diff --git a/modules/administration-guide/pages/viewing-kubernetes-events.adoc b/modules/administration-guide/pages/viewing-kubernetes-events.adoc index 499a5f9d26..1230afd7e9 100644 --- a/modules/administration-guide/pages/viewing-kubernetes-events.adoc +++ b/modules/administration-guide/pages/viewing-kubernetes-events.adoc @@ -1,6 +1,6 @@ [id="viewing-kubernetes-events"] -// = Accessing Kubernetes events on OpenShift -:navtitle: Accessing Kubernetes events on OpenShift +// = Accessing {kubernetes} events on OpenShift +:navtitle: Accessing {kubernetes} events on OpenShift :keywords: administration-guide, viewing-kubernetes-events :page-aliases: .:viewing-kubernetes-events diff --git a/modules/administration-guide/partials/con_authorization-and-user-management.adoc b/modules/administration-guide/partials/con_authorization-and-user-management.adoc index 65a61d8b53..bc171d962c 100644 --- a/modules/administration-guide/partials/con_authorization-and-user-management.adoc +++ b/modules/administration-guide/partials/con_authorization-and-user-management.adoc @@ -12,7 +12,7 @@ The default {identity-provider} credentials are `admin:admin`. You can use the ` .Identifying the {identity-provider} URL ifeval::["{project-context}" == "che"] -{prod-short} running on Kubernetes:: +{prod-short} running on {kubernetes}:: Go to `+$CHE_HOST:5050/auth+`. {prod-short} is running on OpenShift:: diff --git a/modules/administration-guide/partials/con_che-workspaces-architecture.adoc b/modules/administration-guide/partials/con_che-workspaces-architecture.adoc index 006f82c801..f53b00b192 100644 --- a/modules/administration-guide/partials/con_che-workspaces-architecture.adoc +++ b/modules/administration-guide/partials/con_che-workspaces-architecture.adoc @@ -10,7 +10,7 @@ A {prod-short} deployment on the cluster consists of the {prod-short} server com * secrets * PVs -The {prod-short} workspace is a web application. It is composed of microservices running in containers that provide all the services of a modern IDE such as an editor, language auto-completion, and debugging tools. The IDE services are deployed with the development tools, packaged in containers and user runtime applications, which are defined as {platforms-name} resources. +The {prod-short} workspace is a web application. It is composed of microservices running in containers that provide all the services of a modern IDE such as an editor, language auto-completion, and debugging tools. The IDE services are deployed with the development tools, packaged in containers and user runtime applications, which are defined as {orch-name} resources. The source code of the projects of a {prod-short} workspace is persisted in a {platforms-name} `PersistentVolume`. Microservices run in containers that have read-write access to the source code (IDE services, development tools), and runtime applications have read-write access to this shared directory. diff --git a/modules/end-user-guide/pages/importing-kubernetes-applications-into-a-workspace.adoc b/modules/end-user-guide/pages/importing-kubernetes-applications-into-a-workspace.adoc index 77f9b81535..e493b570b0 100644 --- a/modules/end-user-guide/pages/importing-kubernetes-applications-into-a-workspace.adoc +++ b/modules/end-user-guide/pages/importing-kubernetes-applications-into-a-workspace.adoc @@ -1,6 +1,6 @@ [id="importing-kubernetes-applications-into-a-workspace"] -// = Importing a Kubernetes application into a workspace -:navtitle: Importing Kubernetes applications into a workspace +// = Importing a {orch-name} application into a workspace +:navtitle: Importing {orch-name} applications into a workspace :keywords: end-user-guide, importing-kubernetes-applications-into-a-workspace :page-aliases: .:importing-kubernetes-applications-into-a-workspace diff --git a/modules/end-user-guide/partials/proc_che-including-kubernetes-applications-in-a-workspace-devfile-definition.adoc b/modules/end-user-guide/partials/proc_che-including-kubernetes-applications-in-a-workspace-devfile-definition.adoc index eb7b38d04d..fcbee79315 100644 --- a/modules/end-user-guide/partials/proc_che-including-kubernetes-applications-in-a-workspace-devfile-definition.adoc +++ b/modules/end-user-guide/partials/proc_che-including-kubernetes-applications-in-a-workspace-devfile-definition.adoc @@ -30,7 +30,7 @@ metadata: + <1> Only the name `minimal-workspace` is specified. After the {prod-short} server processes this devfile, the devfile is converted to a minimal {prod-short} workspace that only has the default editor (Che-Theia) and the default editor plug-ins, including, for example, the terminal. -. To add {orch-name} applications to a workspace, modify the devfile and add the `Kubernetes` component type. +. To add {orch-name} applications to a workspace, modify the devfile and add the `{kubernetes}` component type. + For example, to embed the NodeJS-Mongo application in the `minimal-workspace`: + diff --git a/modules/end-user-guide/partials/proc_mounting-a-secret-as-an-environment-variable-into-a-workspace-container.adoc b/modules/end-user-guide/partials/proc_mounting-a-secret-as-an-environment-variable-into-a-workspace-container.adoc index f699280fa7..da00e8b385 100644 --- a/modules/end-user-guide/partials/proc_mounting-a-secret-as-an-environment-variable-into-a-workspace-container.adoc +++ b/modules/end-user-guide/partials/proc_mounting-a-secret-as-an-environment-variable-into-a-workspace-container.adoc @@ -13,7 +13,7 @@ The following section describes how to mount a {platforms-name} secret from the .Procedure -. In the Kubernetes {orch-namespace} where a {prod-short} workspace will be created, generate a new {platforms-name} secret . +. In the {platforms-namespace} where a {prod-short} workspace will be created, generate a new {platforms-name} secret. * The labels of the secret that is about to be generated must match the set of labels configured in `che.workspace.provision.secret.labels` property of {prod-short}. By default, it is a set of two labels: + diff --git a/modules/installation-guide/examples/checluster-properties.adoc b/modules/installation-guide/examples/checluster-properties.adoc index ec8d4a96df..febf52d988 100644 --- a/modules/installation-guide/examples/checluster-properties.adoc +++ b/modules/installation-guide/examples/checluster-properties.adoc @@ -127,7 +127,7 @@ workspacePVCStorageClassName: Storage class for the Persistent Volume Claims ded :=== Property: Description ingressClass: Ingress class that will define the which controller will manage ingresses. Defaults to `nginx`. NB\: This drives the `kubernetes.io/ingress.class` annotation on Che-related ingresses. -ingressDomain: Global ingress domain for a Kubernetes cluster. This MUST be explicitly specified\: there are no defaults. +ingressDomain: Global ingress domain for a {kubernetes} cluster. This MUST be explicitly specified\: there are no defaults. ingressStrategy: Strategy for ingress creation. Options are\: `multi-host` (host is explicitly provided in ingress), `single-host` (host is provided, path-based rules) and `default-host` (no host is provided, path-based rules). Defaults to `multi-host` Deprecated in favor of `serverExposureStrategy` in the `server` section, which defines this regardless of the cluster type. When both are defined, the `serverExposureStrategy` option takes precedence. securityContextFsGroup: The FSGroup in which the {prod-short} Pod and workspace Pods containers runs in. Default value is `1724`. securityContextRunAsUser: ID of the user the {prod-short} Pod and workspace Pods containers run as. Default value is `1724`. @@ -166,3 +166,4 @@ reason: A brief CamelCase message indicating details about why the Pod is in thi :=== + diff --git a/modules/installation-guide/examples/system-variables.adoc b/modules/installation-guide/examples/system-variables.adoc index 29a81b363d..958137464f 100644 --- a/modules/installation-guide/examples/system-variables.adoc +++ b/modules/installation-guide/examples/system-variables.adoc @@ -12,7 +12,7 @@ pass:[] `+CHE_API_INTERNAL+`,"`+http://${CHE_HOST}:${CHE_PORT}/api+`","API service internal network url. Back-end services should initiate REST communications to {prod-short} server with this URL" `+CHE_WEBSOCKET_ENDPOINT+`,"`+ws://${CHE_HOST}:${CHE_PORT}/api/websocket+`","{prod-short} websocket major endpoint. Provides basic communication endpoint for major websocket interactions and messaging." `+CHE_WORKSPACE_PROJECTS_STORAGE+`,"`+/projects+`","Your projects are synchronized from the {prod-short} server into the machine running each workspace. This is the directory in the machine where your projects are placed." - `+CHE_WORKSPACE_PROJECTS_STORAGE_DEFAULT_SIZE+`,"`+1Gi+`","Used when Kubernetes or OpenShift-type components in a devfile request project PVC creation (Applied in case of 'unique' and 'per workspace' PVC strategy. In case of the 'common' PVC strategy, it is rewritten with the value of the `che.infra.kubernetes.pvc.quantity` property.)" + `+CHE_WORKSPACE_PROJECTS_STORAGE_DEFAULT_SIZE+`,"`+1Gi+`","Used when {orch-name}-type components in a devfile request project PVC creation (Applied in case of 'unique' and 'per workspace' PVC strategy. In case of the 'common' PVC strategy, it is rewritten with the value of the `che.infra.kubernetes.pvc.quantity` property.)" `+CHE_WORKSPACE_LOGS_ROOT__DIR+`,"`+/workspace_logs+`","Defines the directory inside the machine where all the workspace logs are placed. Provide this value into the machine, for example, as an environment variable. This is to ensure that agent developers can use this directory to back up agent logs." `+CHE_WORKSPACE_HTTP__PROXY+`,"","Configures proxies used by runtimes powering workspaces." `+CHE_WORKSPACE_HTTPS__PROXY+`,"","Configuresproxies used by runtimes powering workspaces." @@ -26,7 +26,7 @@ pass:[] `+CHE_WORKSPACE_JAVA__OPTIONS+`,"`+-XX:MaxRAM=150m-XX:MaxRAMFraction=2 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xms20m -Djava.security.egd=file:/dev/./urandom+`","Java command-line options added to JVMs running in workspaces." `+CHE_WORKSPACE_MAVEN__OPTIONS+`,"`+-XX:MaxRAM=150m-XX:MaxRAMFraction=2 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xms20m -Djava.security.egd=file:/dev/./urandom+`","Maven command-line options added to JVMs running agents in workspaces." `+CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB+`,"`+1024+`","RAM limit default for each machine that has no RAM settings in its environment. Value less or equal to 0 is interpreted as disabling the limit." - `+CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB+`,"`+200+`","RAM request for each container that has no explicit RAM settings in its environment. This amount is allocated when the workspace container is created. This property may not be supported by all infrastructure implementations. Currently it is supported by Kubernetes and OpenShift. A memory request exceeding the memory limit is ignored, and only the limit size is used. Value less or equal to 0 is interpreted as disabling the limit." + `+CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB+`,"`+200+`","RAM request for each container that has no explicit RAM settings in its environment. This amount is allocated when the workspace container is created. This property may not be supported by all infrastructure implementations. Currently it is supported by {orch-name}. A memory request exceeding the memory limit is ignored, and only the limit size is used. Value less or equal to 0 is interpreted as disabling the limit." `+CHE_WORKSPACE_DEFAULT__CPU__LIMIT__CORES+`,"`+-1+`","CPU limit for each container that has no CPU settings in its environment. Specify either in floating point cores number, for example, `0.125`, or using the Kubernetes format, integer millicores, for example, `125m`. Value less or equal to 0 is interpreted as disabling the limit." `+CHE_WORKSPACE_DEFAULT__CPU__REQUEST__CORES+`,"`+-1+`","CPU request for each container that has no CPU settings in environment. A CPU request exceeding the CPU limit is ignored, and only limit number is used. Value less or equal to 0 is interpreted as disabling the limit." `+CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB+`,"`+128+`","RAM limit and request for each sidecar that has no RAM settings in the {prod-short} plug-in configuration. Value less or equal to 0 is interpreted as disabling the limit." @@ -96,9 +96,9 @@ pass:[] Environment Variable Name,Default value, Description `+CHE_INFRA_KUBERNETES_MASTER__URL+`,"","Configuration of Kubernetes client that Infra will use" - `+CHE_INFRA_KUBERNETES_TRUST__CERTS+`,"","Configurationof Kubernetes client that Infra will use" + `+CHE_INFRA_KUBERNETES_TRUST__CERTS+`,"","Configurationof {orch-name} client that Infra will use" `+CHE_INFRA_KUBERNETES_SERVER__STRATEGY+`,"`+multi-host+`","Defines the way how servers are exposed to the world in {orch-name} infra. List of strategies implemented in {prod-short}: default-host, multi-host, single-host" - `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_EXPOSURE+`,"`+native+`","Defines the way in which the workspace plugins and editors are exposed in the single-host mode. Supported exposures: - 'native': Exposes servers using {orch-name} Ingresses. Works only on Kubernetes. - 'gateway': Exposes servers using reverse-proxy gateway." + `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_EXPOSURE+`,"`+native+`","Defines the way in which the workspace plugins and editors are exposed in the single-host mode. Supported exposures: - 'native': Exposes servers using Kubernetes Ingresses. Works only on {kubernetes}. - 'gateway': Exposes servers using reverse-proxy gateway." `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_DEVFILE__ENDPOINT__EXPOSURE+`,"`+multi-host+`","Defines the way how to expose devfile endpoints, thus end-user's applications, in single-host server strategy. They can either follow the single-host strategy and be exposed on subpaths, or they can be exposed on subdomains. - 'multi-host': expose on subdomains - 'single-host': expose on subpaths" `+CHE_INFRA_KUBERNETES_SINGLEHOST_GATEWAY_CONFIGMAP__LABELS+`,"`+app=che,component=che-gateway-config+`","Defines labels which will be set to ConfigMaps configuring single-host gateway." `+CHE_INFRA_KUBERNETES_INGRESS_DOMAIN+`,"","Used to generate domain for a server in a workspace in case property `che.infra.kubernetes.server_strategy` is set to `multi-host`" @@ -108,20 +108,20 @@ pass:[] `+CHE_INFRA_KUBERNETES_NAMESPACE_LABEL+`,"`+true+`","Defines whether che-server should try to label the workspace namespaces." `+CHE_INFRA_KUBERNETES_NAMESPACE_LABELS+`,"`+app.kubernetes.io/part-of=che.eclipse.org,app.kubernetes.io/component=workspaces-namespace+`","List of labels to find Namespaces/Projects that are used for {prod-short} Workspaces. They are used to: - find prepared Namespaces/Projects for users in combination with `che.infra.kubernetes.namespace.annotations`. - actively label namespaces with any workspace." `+CHE_INFRA_KUBERNETES_NAMESPACE_ANNOTATIONS+`,"`+che.eclipse.org/username=+`","List of annotations to find Namespaces/Projects prepared for {prod-short} users workspaces. Only Namespaces/Projects matching the `che.infra.kubernetes.namespace.labels` will be matched against these annotations. Namespaces/Projects that matches both `che.infra.kubernetes.namespace.labels` and `che.infra.kubernetes.namespace.annotations` will be preferentially used for User's workspaces. It's possible to use `` placeholder to specify the Namespace/Project to concrete user." - `+CHE_INFRA_KUBERNETES_NAMESPACE_ALLOW__USER__DEFINED+`,"`+false+`","Defines if a user is able to specify Kubernetes namespace (or OpenShift project) different from the default. It's NOT RECOMMENDED to configured true without OAuth configured. This property is also used by the OpenShift infra." - `+CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME+`,"`+NULL+`","Defines Kubernetes Service Account name which should be specified to be bound to all workspaces pods. Note that Kubernetes Infrastructure won't create the service account and it should exist. OpenShift infrastructure will check if project is predefined(if `che.infra.openshift.project` is not empty): - if it is predefined then service account must exist there - if it is 'NULL' or empty string then infrastructure will create new OpenShift project per workspace and prepare workspace service account with needed roles there" + `+CHE_INFRA_KUBERNETES_NAMESPACE_ALLOW__USER__DEFINED+`,"`+false+`","Defines if a user is able to specify {platforms-namespace} different from the default. It's NOT RECOMMENDED to configured true without OAuth configured. This property is also used by the OpenShift infra." + `+CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME+`,"`+NULL+`","Defines Kubernetes Service Account name which should be specified to be bound to all workspaces pods. Note that {orch-name} Infrastructure won't create the service account and it should exist. OpenShift infrastructure will check if project is predefined(if `che.infra.openshift.project` is not empty): - if it is predefined then service account must exist there - if it is 'NULL' or empty string then infrastructure will create new OpenShift project per workspace and prepare workspace service account with needed roles there" `+CHE_INFRA_KUBERNETES_WORKSPACE__SA__CLUSTER__ROLES+`,"`+NULL+`","Specifies optional, additional cluster roles to use with the workspace service account. Note that the cluster role names must already exist, and the {prod-short} service account needs to be able to create a Role Binding to associate these cluster roles with the workspace service account. The names are comma separated. This property deprecates 'che.infra.kubernetes.cluster_role_name'." `+CHE_INFRA_KUBERNETES_WORKSPACE__START__TIMEOUT__MIN+`,"`+8+`","Defines time frame that limits the Kubernetes workspace start time" `+CHE_INFRA_KUBERNETES_INGRESS__START__TIMEOUT__MIN+`,"`+5+`","Defines the timeout in minutes that limits the period for which Kubernetes Ingress become ready" `+CHE_INFRA_KUBERNETES_WORKSPACE__UNRECOVERABLE__EVENTS+`,"`+FailedMount,FailedScheduling,MountVolume.SetUpfailed,Failed to pull image,FailedCreate,ReplicaSetCreateError+`","If during workspace startup an unrecoverable event defined in the property occurs, terminate workspace immediately instead of waiting until timeout Note that this SHOULD NOT include a mere 'Failed' reason, because that might catch events that are not unrecoverable. A failed container startup is handled explicitly by {prod-short} server." `+CHE_INFRA_KUBERNETES_PVC_ENABLED+`,"`+true+`","Defines whether use the Persistent Volume Claim for che workspace needs e.g backup projects, logs etc or disable it." - `+CHE_INFRA_KUBERNETES_PVC_STRATEGY+`,"`+common+`","Defined which strategy will be used while choosing PVC for workspaces. Supported strategies: - 'common' All workspaces in the same Kubernetes Namespace will reuse the same PVC. Name of PVC may be configured with 'che.infra.kubernetes.pvc.name'. Existing PVC will be used or new one will be created if it doesn't exist. - 'unique' Separate PVC for each workspace's volume will be used. Name of PVC is evaluated as '{che.infra.kubernetes.pvc.name} + '-' + {generated_8_chars}'. Existing PVC will be used or a new one will be created if it doesn't exist. - 'per-workspace' Separate PVC for each workspace will be used. Name of PVC is evaluated as '{che.infra.kubernetes.pvc.name} + '-' + {WORKSPACE_ID}'. Existing PVC will be used or a new one will be created if it doesn't exist." - `+CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS+`,"`+true+`","Defines whether to run a job that creates workspace's subpath directories in persistent volume for the 'common' strategy before launching a workspace. Necessary in some versions of OpenShift/Kubernetes as workspace subpath volume mounts are created with root permissions, and thus cannot be modified by workspaces running as a user (presents an error importing projects into a workspace in {prod-short}). The default is 'true', but should be set to false if the version of Openshift/Kubernetes creates subdirectories with user permissions. Relevant issue: \https://github.com/kubernetes/kubernetes/issues/41638 Note that this property has effect only if the 'common' PVC strategy used." + `+CHE_INFRA_KUBERNETES_PVC_STRATEGY+`,"`+common+`","Defined which strategy will be used while choosing PVC for workspaces. Supported strategies: - 'common' All workspaces in the same Kubernetes namespace will reuse the same PVC. Name of PVC may be configured with 'che.infra.kubernetes.pvc.name'. Existing PVC will be used or new one will be created if it doesn't exist. - 'unique' Separate PVC for each workspace's volume will be used. Name of PVC is evaluated as '{che.infra.kubernetes.pvc.name} + '-' + {generated_8_chars}'. Existing PVC will be used or a new one will be created if it doesn't exist. - 'per-workspace' Separate PVC for each workspace will be used. Name of PVC is evaluated as '{che.infra.kubernetes.pvc.name} + '-' + {WORKSPACE_ID}'. Existing PVC will be used or a new one will be created if it doesn't exist." + `+CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS+`,"`+true+`","Defines whether to run a job that creates workspace's subpath directories in persistent volume for the 'common' strategy before launching a workspace. Necessary in some versions of {orch-name} as workspace subpath volume mounts are created with root permissions, and thus cannot be modified by workspaces running as a user (presents an error importing projects into a workspace in {prod-short}). The default is 'true', but should be set to false if the version of {orch-name} creates subdirectories with user permissions. Relevant issue: \https://github.com/kubernetes/kubernetes/issues/41638 Note that this property has effect only if the 'common' PVC strategy used." `+CHE_INFRA_KUBERNETES_PVC_NAME+`,"`+claim-che-workspace+`","Defines the settings of PVC name for che workspaces. Each PVC strategy supplies this value differently. See doc for che.infra.kubernetes.pvc.strategy property" `+CHE_INFRA_KUBERNETES_PVC_STORAGE__CLASS__NAME+`,"","Defines the storage class of Persistent Volume Claim for the workspaces. Empty strings means 'use default'." `+CHE_INFRA_KUBERNETES_PVC_QUANTITY+`,"`+10Gi+`","Defines the size of Persistent Volume Claim of che workspace. Format described here: \https://docs.openshift.com/container-platform/4.4/storage/understanding-persistent-storage.html" `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE+`,"`+centos:centos7+`","Pod that is launched when performing persistent volume claim maintenance jobs on OpenShift" - `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE_PULL__POLICY+`,"`+IfNotPresent+`","Image pull policy of container that used for the maintenance jobs on Kubernetes/OpenShift cluster" + `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE_PULL__POLICY+`,"`+IfNotPresent+`","Image pull policy of container that used for the maintenance jobs on {orch-name} cluster" `+CHE_INFRA_KUBERNETES_PVC_JOBS_MEMORYLIMIT+`,"`+250Mi+`","Defines pod memory limit for persistent volume claim maintenance jobs" `+CHE_INFRA_KUBERNETES_PVC_ACCESS__MODE+`,"`+ReadWriteOnce+`","Defines Persistent Volume Claim access mode. Note that for common PVC strategy changing of access mode affects the number of simultaneously running workspaces. If OpenShift flavor where che running is using PVs with RWX access mode then a limit of running workspaces at the same time bounded only by che limits configuration like(RAM, CPU etc). Detailed information about access mode is described here: \https://docs.openshift.com/container-platform/4.4/storage/understanding-persistent-storage.html" `+CHE_INFRA_KUBERNETES_PVC_WAIT__BOUND+`,"`+true+`","Defines whether {prod-short} Server should wait workspaces PVCs to become bound after creating. It's used by all PVC strategies. It should be set to `false` in case if `volumeBindingMode` is configured to `WaitForFirstConsumer` otherwise workspace starts will hangs up on phase of waiting PVCs. Default value is true (means that PVCs should be waited to be bound)" @@ -132,7 +132,7 @@ pass:[] `+CHE_INFRA_KUBERNETES_INGRESS_LABELS+`,"`+NULL+`","Additional labels to add into every Ingress created by {prod-short} server to allow clear identification." `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_RUN__AS__USER+`,"`+NULL+`","Defines security context for pods that will be created by Kubernetes Infra This is ignored by OpenShift infra" `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_FS__GROUP+`,"`+NULL+`","Definessecurity context for pods that will be created by Kubernetes Infra This is ignored by OpenShift infra" - `+CHE_INFRA_KUBERNETES_POD_TERMINATION__GRACE__PERIOD__SEC+`,"`+0+`","Defines grace termination period for pods that will be created by Kubernetes / OpenShift infrastructures Grace termination period of Kubernetes / OpenShift workspace's pods defaults '0', which allows to terminate pods almost instantly and significantly decrease the time required for stopping a workspace. Note: if `terminationGracePeriodSeconds` have been explicitly set in Kubernetes / OpenShift recipe it will not be overridden." + `+CHE_INFRA_KUBERNETES_POD_TERMINATION__GRACE__PERIOD__SEC+`,"`+0+`","Defines grace termination period for pods that will be created by {orch-name} infrastructures Grace termination period of {orch-name} workspace's pods defaults '0', which allows to terminate pods almost instantly and significantly decrease the time required for stopping a workspace. Note: if `terminationGracePeriodSeconds` have been explicitly set in {orch-name} recipe it will not be overridden." `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX+`,"`+1000+`","Number of maximum concurrent async web requests (http requests or ongoing web socket calls) supported in the underlying shared http client of the `KubernetesClient` instances. Default values are 64, and 5 per-host, which doesn't seem correct for multi-user scenarios knowing that {prod-short} keeps a number of connections opened (e.g. for command or ws-agent logs)" `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX__PER__HOST+`,"`+1000+`","Numberof maximum concurrent async web requests (http requests or ongoing web socket calls) supported in the underlying shared http client of the `KubernetesClient` instances. Default values are 64, and 5 per-host, which doesn't seem correct for multi-user scenarios knowing that {prod-short} keeps a number of connections opened (e.g. for command or ws-agent logs)" `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_CONNECTION__POOL_MAX__IDLE+`,"`+5+`","Max number of idle connections in the connection pool of the Kubernetes-client shared http client" @@ -345,5 +345,3 @@ pass:[] `+CHE_KEYCLOAK_ADMIN__PASSWORD+`,"`+NULL+`","Keycloak admin password. Will be used for deleting user from Keycloak on removing user from {prod-short} database. Make sense only in case $++{che.keycloak.cascade_user_removal_enabled}++ set to 'true'" `+CHE_KEYCLOAK_USERNAME_REPLACEMENT__PATTERNS+`,"`+NULL+`","User name adjustment configuration. {prod-short} needs to use the usernames as part of K8s object names and labels and therefore has stricter requirements on their format than the identity providers usually allow (it needs them to be DNS-compliant). The adjustment is represented by comma-separated key-value pairs. These are sequentially used as arguments to the String.replaceAll function on the original username. The keys are regular expressions, values are replacement strings that replace the characters in the username that match the regular expression. The modified username will only be stored in the {prod-short} database and will not be advertised back to the identity provider. It is recommended to use DNS-compliant characters as replacement strings (values in the key-value pairs). Example: `\\=-,@=-at-` changes `\` to `-` and `@` to `-at-` so the username `org\user@com` becomes `org-user-at-com.`" ,=== - - diff --git a/modules/installation-guide/partials/proc_configuring-namespace-strategies.adoc b/modules/installation-guide/partials/proc_configuring-namespace-strategies.adoc index 8e533a0f1c..f457f1ca92 100644 --- a/modules/installation-guide/partials/proc_configuring-namespace-strategies.adoc +++ b/modules/installation-guide/partials/proc_configuring-namespace-strategies.adoc @@ -25,7 +25,7 @@ spec: ifeval::["{project-context}" == "che"] -With **Helm** installer, Kubernetes namespaces strategies are configured using `global.cheWorkspacesNamespace` property. +With **Helm** installer, {orch-namespace} strategies are configured using `global.cheWorkspacesNamespace` property. *Helm* [subs="+quotes,+attributes"] diff --git a/modules/installation-guide/partials/proc_configuring-workspace-exposure-strategies-using-an-operator.adoc b/modules/installation-guide/partials/proc_configuring-workspace-exposure-strategies-using-an-operator.adoc index c33a27b55e..27dd0e6854 100644 --- a/modules/installation-guide/partials/proc_configuring-workspace-exposure-strategies-using-an-operator.adoc +++ b/modules/installation-guide/partials/proc_configuring-workspace-exposure-strategies-using-an-operator.adoc @@ -70,8 +70,8 @@ $ {orch-cli} patch checluster/{prod-checluster} --type=json \ ifeval::["{project-context}" == "che"] -.Gateway single-host on Kubernetes -Single-host on Kubernetes has two implementations, `native`(default) and `gateway`. To deploy with `gateway` set the `k8s.singleHostExposureType` of CheCluster Custom Resource to `gateway`, or use this patch: +.Gateway single-host on {orch-name} +Single-host on {orch-name} has two implementations, `native`(default) and `gateway`. To deploy with `gateway` set the `k8s.singleHostExposureType` of CheCluster Custom Resource to `gateway`, or use this patch: [source,yaml,subs="+quotes"] ---- diff --git a/modules/installation-guide/partials/proc_installing-che-on-kubernetes_using_chectl_and_helm.adoc b/modules/installation-guide/partials/proc_installing-che-on-kubernetes_using_chectl_and_helm.adoc index ac8aadd645..c687e75d2f 100644 --- a/modules/installation-guide/partials/proc_installing-che-on-kubernetes_using_chectl_and_helm.adoc +++ b/modules/installation-guide/partials/proc_installing-che-on-kubernetes_using_chectl_and_helm.adoc @@ -20,8 +20,8 @@ [subs="+attributes"] ---- $ {prod-cli} server:deploy --installer=helm --platform=k8s --domain={domain} --multiuser -› Current Kubernetes context: 'minikube' - ✔ Verify Kubernetes API...OK +› Current {kubernetes} context: 'minikube' + ✔ Verify {kubernetes} API...OK ✔ 👀 Looking for an already existing {prod} instance ✔ Verify if {prod} is deployed into namespace "{prod-namespace}"...it is not ✔ ✈️ {kubernetes} preflight checklist