Red Hat SummitChapter 3. Preparing the installation
To prepare a OpenShift Dev Spaces installation, learn about the OpenShift Dev Spaces ecosystem and deployment constraints:
3.1. Supported platforms
OpenShift Dev Spaces runs on OpenShift 4.15–4.19 on the following CPU architectures:
-
AMD64 and Intel 64 (
x86_64) -
IBM Z (
s390x)
The following CPU architecture requires Openshift 4.13-4.19 to run OpenShift Dev Spaces:
-
IBM Power (
ppc64le)
Additional resources
3.2. Installing the dsc management tool
You can install dsc, the Red Hat OpenShift Dev Spaces command-line management tool, on Microsoft Windows, Apple MacOS, and Linux. With dsc, you can perform operations the OpenShift Dev Spaces server such as starting, stopping, updating, and deleting the server.
Prerequisites
Linux or macOS.
NoteFor installing
dscon Windows, see the following pages:
Procedure
-
Download the archive from https://developers.redhat.com/products/openshift-dev-spaces/download to a directory such as
$HOME. -
Run
tar xvzfon the archive to extract the/dscdirectory. -
Add the extracted
/dsc/binsubdirectory to$PATH.
Verification
Run
dscto view information about it.dsc
$ dscCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Additional resources
3.3. Architecture
Figure 3.1. High-level OpenShift Dev Spaces architecture with the Dev Workspace operator
OpenShift Dev Spaces runs on three groups of components:
- OpenShift Dev Spaces server components
- Manage User project and workspaces. The main component is the User dashboard, from which users control their workspaces.
- Dev Workspace operator
-
Creates and controls the necessary OpenShift objects to run User workspaces. Including
Pods,Services, andPersistentVolumes. - User workspaces
- Container-based development environments, the IDE included.
The role of these OpenShift features is central:
- Dev Workspace Custom Resources
- Valid OpenShift objects representing the User workspaces and manipulated by OpenShift Dev Spaces. It is the communication channel for the three groups of components.
- OpenShift role-based access control (RBAC)
- Controls access to all resources.
Additional resources
3.3.1. Server components
The OpenShift Dev Spaces server components ensure multi-tenancy and workspaces management.
Figure 3.2. OpenShift Dev Spaces server components interacting with the Dev Workspace operator
Additional resources
3.3.1.1. Dev Spaces operator
The OpenShift Dev Spaces operator ensure full lifecycle management of the OpenShift Dev Spaces server components. It introduces:
CheClustercustom resource definition (CRD)-
Defines the
CheClusterOpenShift object. - OpenShift Dev Spaces controller
- Creates and controls the necessary OpenShift objects to run a OpenShift Dev Spaces instance, such as pods, services, and persistent volumes.
CheClustercustom resource (CR)On a cluster with the OpenShift Dev Spaces operator, it is possible to create a
CheClustercustom resource (CR). The OpenShift Dev Spaces operator ensures the full lifecycle management of the OpenShift Dev Spaces server components on this OpenShift Dev Spaces instance:
3.3.1.2. Dev Workspace operator
The Dev Workspace Operator (DWO) is a dependency of OpenShift Dev Spaces, and is an integral part of how OpenShift Dev Spaces functions. One of DWO’s main responsibilities is to reconcile Dev Workspace custom resources (CR).
The Dev Workspace CR is a OpenShift resource representation of a OpenShift Dev Spaces workspace. Whenever a user creates a workspace using OpenShift Dev Spaces in the background, Dashboard OpenShift Dev Spaces creates a Dev Workspace CR in the cluster. For every OpenShift Dev Spaces workspace, there is an underlying Dev Workspace CR on the cluster.
Figure 1 shows an example of a Dev Workspace CR in a cluster:
Figure 3.3. Example of a Dev Workspace CR in a cluster
When creating a workspace with OpenShift Dev Spaces with a devfile, the Dev Workspace CR contains the devfile details. Additionally, OpenShift Dev Spaces adds the editor definition into the Dev Workspace CR depending on which editor was chosen for the workspace. OpenShift Dev Spaces will also add attributes to the Dev Workspace which further configures the workspace depending on how you configured the CheCluster CR.
A DevWorkspaceTemplate is a custom resource that defines a reusable spec.template for Dev Workspaces.
When a workspace is started, DWO reads the corresponding Dev Workspace CR and creates the necessary resources such as deployments, secrets, configmaps, routes such that at the end a workspace pod representing the development environment defined in the devfile is created.
Custom Resources overview
The following Custom Resource Definitions are provided by the Dev Workspace Operator:
-
Dev Workspace -
DevWorkspaceTemplate -
DevWorkspaceOperatorConfig -
DevWorkspaceRouting
Dev Workspace
The Dev Workspace custom resource contains details about an OpenShift Dev Spaces workspace. Notably, it contains devfile details and a reference to the editor definition.
DevWorkspaceTemplate
In OpenShift Dev Spaces the DevWorkspaceTemplate custom resource is typically used to define an editor (such as Visual Studio Code - Open Source) for OpenShift Dev Spaces workspaces. You can use this custom resource to define reusable spec.template content that is reused by multiple Dev Workspaces.
DevWorkspaceOperatorConfig
The DevWorkspaceOperatorConfig (DWOC) custom resource defines configuration options for the DWO. There are two different types of DWOC:
- global configuration
- non-global configuration
The global configuration is a DWOC custom resource named devworkspace-operator-config and is usually located in the DWO installation namespace. By default, the global configuration is not created upon installation. Configuration fields set in the global configuration will apply to the DWO and all Dev Workspaces. However, the DWOC configuration can be overridden by a non-global configuration.
Any other DWOC custom resource than devworkspace-operator-config is considered to be non-global configuration. A non-global configuration does not apply to any Dev Workspaces unless the Dev Workspace contains a reference to the DWOC. If the global configuration and non-global configuration have the same fields, the non-global configuration field takes precedence.
| Global DWOC | OpenShift Dev Spaces-owned DWOC | |
|---|---|---|
| Resource name |
|
|
| Namespace | DWO installation namespace | OpenShift Dev Spaces installation namespace |
| Default creation | Not created by default upon DWO installation | Created by default on OpenShift Dev Spaces installation |
| Scope | Applies to the DWO itself and all Dev Workspaces managed by DWO | Applies to Dev Workspaces created by OpenShift Dev Spaces |
| Precedence | Overridden by fields set in OpenShift Dev Spaces-owned config | Takes precedence over global config if both define the same field |
| Primary use case | Used to define default, broad settings that apply to DWO in general. | Used to define specific configuration for Dev Workspaces created by OpenShift Dev Spaces |
For example, by default OpenShift Dev Spaces creates and manages a non-global DWOC in the OpenShift Dev Spaces namespace named devworkspace-config. This DWOC contains configuration specific to OpenShift Dev Spaces workspaces, and is maintained by OpenShift Dev Spaces depending on how you configure the CheCluster CR. When OpenShift Dev Spaces creates a workspace, OpenShift Dev Spaces adds a reference to the OpenShift Dev Spaces-owned DWOC with the controller.devfile.io/devworkspace-config attribute.
Figure 3.4. Example of Dev Workspace configuration attribute
DevWorkspaceRouting
The DevWorkspaceRouting custom resource defines details about the endpoints of a Dev Workspace. Every Dev Workspace has its corresponding DevWorkspaceRouting object that specifies the workspace’s container endpoints. Endpoints defined from the devfile, as well as endpoints defined by the editor definition will appear in the DevWorkspaceRouting custom resource.
3.3.1.2.1. Dev Workspace Operator’s operands
The Dev Workspace Operator has two operands:
- controller deployment
- webhook deployment.
oc get pods -l 'app.kubernetes.io/part-of=devworkspace-operator' -o custom-columns=NAME:.metadata.name -n openshift-operators
$ oc get pods -l 'app.kubernetes.io/part-of=devworkspace-operator' -o custom-columns=NAME:.metadata.name -n openshift-operators
NAME
devworkspace-controller-manager-66c6f674f5-l7rhj
devworkspace-webhook-server-d4958d9cd-gh7vr
devworkspace-webhook-server-d4958d9cd-rfvj6 Configuring the Dev Workspace-controller-manager deployment
You can configure the devworkspace-controller-manager pod in the Dev Workspace Operator Subscription object:
Learn more about configuration in this documentation.
Configuring the Dev Workspace-webhook-server deployment
You can configure the devworkspace-webhook-server deployment in the global DWOC:
3.3.1.3. Gateway
Additional resources
The OpenShift Dev Spaces gateway has following roles:
- Routing requests. It uses Traefik.
- Authenticating users with OpenID Connect (OIDC). It uses OpenShift OAuth2 proxy.
- Applying OpenShift Role based access control (RBAC) policies to control access to any OpenShift Dev Spaces resource. It uses `kube-rbac-proxy`.
The OpenShift Dev Spaces operator manages it as the che-gateway Deployment.
It controls access to:
Figure 3.5. OpenShift Dev Spaces gateway interactions with other components
Additional resources
3.3.1.4. User dashboard
The user dashboard is the landing page of Red Hat OpenShift Dev Spaces. OpenShift Dev Spaces users browse the user dashboard to access and manage their workspaces. It is a React application. The OpenShift Dev Spaces deployment starts it in the devspaces-dashboard Deployment.
It needs access to:
Figure 3.6. User dashboard interactions with other components
When the user requests the user dashboard to start a workspace, the user dashboard executes this sequence of actions:
- Sends the repository URL to Section 3.3.1.5, “Dev Spaces server” and expects a devfile in return, when the user is creating a workspace from a remote devfile.
- Reads the devfile describing the workspace.
- Collects the additional metadata from the Section 3.3.1.6, “Plug-in registry”.
- Converts the information into a Dev Workspace Custom Resource.
- Creates the Dev Workspace Custom Resource in the user project using the OpenShift API.
- Watches the Dev Workspace Custom Resource status.
- Redirects the user to the running workspace IDE.
3.3.1.5. Dev Spaces server
Additional resources
The OpenShift Dev Spaces server main functions are:
- Creating user namespaces.
- Provisioning user namespaces with required secrets and config maps.
- Integrating with Git services providers, to fetch and validate devfiles and authentication.
The OpenShift Dev Spaces server is a Java web service exposing an HTTP REST API and needs access to:
- Git service providers
- OpenShift API
Figure 3.7. OpenShift Dev Spaces server interactions with other components
Additional resources
3.3.1.6. Plug-in registry
Each OpenShift Dev Spaces workspace starts with a specific editor and set of associated extensions. The OpenShift Dev Spaces plugin registry provides the list of available editors and editor extensions. A Devfile v2 describes each editor or extension.
The Section 3.3.1.4, “User dashboard” is reading the content of the registry.
Figure 3.8. Plugin registries interactions with other components
3.3.2. User workspaces
Figure 3.9. User workspaces interactions with other components
User workspaces are web IDEs running in containers.
A User workspace is a web application. It consists of microservices running in containers providing all the services of a modern IDE running in your browser:
- Editor
- Language auto-completion
- Language server
- Debugging tools
- Plug-ins
- Application runtimes
A workspace is one OpenShift Deployment containing the workspace containers and enabled plugins, plus related OpenShift components:
- Containers
- ConfigMaps
- Services
- Endpoints
- Ingresses or Routes
- Secrets
- Persistent Volumes (PV)
A OpenShift Dev Spaces workspace contains the source code of the projects, persisted in a OpenShift Persistent Volume (PV). Microservices have read/write access to this shared directory.
Use the devfile v2 format to specify the tools and runtime applications of a OpenShift Dev Spaces workspace.
The following diagram shows one running OpenShift Dev Spaces workspace and its components.
Figure 3.10. OpenShift Dev Spaces workspace components
In the diagram, there is one running workspaces.
3.4. Calculating Dev Spaces resource requirements
The OpenShift Dev Spaces Operator, Dev Workspace Controller, and user workspaces consist of a set of pods. The pods contribute to the resource consumption in CPU and memory limits and requests.
The following link to an example devfile is a pointer to material from the upstream community. This material represents the very latest available content and the most recent best practices. These tips have not yet been vetted by Red Hat’s QE department, and they have not yet been proven by a wide user group. Please, use this information cautiously. It is best used for educational and 'developmental' purposes rather than 'production' purposes.
Procedure
Identify the workspace resource requirements which depend on the devfile that is used for defining the development environment. This includes identifying the workspace components explicitly specified in the
componentssection of the devfile.Here is an example devfile with the following components:
Example 3.1.
toolsThe
toolscomponent of the devfile defines the following requests and limits:memoryLimit: 6G memoryRequest: 512M cpuRequest: 1000m cpuLimit: 4000mmemoryLimit: 6G memoryRequest: 512M cpuRequest: 1000m cpuLimit: 4000mCopy to Clipboard Copied! Toggle word wrap Toggle overflow During the workspace startup, an internal
che-gatewaycontainer is implicitly provisioned with the following requests and limits:memoryLimit: 256M memoryRequest: 64M cpuRequest: 50m cpuLimit: 500mmemoryLimit: 256M memoryRequest: 64M cpuRequest: 50m cpuLimit: 500mCopy to Clipboard Copied! Toggle word wrap Toggle overflow IMPORTANT: Additional memory and CPU will be added implicitly for the Visual Studio Code - Open Source ("Code - OSS"):
memoryLimit: 1024M memoryRequest: 256M cpuRequest: 30m cpuLimit: 500mmemoryLimit: 1024M memoryRequest: 256M cpuRequest: 30m cpuLimit: 500mCopy to Clipboard Copied! Toggle word wrap Toggle overflow IMPORTANT: Additional memory and CPU will be added implicitly for a JetBrains IDE (e.g. IntelliJ IDEA Ultimate):
memoryLimit: 6144M memoryRequest: 2048M cpuRequest: 1500m cpuLimit: 2000mmemoryLimit: 6144M memoryRequest: 2048M cpuRequest: 1500m cpuLimit: 2000mCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Calculate the sums of the resources required for each workspace. If you intend to use multiple devfiles, repeat this calculation for every expected devfile.
Example 3.2. Workspace requirements for the example devfile in the previous step
Expand Purpose Pod Container name Memory limit Memory request CPU limit CPU request Developer tools
workspacetools6 GiB
512 MiB
4000 m
1000 m
OpenShift Dev Spaces gateway
workspaceche-gateway256 MiB
64 MiB
500 m
50 m
Visual Studio Code
workspacetools1024 MiB
256 MiB
500 m
30 m
Total
7.3 GiB
832 MiB
5000 m
1080 m
- Multiply the resources calculated per workspace by the number of workspaces that you expect all of your users to run simultaneously.
Calculate the sums of the requirements for the OpenShift Dev Spaces Operator, Operands, and Dev Workspace Controller.
Expand Table 3.2. Default requirements for the OpenShift Dev Spaces Operator, Operands, and Dev Workspace Controller Purpose Pod name Container names Memory limit Memory request CPU limit CPU request OpenShift Dev Spaces operator
devspaces-operatordevspaces-operator256 MiB
64 MiB
500 m
100 m
OpenShift Dev Spaces Server
devspacesdevspaces-server1 GiB
512 MiB
1000 m
100 m
OpenShift Dev Spaces Dashboard
devspaces-dashboarddevspaces-dashboard256 MiB
32 MiB
500 m
100 m
OpenShift Dev Spaces Gateway
devspaces-gatewaytraefik4 GiB
128 MiB
1000 m
100 m
OpenShift Dev Spaces Gateway
devspaces-gatewayconfigbump256 MiB
64 MiB
500 m
50 m
OpenShift Dev Spaces Gateway
devspaces-gatewayoauth-proxy512 MiB
64 MiB
500 m
100 m
OpenShift Dev Spaces Gateway
devspaces-gatewaykube-rbac-proxy512 MiB
64 MiB
500 m
100 m
Plugin registry
plugin-registryplugin-registry256 MiB
32 MiB
500 m
100 m
Dev Workspace Controller Manager
devworkspace-controller-managerdevworkspace-controller5 GiB
100 MiB
3000 m
250 m
Dev Workspace Controller Manager
devworkspace-controller-managerkube-rbac-proxyN/A
N/A
N/A
N/A
Dev Workspace webhook server
devworkspace-webhook-serverwebhook-server300 MiB
20 MiB
200 m
100 m
Dev Workspace Operator Catalog
devworkspace-operator-catalogregistry-serverN/A
50 MiB
N/A
10 m
Dev Workspace Webhook Server
devworkspace-webhook-serverwebhook-server300 MiB
20 MiB
200 m
100 m
Dev Workspace Webhook Server
devworkspace-webhook-serverkube-rbac-proxyN/A
N/A
N/A
N/A
Total
13 GiB
1.2 GiB
8.4
1.2
Additional resources
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}