/gitpod-gke-guide

Running Gitpod in Google Kubernetes Engine

Primary LanguageShellMIT LicenseMIT

Running Gitpod in Google Kubernetes Engine

Provision a GKE cluster

Before starting the installation process, you need:

  • A GCP account with Administrator access
  • GCP credentials set up. Install gcloud
  • A .env file with basic details about the environment.
    • We provide an example of such file here.
  • Docker installed on your machine, or better, a Gitpod workspace :)

To start the installation, execute:

make install

The whole process takes around twenty minutes. In the end, the following resources are created:

  • a GKE cluster running Kubernetes v1.21 (rapid channel).
  • GCP L4 load balancer.
  • Cloud SQL - Mysql database.
  • Cloud DNS zone.
  • In-cluster docker registry using Cloud Storage as storage backend.
  • calico as CNI and NetworkPolicy implementation.
  • cert-manager for self-signed SSL certificates.
  • Jaeger operator - and Jaeger deployment for gitpod distributed tracing.
  • gitpod.io deployment.

Common errors running make install

  • Insufficient regional quota to satisfy request

    Depending on the size of the configured disks size and machine-type, it may be necessary to request an increase in the service quota

    "GCP project Quota"

    After increasing the quota, retry the installation running make install

  • Some pods never start (Init state)

    ❯ kubectl get pods -l component=proxy
    NAME                     READY   STATUS    RESTARTS   AGE
    proxy-5998488f4c-t8vkh   0/1     Init 0/1  0          5m

    One of the reason could be related to the DNS01 challenge validation for the wildcard certificates can take several minutes (DNS propagation). So, once the Certificate is Ready, maybe it will be needed to restart the deployments. The DNS01 challenge needs create a TXT record on the domain name. If the domain name is not in the PROJECT_NAME, this will need to be done manually. The SETUP_MANAGED_DNS should be set to false.

    ❯ kubectl get certificate
    NAME                        READY   SECRET                      AGE
    proxy-config-certificates   True    proxy-config-certificates   5m

    running the commands:

    kubectl rollout restart deployment/server
    kubectl rollout restart deployment/ws-proxy

Verify the installation

First, check that Gitpod components are running.

kubectl get pods
NAME                               READY   STATUS    RESTARTS   AGE
blobserve-6bdb9c7f89-lvhxd         2/2     Running   0          6m17s
content-service-59bd58bc4d-xgv48   1/1     Running   0          6m17s
dashboard-6ffdf8984-b6f7j          1/1     Running   0          6m17s
image-builder-5df5694848-wsdvk     3/3     Running   0          6m16s
jaeger-8679bf6676-zz57m            1/1     Running   0          4h28m
messagebus-0                       1/1     Running   0          4h11m
proxy-56c4cdd799-bbfbx             1/1     Running   0          5m33s
registry-6b75f99844-bhhqd          1/1     Running   0          4h11m
registry-facade-f7twj              2/2     Running   0          6m12s
server-64f9cf6b9b-bllgg            2/2     Running   0          6m16s
ws-daemon-bh6h6                    2/2     Running   0          2m47s
ws-manager-5d57746845-t74n5        2/2     Running   0          6m16s
ws-manager-bridge-79f7fcb5-7w4p5   1/1     Running   0          6m16s
ws-proxy-7fc9665-rchr9             1/1     Running   0          5m57s

Test Gitpod workspaces

When the provisioning and configuration of the cluster is done, the script shows the URL of the load balancer, like:

Load balancer IP address: XXX.XXX.XXX.XXX

Please open the URL https://<domain>/workspaces. It should display the gitpod login page similar to the next image.

DNS propagation can take several minutes.

Gitpod login page


Update Gitpod auth providers

Please check the OAuth providers integration documentation expected format.

We provide an example here. Fill it with your OAuth providers data.

make auth

We are aware of the limitation of this approach, and we are working to improve the helm chart to avoid this step.

Destroy the cluster and GCP resources

Remove the GCP cluster running:

make uninstall

The command asks for a confirmation: Are you sure you want to delete: Gitpod (y/n)?

Please make sure you delete the GCP buckets used to store the docker registry images and Cloud SQL database!