Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
gitpod-io
GitHub Repository: gitpod-io/gitpod
 Path: blob/main/install/installer/pkg/components/ws-daemon/configmap.go
2501 views
1
// Copyright (c) 2021 Gitpod GmbH. All rights reserved.

2
// Licensed under the GNU Affero General Public License (AGPL).

3
// See License.AGPL.txt in the project root for license information.

4


5
package wsdaemon

6


7
import (

8
	"fmt"

9
	"time"

10


11
	"github.com/gitpod-io/gitpod/common-go/baseserver"

12
	"github.com/gitpod-io/gitpod/common-go/util"

13
	"github.com/gitpod-io/gitpod/installer/pkg/common"

14
	config "github.com/gitpod-io/gitpod/installer/pkg/config/v1"

15
	"github.com/gitpod-io/gitpod/installer/pkg/config/v1/experimental"

16
	wsdapi "github.com/gitpod-io/gitpod/ws-daemon/api"

17
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/cgroup"

18
	wsdconfig "github.com/gitpod-io/gitpod/ws-daemon/pkg/config"

19
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/container"

20
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/content"

21
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/cpulimit"

22
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/daemon"

23
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/diskguard"

24
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/iws"

25
	"github.com/gitpod-io/gitpod/ws-daemon/pkg/netlimit"

26


27
	corev1 "k8s.io/api/core/v1"

28
	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"

29
	"k8s.io/apimachinery/pkg/runtime"

30
)

31


32
func configmap(ctx *common.RenderContext) ([]runtime.Object, error) {

33
	var fsshift wsdapi.FSShiftMethod

34
	switch ctx.Config.Workspace.Runtime.FSShiftMethod {

35
	case config.FSShiftShiftFS:

36
		fsshift = wsdapi.FSShiftMethod_SHIFTFS

37
	default:

38
		return nil, fmt.Errorf("unknown fs shift method: %s", ctx.Config.Workspace.Runtime.FSShiftMethod)

39
	}

40


41
	cpuLimitConfig := cpulimit.Config{

42
		Enabled:        false,

43
		CGroupBasePath: "/mnt/node-cgroups",

44
		ControlPeriod:  util.Duration(15 * time.Second),

45
	}

46
	var ioLimitConfig daemon.IOLimitConfig

47


48
	var procLimit int64

49
	networkLimitConfig := netlimit.Config{

50
		Enabled:              false,

51
		Enforce:              false,

52
		ConnectionsPerMinute: 3000,

53
		BucketSize:           1000,

54
	}

55


56
	oomScoreAdjConfig := cgroup.OOMScoreAdjConfig{

57
		Enabled: false,

58
		Tier1:   0,

59
		Tier2:   0,

60
	}

61


62
	runtimeMapping := make(map[string]string)

63
	// default runtime mapping

64
	runtimeMapping[ctx.Config.Workspace.Runtime.ContainerDRuntimeDir] = "/mnt/node0"

65


66
	var wscontroller daemon.WorkspaceControllerConfig

67


68
	// default workspace network CIDR (and fallback)

69
	workspaceCIDR := "10.0.5.0/30"

70


71
	ctx.WithExperimental(func(ucfg *experimental.Config) error {

72
		if ucfg.Workspace == nil {

73
			return nil

74
		}

75


76
		cpuLimitConfig.Enabled = ucfg.Workspace.CPULimits.Enabled

77
		cpuLimitConfig.BurstLimit = ucfg.Workspace.CPULimits.BurstLimit

78
		cpuLimitConfig.Limit = ucfg.Workspace.CPULimits.Limit

79
		cpuLimitConfig.TotalBandwidth = ucfg.Workspace.CPULimits.NodeCPUBandwidth

80


81
		ioLimitConfig.WriteBWPerSecond = ucfg.Workspace.IOLimits.WriteBWPerSecond

82
		ioLimitConfig.ReadBWPerSecond = ucfg.Workspace.IOLimits.ReadBWPerSecond

83
		ioLimitConfig.WriteIOPS = ucfg.Workspace.IOLimits.WriteIOPS

84
		ioLimitConfig.ReadIOPS = ucfg.Workspace.IOLimits.ReadIOPS

85


86
		networkLimitConfig.Enabled = ucfg.Workspace.NetworkLimits.Enabled

87
		networkLimitConfig.Enforce = ucfg.Workspace.NetworkLimits.Enforce

88
		networkLimitConfig.ConnectionsPerMinute = ucfg.Workspace.NetworkLimits.ConnectionsPerMinute

89
		networkLimitConfig.BucketSize = ucfg.Workspace.NetworkLimits.BucketSize

90


91
		oomScoreAdjConfig.Enabled = ucfg.Workspace.OOMScores.Enabled

92
		oomScoreAdjConfig.Tier1 = ucfg.Workspace.OOMScores.Tier1

93
		oomScoreAdjConfig.Tier2 = ucfg.Workspace.OOMScores.Tier2

94


95
		if len(ucfg.Workspace.WSDaemon.Runtime.NodeToContainerMapping) > 0 {

96
			// reset map

97
			runtimeMapping = make(map[string]string)

98
			for _, value := range ucfg.Workspace.WSDaemon.Runtime.NodeToContainerMapping {

99
				runtimeMapping[value.Path] = value.Value

100
			}

101
		}

102


103
		procLimit = ucfg.Workspace.ProcLimit

104


105
		wscontroller.MaxConcurrentReconciles = 15

106


107
		if ucfg.Workspace.WorkspaceCIDR != "" {

108
			workspaceCIDR = ucfg.Workspace.WorkspaceCIDR

109
		}

110


111
		return nil

112
	})

113


114
	wsdcfg := wsdconfig.Config{

115
		Daemon: daemon.Config{

116
			RegistryFacadeHost: fmt.Sprintf("reg.%s:%d", ctx.Config.Domain, common.RegistryFacadeServicePort),

117
			Runtime: daemon.RuntimeConfig{

118
				KubernetesNamespace: ctx.Namespace,

119
				SecretsNamespace:    common.WorkspaceSecretsNamespace,

120
				Container: &container.Config{

121
					Runtime: container.RuntimeContainerd,

122
					Mapping: runtimeMapping,

123
					Mounts: container.NodeMountsLookupConfig{

124
						ProcLoc: "/mnt/mounts",

125
					},

126
					Containerd: &container.ContainerdConfig{

127
						SocketPath: "/mnt/containerd/containerd.sock",

128
					},

129
				},

130
				WorkspaceCIDR: workspaceCIDR,

131
			},

132
			Content: content.Config{

133
				WorkingArea:     ContainerWorkingAreaMk2,

134
				WorkingAreaNode: HostWorkingAreaMk2,

135
				TmpDir:          "/tmp",

136
				UserNamespaces: content.UserNamespacesConfig{

137
					FSShift: content.FSShiftMethod(fsshift),

138
				},

139
				Storage: common.StorageConfig(ctx),

140
				Backup: content.BackupConfig{

141
					Timeout:  util.Duration(time.Minute * 5),

142
					Attempts: 3,

143
				},

144
				Initializer: content.InitializerConfig{

145
					Command: "/app/content-initializer",

146
				},

147
			},

148
			Uidmapper: iws.UidmapperConfig{

149
				ProcLocation: "/proc",

150
				RootRange: iws.UIDRange{

151
					Start: 33333,

152
					Size:  1,

153
				},

154
				UserRange: []iws.UIDRange{{

155
					Start: 100000,

156
					Size:  70000,

157
				}},

158
			},

159
			CPULimit:  cpuLimitConfig,

160
			IOLimit:   ioLimitConfig,

161
			ProcLimit: procLimit,

162
			NetLimit:  networkLimitConfig,

163
			OOMScores: oomScoreAdjConfig,

164
			DiskSpaceGuard: diskguard.Config{

165
				Enabled:  true,

166
				Interval: util.Duration(5 * time.Minute),

167
				Locations: []diskguard.LocationConfig{{

168
					Path:          ContainerWorkingAreaMk2,

169
					MinBytesAvail: 21474836480,

170
				}},

171
			},

172
			WorkspaceController: wscontroller,

173
		},

174
		Service: baseserver.ServerConfiguration{

175
			Address: fmt.Sprintf("0.0.0.0:%d", ServicePort),

176
			TLS: &baseserver.TLSConfiguration{

177
				CAPath:   "/certs/ca.crt",

178
				CertPath: "/certs/tls.crt",

179
				KeyPath:  "/certs/tls.key",

180
			},

181
		},

182
	}

183
	fc, err := common.ToJSONString(wsdcfg)

184
	if err != nil {

185
		return nil, fmt.Errorf("failed to marshal ws-daemon config: %w", err)

186
	}

187


188
	return []runtime.Object{&corev1.ConfigMap{

189
		TypeMeta: common.TypeMetaConfigmap,

190
		ObjectMeta: metav1.ObjectMeta{

191
			Name:        Component,

192
			Namespace:   ctx.Namespace,

193
			Labels:      common.CustomizeLabel(ctx, Component, common.TypeMetaConfigmap),

194
			Annotations: common.CustomizeAnnotation(ctx, Component, common.TypeMetaConfigmap),

195
		},

196
		Data: map[string]string{

197
			"config.json": string(fc),

198
		},

199
	}}, nil

200
}

201


202