Provide Remote Development for GDK
Overview
To align with our commitment to dogfood GitLab product features, we propose enabling GitLab's Remote Development within the GDK. This will significantly improve the developer workflow and allow us to provide any feedback to the product teams.
Documentation
- Remote development (Beta): https://docs.gitlab.com/ee/user/project/remote_development/
- Tutorial: Connect a remote machine to the Web IDE: https://docs.gitlab.com/ee/user/project/remote_development/connect_machine.html
Steps to Set Up Remote Development Workspace as of 2023-07-11
I followed the instructions in the Setting up a Workspace to create a workspace in my GCP sandbox.
-
Set up a Kubernetes cluster that the GitLab agent for Kubernetes supports. See the supported Kubernetes versions. -
Create a standard GKE cluster (No Autopilot cluster):
gcloud container clusters create nhashizume-remote-development \ --zone us-central1-a \ --node-locations us-central1-a,us-central1-b,us-central1-c
-
-
Ensure autoscaling for the Kubernetes cluster is enabled. -
In the Kubernetes cluster, verify that a default storage class is defined so that volumes can be dynamically provisioned for each workspace. -
Verify that a default storage class is defined:
kubectl get storageclass
-
-
In the Kubernetes cluster, install an Ingress controller of your choice (for example, ingress-nginx
), and make that controller accessible over a domain. For example, point*.workspaces.example.dev
andworkspaces.example.dev
to the load balancer exposed by the Ingress controller.-
Purchase a non-trademark domain name
nhashizume.net
by following Non-Trademark Domain Names guide. -
Install
nginx-ingress
and configure the domain load-balancer by following Ingress-Nginx Deployment - Quick Start guide. -
Create DNS A records for the domain
nhashizume.net
and set it to the IP address of thenginx-ingress
controller by following Set Up DNS Records for a Domain Name and Add a Record guides.gcloud dns record-sets transaction start --zone="${ZONE_NAME}" gcloud dns record-sets transaction add "${NGINX_INGRESS_IP}" --name="nhashizume.net." --type=A --ttl=300 --zone="${ZONE_NAME}" gcloud dns record-sets transaction add "${NGINX_INGRESS_IP}" --name="*.nhashizume.net." --type=A --ttl=300 --zone="${ZONE_NAME}" gcloud dns record-sets transaction execute --zone="${ZONE_NAME}"
-
-
In the Kubernetes cluster, install gitlab-workspaces-proxy
.- Create a Signing key.
- Make sure to check that you have
helm version
3.11.0 or higher (I upgraded it withasdf install helm 3.11.0
). - Follow Installation Instructions.
- Note that creating TXT records is necessary in GCP for the ACME DNS challenge.
-
In the Kubernetes cluster, install the GitLab agent for Kubernetes. -
Configure remote development settings for the GitLab agent with this snippet, and update dns_zone
as needed:remote_development: enabled: true dns_zone: "workspaces.example.dev"
You can use any agent defined under the root group of your project, provided that remote development is properly configured for that agent.
- GitLab agent configuration: https://gitlab.com/nhashizume-group/gitlab-development-kit/-/blob/main/.gitlab/agents/remote-dev/config.yaml.
-
You must have at least the Developer role in the root group. -
In each public project you want to use this feature for, create a devfile: - On the left sidebar, at the top, select Search GitLab (
🔍 ) to find your project. - In the root directory of your project, create a file named .devfile.yaml. You can use one of the example configurations.
- On the left sidebar, at the top, select Search GitLab (
-
Ensure the container images used in the devfile support arbitrary user IDs.
Actions as of 2023-08-23
- Start up GDK successfully in the sandbox GCP project
-
Configure the fs.inotify.max_user_watches
setting in the Daemonset. -
GDK starts successfully when support/gitlab-remote-development/remote-development-gdk-bootstrap.sh
is executed.
-
- Create a new GCP project
-
Get approval for an access request to create a new GCP project under the Engineering Productivity team's GCP folder.
-
- Set up infrastructure resources
-
Provision infrastructure resources using these Terraform scripts that were used in the sandbox GCP project once we have the new GCP project.
-
- Generate TLS certificates for
gitlab-workspaces-proxy
-
EDIT: Since the certificates are associated with domain names and not IP addresses, and the domain name remains the same, generating certificates is not necessary. Collaborate with the Infrastructure team to generate certificates for thegitlab-workspaces-proxy
.
-
- Configure DNS zone and records
-
Collaborate with the Infrastructure team to configure DNS zone and records for the new infrastructure resources.
-
- Configure a GitLab agent for https://gitlab.com/gitlab-org
-
Install a GitLab agent in https://gitlab.com/gitlab-org/gitlab-development-kit and grant developers in https://gitlab.com/gitlab-org access to the Kubernetes cluster. -
Once set up, use the agent token to configure a GitLab agent.
-
Impacted categories
The following categories relate to this issue:
-
gdk-reliability - e.g. When a GDK action fails to complete. -
gdk-usability - e.g. Improvements or suggestions around how the GDK functions. -
gdk-performance - e.g. When a GDK action is slow or times out.
Steps to replicate (optional)
Proposal (optional)
Environment (optional)
- Operating system name:
<!-- output of
uname -acommand -->
- Architecture:
<!-- output of
archcommand -->
- The contents of your
gdk.yml
(if any) - Ruby version:
<!-- output of
ruby --versioncommand -->
- GDK version:
<!-- output of
git rev-parse --short HEADcommand -->