Chapter 1. Configuring the CodeReady Workspaces installation
The following section describes configuration options to install Red Hat CodeReady Workspaces using the Operator.
1.1. Understanding the CheCluster
Custom Resource
A default deployment of CodeReady Workspaces consist in the application of a parametrized CheCluster
Custom Resource by the Red Hat CodeReady Workspaces Operator.
CheCluster
Custom Resource- A YAML document describing the configuration of the overall CodeReady Workspaces installation.
-
Contains sections to configure each component:
auth
,database
,server
,storage
.
- Role of the Red Hat CodeReady Workspaces Operator
-
To translate the
CheCluster
Custom Resource into configuration (ConfigMap) usable by each component of the CodeReady Workspaces installation.
-
To translate the
- Role of OpenShift
- To apply the configuration (ConfigMap) for each component.
- To create the necessary Pods.
- When OpenShift detects a change in the configuration of a component, it restarts the Pods accordingly.
Example 1.1. Configuring the main properties of the CodeReady Workspaces server component
-
The user applies a
CheCluster
Custom Resource containing some configuration related to theserver
. -
The Operator generates a necessary ConfigMap, called
codeready
. - OpenShift detects change in the ConfigMap and triggers a restart of the CodeReady Workspaces Pod.
Additional resources
- Understanding Operators.
- Understanding Custom Resources.
-
To learn how to modify the
CheCluster
Custom Resource, see the chosen installation procedure.
1.2. CheCluster
Custom Resource fields reference
This section describes all fields available to customize the CheCluster
Custom Resource.
-
Example 1.2, “A minimal
CheCluster
Custom Resource example.” -
Table 1.3, “
CheCluster
Custom Resourceauth
configuration settings related to authentication used by CodeReady Workspaces installation” -
Table 1.2, “
CheCluster
Custom Resourcedatabase
configuration settings related to the database used by CodeReady Workspaces” -
Table 1.1, “
CheCluster
Custom Resourceserver
settings, related to the CodeReady Workspaces server component.” -
Table 1.4, “
CheCluster
Custom Resourcestorage
configuration settings related to persistent storage used by CodeReady Workspaces” -
Table 1.5, “
CheCluster
Custom Resourcek8s
configuration settings specific to CodeReady Workspaces installations on OpenShift” -
Table 1.6, “
CheCluster
Custom Resourcestatus
defines the observed state of CodeReady Workspaces installation”
Example 1.2. A minimal CheCluster
Custom Resource example.
apiVersion: org.eclipse.che/v1 kind: CheCluster metadata: name: codeready-workspaces spec: auth: externalIdentityProvider: false database: externalDb: false server: selfSignedCert: false gitSelfSignedCert: false tlsSupport: true storage: pvcStrategy: 'common' pvcClaimSize: '1Gi'
Property | Default value | Description |
---|---|---|
| omit | An optional host name or URL to an alternative container registry to pull images from. This value overrides the container registry host name defined in all default container images involved in a CodeReady Workspaces deployment. This is particularly useful to install CodeReady Workspaces in an air-gapped environment. |
| omit | Optional repository name of an alternative container registry to pull images from. This value overrides the container registry organization defined in all the default container images involved in a CodeReady Workspaces deployment. This is particularly useful to install CodeReady Workspaces in an air-gapped environment. |
|
| Enables the debug mode for CodeReady Workspaces server. |
|
| Flavor of the installation. |
| The Operator automatically sets the value. | A public host name of the installed CodeReady Workspaces server. |
|
| Overrides the image pull policy used in CodeReady Workspaces deployment. |
| omit | Overrides the tag of the container image used in CodeReady Workspaces deployment. Omit it or leave it empty to use the default image tag provided by the Operator. |
| omit | Overrides the container image used in CodeReady Workspaces deployment. This does not include the container image tag. Omit it or leave it empty to use the default container image provided by the Operator. |
|
|
Log level for the CodeReady Workspaces server: |
| omit | Custom cluster role bound to the user for the CodeReady Workspaces workspaces. Omit or leave empty to use the default roles. |
| omit |
Map of additional environment variables that will be applied in the generated |
| omit | Overrides the container image used in the Devfile registry deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. |
|
| Overrides the memory limit used in the Devfile registry deployment. |
|
| Overrides the memory request used in the Devfile registry deployment. |
|
| Overrides the image pull policy used in the Devfile registry deployment. |
| The Operator automatically sets the value. |
Public URL of the Devfile registry that serves sample, ready-to-use devfiles. Set it if you use an external devfile registry (see the |
|
|
Instructs the Operator to deploy a dedicated Devfile registry server. By default a dedicated devfile registry server is started. If |
|
|
Instructs the Operator to deploy a dedicated Plugin registry server. By default, a dedicated plug-in registry server is started. If |
| omit |
List of hosts that will not use the configured proxy. Use |
| omit | Overrides the container image used in the Plugin registry deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. |
|
| Overrides the memory limit used in the Plugin registry deployment. |
|
| Overrides the memory request used in the Plugin registry deployment. |
|
| Overrides the image pull policy used in the Plugin registry deployment. |
| the Operator sets the value automatically |
Public URL of the Plugin registry that serves sample ready-to-use devfiles. Set it only when using an external devfile registry (see the |
| omit | Password of the proxy server. Only use when proxy configuration is required. |
| omit |
Port of the proxy server. Only use when configuring a proxy is required (see also the |
| omit |
URL (protocol+host name) of the proxy server. This drives the appropriate changes in the |
| omit |
User name of the proxy server. Only use when configuring a proxy is required (see also the |
|
|
Enables the support of OpenShift clusters with routers that use self-signed certificates. When enabled, the Operator retrieves the default self-signed certificate of OpenShift routes and adds it to the Java trust store of the CodeReady Workspaces server. Required when activating the |
|
| Overrides the memory limit used in the CodeReady Workspaces server deployment. |
|
| Overrides the memory request used in the CodeReady Workspaces server deployment. |
|
|
Instructs the Operator to deploy CodeReady Workspaces in TLS mode. Enabling TLS requires enabling the |
Property | Default value | Description |
---|---|---|
|
| PostgreSQL database name that the CodeReady Workspaces server uses to connect to the database. |
| the Operator sets the value automatically |
PostgreSQL Database host name that the CodeReady Workspaces server uses to connect to. Defaults to |
| auto-generated value | PostgreSQL password that the CodeReady Workspaces server uses to connect to the database. |
|
|
PostgreSQL Database port that the CodeReady Workspaces server uses to connect to. Override this value only when using an external database (see field |
|
| PostgreSQL user that the CodeReady Workspaces server uses to connect to the database. |
|
|
Instructs the Operator to deploy a dedicated database. By default, a dedicated PostgreSQL database is deployed as part of the CodeReady Workspaces installation. If set to |
|
Always` for | Overrides the image pull policy used in the PostgreSQL database deployment. |
| omit | Overrides the container image used in the PostgreSQL database deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. |
Property | Default value | Description |
---|---|---|
|
|
By default, a dedicated Identity Provider server is deployed as part of the CodeReady Workspaces installation. But if |
|
| Overrides the name of the Identity Provider admin user. |
| omit |
Name of an Identity provider (Keycloak / RH SSO) |
|
| Overrides the image pull policy used in the Identity Provider (Keycloak / RH SSO) deployment. |
| omit | Overrides the container image used in the Identity Provider (Keycloak / RH SSO) deployment. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. |
| omit |
Overrides the password of Keycloak admin user. Override it only when using an external Identity Provider (see the |
| the Operator sets the value automatically |
Password for The Identity Provider (Keycloak / RH SSO) to connect to the database. This is useful to override it ONLY if you use an external Identity Provider (see the |
| omit |
Name of an Identity provider (Keycloak / RH SSO) realm. Override it only when using an external Identity Provider (see the |
| the Operator sets the value automatically |
Instructs the Operator to deploy a dedicated Identity Provider (Keycloak or RH SSO instance). Public URL of the Identity Provider server (Keycloak / RH SSO server). Set it only when using an external Identity Provider (see the |
| the Operator sets the value automatically |
Name of the OpenShift |
| the Operator sets the value automatically |
Name of the secret set in the OpenShift |
|
|
Enables the integration of the identity provider (Keycloak / RHSSO) with OpenShift OAuth. This allows users to log in with their OpenShift login and have their workspaces created under personal OpenShift projects. The |
|
|
Forces the default |
Property | Default value | Description |
---|---|---|
| omit | Storage class for the Persistent Volume Claim dedicated to the PostgreSQL database. Omitted or leave empty to use a default storage class. |
|
| Instructs the CodeReady Workspaces server to launch a special Pod to pre-create a subpath in the Persistent Volumes. Enable it according to the configuration of your K8S cluster. |
|
| Size of the persistent volume claim for workspaces. |
| omit |
Overrides the container image used to create sub-paths in the Persistent Volumes. This includes the image tag. Omit it or leave it empty to use the default container image provided by the Operator. See also the |
|
|
Available options:`common` (all workspaces PVCs in one volume), |
| omit | Storage class for the Persistent Volume Claims dedicated to the CodeReady Workspaces workspaces. Omit or leave empty to use a default storage class. |
Property | Default value | Description |
---|---|---|
|
| Ingress class that defines which controller manages ingresses. |
| omit |
Global ingress domain for a K8S cluster. This field must be explicitly specified. This drives the |
|
|
Strategy for ingress creation. This can be |
|
| FSGroup the CodeReady Workspaces Pod and Workspace Pods containers run in. |
|
| ID of the user the CodeReady Workspaces Pod and Workspace Pods containers run as. |
| omit |
Name of a secret that is used to set ingress TLS termination if TLS is enabled. See also the |
Property | Description |
---|---|
|
Status of a CodeReady Workspaces installation. Can be |
| Public URL to the CodeReady Workspaces server. |
| Currently installed CodeReady Workspaces version. |
| Indicates whether a PostgreSQL instance has been correctly provisioned. |
| Public URL to the Devfile registry. |
| A URL to where to find help related to the current Operator status. |
| Indicates whether an Identity Provider instance (Keycloak / RH SSO) has been provisioned with realm, client and user. |
| Public URL to the Identity Provider server (Keycloak / RH SSO). |
| A human-readable message with details about why the Pod is in this state. |
| Indicates whether an Identity Provider instance (Keycloak / RH SSO) has been configured to integrate with the OpenShift OAuth. |
| Public URL to the Plugin registry. |
| A brief CamelCase message with details about why the Pod is in this state. |