy build Signed-off-by: David Festal <dfestal@redhat.com> * Also rename the attributes Signed-off-by: David Festal <dfestal@redhat.com> * Use a constant for the `workspace` prefix string Signed-off-by: David Festal <dfestal@redhat.com> * Fix formatting as requested by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Use a constant for the `isDevMachine` macro name Signed-off-by: David Festal <dfestal@redhat.com> * Add unit tests for `workspaceIdWithoutPrefixè and `isDevMachine` macros Signed-off-by: David Festal <dfestal@redhat.com> * Another requested formatting fix Signed-off-by: David Festal <dfestal@redhat.com> * Make new tests clearer Signed-off-by: David Festal <dfestal@redhat.com> * yet another formatting request Signed-off-by: David Festal <dfestal@redhat.com> * Respect the original order of imports Signed-off-by: David Festal <dfestal@redhat.com> * remove unnecessary `toString()` Signed-off-by: David Festal <dfestal@redhat.com> * use a lowercase `S` in the `server-` prefix Signed-off-by: David Festal <dfestal@redhat.com>
* Fix 2 NPE that prevented using *non-dev* additional machines In the context of https://issues.jboss.org/browse/CHE-175 Signed-off-by: David Festal <dfestal@redhat.com> * Name openshift resources based on the machine name for non-dev machines This fixes https://issues.jboss.org/browse/CHE-259 and https://issues.jboss.org/browse/CHE-258 Signed-off-by: David Festal <dfestal@redhat.com>
... by: - adding the new `CHE_IS_DEV_MACHINE` env variable in tests - pulling up all the `CustomServerEvaluationStrategy` features in an abstract `BaseServerEvaluationStrategy` (which all other Che strategies extend) and have the `CustomServerEvaluationStrategy` class simply extend this `BaseServerEvaluationStrategy`. Signed-off-by: David Festal <dfestal@redhat.com>
... by correctly using the boolean attribute to manage the new use-case introduced by @fbenoit in master. Signed-off-by: David Festal <dfestal@redhat.com>
10 tasks
sunix
force-pushed
the
openshift-connector-rebased
branch
from
e8a79a6 to
715e5d5
Compare
|
Build success. https://ci.codenvycorp.com/job/che-pullrequests-build/2953/ |
This fixes redhat-developer/rh-che#113 Signed-off-by: David Festal <dfestal@redhat.com>
|
Build # 2962 - FAILED Please check console output at https://ci.codenvycorp.com/job/che-pullrequests-build/2962/ to view the results. |
|
@snjeza @benoitf @l0rd @davidfestal @skabashnyuk @garagatyi @amisevsk |
|
ci-build |
|
Build success. https://ci.codenvycorp.com/job/che-pullrequests-build/2968/ |
benoitf
approved these changes
Jul 4, 2017
l0rd
approved these changes
Jul 4, 2017
There was a problem hiding this comment.
LGTM but please double check that these changes are needed EnvironmentDeserializerTest.java and CommandDeserializerTest.java. Cf #5291 vs fba68ea
|
@sunix ok thanks for the explanation |
benoitf
added
kind/task
garagatyi
approved these changes
Jul 4, 2017
|
Adding @slemeur if some stuff is required on documentation as the code review seems to be ok |
slemeur
approved these changes
Jul 4, 2017
JPinkney
pushed a commit
to JPinkney/che
that referenced
this pull request
Aug 17, 2017
* CHE-4141 - Use Persistent Volumes Claims when creating workspaces Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com> * Implement getContainerLogs method in OpenShiftConnector Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com> * Implement createExec() and startExec() in OpenShiftConnector Add implementations of createExec() and startExec(). Since OpenShift does not separate the create and start steps, a holder class KubernetesExecHolder is necessary, to pass information between the call to createExec() (which just saves relevant information) and startExec(). Additionally, adds KubernetesOutputAdapter, which parses the output from OpenShift into LogMessages that can be handled by Che's MessageProcessor<LogMessage> class. Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Add implementation of getEvents() to avoid busy wait Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Update Dockerfile to avoid permissions issues Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * Che server and workpaces exposed on the same single TCP port (eclipse-che#4351) Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * Disabling usage of user account service in openshift-connector Signed-off-by: Sun Seng David Tan <sutan@redhat.com> * Update Docker Compose tests to fix test failure Updating to Jackson 2.7.7 causes tests in the docker compose plugin to fail. This is due to the fact that the tests expect empty values in dictionaries to be parsed as the empty string, whereas jackson 2.7.7 parses them as null (as specified by the yaml spec). Modifies the affected tests to explicitly use an empty string (i.e. "") instead of an empty value. Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Find an alternative to subPath in volumeMount Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com> * Setting rwx permissions for all on /data/ in case it's not mounted Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * Add support for resource limits when running on Openshift Add resource limits to workspace Pods when running on OpenShift. The memory limit is normally obtained from the API request to create the workspace, however it can be overridden via the property `che.openshift.workspace.memory.override`. The cpu limit used is determined by the property `che.openshift.workspace.cpu.limit`. In both cases, the value of the property is passed directly to OpenShift, so any valid quantity is acceptable (e.g. 150Mi, 1Gi, 1024, etc). Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Fix dockerImageConfig is null (since v1.5 of OpenShift API) Signed-off-by: Sun Seng David Tan <sutan@redhat.com> * Add Nullable annotation to che.docker.ip.external The property che.docker.ip.external can be null, but OpenShiftConnector does not include the annotation. This prevents Che from initialising if e.g. running on docker without the property set. Signed-off-by: Angel Misevski <amisevsk@redhat.com> * CHE-158 Adding TLS support for Workspace routes Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com> * Adding property to set requests for RAM Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * CHE-158 Using '-' instead of '.' for generating OpenShift route Urls Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com> * Fixing tests after changing Url generation logic Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com> * Redirect insecure HTTP requests to TLS endpoint Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * CHE-180: Creating and closing OpenShiftClient in every method of OpenshiftConnector Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com> * Update route naming to make it work on OSO Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * Rework PVC management on OpenShift - Change how subdirectories are created in pods to use a short, terminating job instead of a full deployment - Add OpenShiftWorkspaceFilesCleaner class to properly notice workspace deleted events - Add helper class to manage job pods. For creation, some effort is made to avoid attempting to create workspaces unnecessarily, but only exists in-memory - Workspace deletions are batched together so that removing workspaces directories can be done when server is idled, avoiding unnecessary PVC mounts - Add two new properties: che.openshift.jobs.image and che.openshift.jobs.memorylimit, which are used by OpenShiftPvcHelper to set up pods Current issues: - Since workspace directories are not deleted immediately, attempting to re-create a workspace with the same name will result in the previous instance's project to already be there. This should have a minor impact. - Memory for which workspace dirs have been created is not persisted, resulting in potentially unnecessary jobs - Openshift workspace files cleaner is included by overwriting binding in WsMasterModule instead of using a provider. This could be better, but OpenShift integration may be reaching a point where a custom module is a better solution. Signed-off-by: Angel Misevski <amisevsk@redhat.com> Signed-off-by: Sun Seng David Tan <sutan@redhat.com> * Delete ReplicaSets explicitly when shutting down a workspace Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Fix OpenShiftConnectorTest Signed-off-by: Mario Loriedo <mloriedo@redhat.com> * Fix route server names if unknown should start with server-. https://issues.jboss.org/browse/CHE-230 Signed-off-by: Sun Seng David Tan <sutan@redhat.com> * Add property to control manual workspace dir creation in OpenShift Add property 'che.openshift.precreate.workspace.dirs'. If property is true, OpenShiftConnector will run a pod before launching workspaces to create a subpath in the workspace's persistent volume with correct permissions. If the property is false, this step is skipped. This is necessary as in older versions of OpenShift/Kubernetes, subpaths created as part of a volume mount are created with root permissions, and so cannot be modified by workspace pods. More recent versions fix this, creating subpath volumes with correct permissions, making the step above unnecessary. Signed-off-by: Angel Misevski <amisevsk@redhat.com> * CHE-102 - Idle detection of che-server and workspaces Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com> * Add and modify tests for OpenShift helper classes Add tests for the untested classes in openshift.client.kuberentes, and update existing tests where necessary. Signed-off-by: Angel Misevski <amisevsk@redhat.com> * Recent changes required access to `/` which is impossible under OS Signed-off-by: David Festal <dfestal@redhat.com> * adapt che-server entrypoint.sh to environments without write permissions in '/' (eclipse-che#5344) * adapt che-server entrypoint.sh to environments without write permissions in '/' * CHE-280: Adding container's state info to the 'inspectContainer' API Signed-off-by: Ilya Buziuk <ibuziuk@redhat.com> * Factorize code of `ServerEvaluationStrategy` classes, to use the Custom strategy as the basis of other strategies (eclipse-che#5366) * Pull-up the local docker port management (use exposed ports) Signed-off-by: David Festal <dfestal@redhat.com> * Make all the strategies extend `CustomEvaluationStrategy` Signed-off-by: David Festal <dfestal@redhat.com> * Add a `workspaceIdWithoutPrefix` macro and use it for `single-port` This macro is based on the `workspaceId` macro, but without the `workspace` prefix. Signed-off-by: David Festal <dfestal@redhat.com> * Add the `isDevMachine` to allow conditions in the ST template. This is required to allow the `single-port` strategy to have a different url according to the type of machine. (see the work done for CHE-175 : Support multi-container workspaces on OpenShift) Signed-off-by: David Festal <dfestal@redhat.com> * Small fixes after comments from @fbenoit Signed-off-by: David Festal <dfestal@redhat.com> * Fix unnecessary space pointed out by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Remove unnecessary `else` as suggested by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Keep the method signatures compatible with the `condenvy` strategy Signed-off-by: David Festal <dfestal@redhat.com> * Align names of parameters of constructors (requested by @garagatyi) Signed-off-by: David Festal <dfestal@redhat.com> * Add a default implementation to avoid breaking the Codenvy build Signed-off-by: David Festal <dfestal@redhat.com> * Also rename the attributes Signed-off-by: David Festal <dfestal@redhat.com> * Use a constant for the `workspace` prefix string Signed-off-by: David Festal <dfestal@redhat.com> * Fix formatting as requested by @sunix Signed-off-by: David Festal <dfestal@redhat.com> * Use a constant for the `isDevMachine` macro name Signed-off-by: David Festal <dfestal@redhat.com> * Add unit tests for `workspaceIdWithoutPrefixè and `isDevMachine` macros Signed-off-by: David Festal <dfestal@redhat.com> * Another requested formatting fix Signed-off-by: David Festal <dfestal@redhat.com> * Make new tests clearer Signed-off-by: David Festal <dfestal@redhat.com> * yet another formatting request Signed-off-by: David Festal <dfestal@redhat.com> * Respect the original order of imports Signed-off-by: David Festal <dfestal@redhat.com> * remove unnecessary `toString()` Signed-off-by: David Festal <dfestal@redhat.com> * use a lowercase `S` in the `server-` prefix Signed-off-by: David Festal <dfestal@redhat.com> * Multi-container workspace Support (eclipse-che#5110) * Fix 2 NPE that prevented using *non-dev* additional machines In the context of https://issues.jboss.org/browse/CHE-175 Signed-off-by: David Festal <dfestal@redhat.com> * Name openshift resources based on the machine name for non-dev machines This fixes https://issues.jboss.org/browse/CHE-259 and https://issues.jboss.org/browse/CHE-258 Signed-off-by: David Festal <dfestal@redhat.com> * Fix failing Traeffik tests... ... by: - adding the new `CHE_IS_DEV_MACHINE` env variable in tests - pulling up all the `CustomServerEvaluationStrategy` features in an abstract `BaseServerEvaluationStrategy` (which all other Che strategies extend) and have the `CustomServerEvaluationStrategy` class simply extend this `BaseServerEvaluationStrategy`. Signed-off-by: David Festal <dfestal@redhat.com> * Fix tests in the LocalDockerEvaluationStrategy... ... by correctly using the boolean attribute to manage the new use-case introduced by @fbenoit in master. Signed-off-by: David Festal <dfestal@redhat.com> * Replace OSIO-specific `single-port` strategy by `docker-local-custom` This fixes redhat-developer/rh-che#113 Signed-off-by: David Festal <dfestal@redhat.com>
benoitf
removed
the
status/code-review
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What does this PR do?
Contains improvements of the openshift-connector that were in the openshift-connector branch and that we concider as "mergeable"
What issues does this PR fix or reference?
Changelog
Openshift connector improvements
Release Notes
Openshift connector improvements
Docs PR