Scott
CCoder.com
ā¢Created by Scott on 11/13/2024 in #help
Multitenancy with Coder
Hi,
I hope this question isn't as silly as my last one was. š
I read in the docs, that to allow for the usage of secrets other Terraform providers would need to access external APIs with, I'd need to start up the Coder pod (in k8s scenario), with the secrets already loaded as environment variables. (Do correct me if I am wrong!)
So far so good. But, what about if I need Coder to be serving workspaces that need a whole slew of secrets?
Let me explain the use case.
Let's say, instead of allowing Coder to create subdomains to access the workspaces, I want to go through Cloudflare to create the subdomains to offer access. However, the developers all have different accounts to Cloudflare for their own sites. I don't believe I'd want to load all these credentials, even as env vars, into the Coder server environment.
Is there another, smarter, way to handle this kind of scenario? I was thinking something along the lines of sidecars. Jobs that could be ran via a secondary Coder servers, but then "closed" after the job is completed. The only open question in my mind would be Terraform state and keeping it available for destruction purposes. š¤
11 replies
CCoder.com
ā¢Created by Scott on 11/12/2024 in #help
Uniqueness in workspace naming
Are workspace names unique or rather do they enforce uniqueness? I guess I could test this. But, I figured I'd be lazy and just ask. š
8 replies
CCoder.com
ā¢Created by Scott on 1/14/2023 in #help
Can the Coder Server be a k8s service?
After the discussion yesterday here, I got to thinking. Is there a way to have the Coder Server be a "pure" k8s service instead of a final endpoint? In other words, a way to allow the API to be authenticated, but then user workflow is simply controlled by the client directly i.e. no user login. Coder would be part of a bigger overall system and calls to it would be trusted.
š¤
Basically, I believe the API would just need an API key from the client that can be fairly static to allow the client to control Coder.
Only administrators of the bigger system would have direct access to the Coder UI and Coder CLI for the purpose of creating and testing templates. I would guess we are getting into enterprise features. I'm just wondering if it's at all possible.
Scott
Scott
3 replies
CCoder.com
ā¢Created by Scott on 1/5/2023 in #help
logout ends up on sub-sub-domain
When I log out of coder, it ends up going to a URL that looks like this:
https://coder-logout.mysubdomain.mydomain.io/api/logout?redirect_uri=https%3A%2F%2Fcode.mydomain.io%2Flogin
The
coder-logout sub-sub-domain isn't necessary, is it? Any way to stop this?18 replies
CCoder.com
ā¢Created by Scott on 1/1/2023 in #help
SSH in k8s install not working
Hi,
I've gotten coder working in my k8s cluster, which is an experimental cluster on a number of VPSes. I can connect to it/ log in via the access URL I've created (i.e. coder.atsomedomain.com) and via the CLI I have installed locally. I've uploaded a template and can create a workspace. However, the port forward URL and SSH aren't working. The SSH connection times out it seems. I've read through a ton of issues and threads here and I believe this might be an issue with how I have ingress set up.
My initial question is, can someone explain how the connectivity is supposed to happen between the client/ user and the workspace via SSH? Is port 22 necessary by chance? From what I was reading, it isn't. Yet, SSH isn't working. Any tips on how to trouble shoot this problem would be greatly appreciated.
55 replies