diff --git a/modules/administration-guide/partials/assembly_configuring-authorization.adoc b/modules/administration-guide/partials/assembly_configuring-authorization.adoc index 6413315cc3..768ed3a3e9 100644 --- a/modules/administration-guide/partials/assembly_configuring-authorization.adoc +++ b/modules/administration-guide/partials/assembly_configuring-authorization.adoc @@ -21,6 +21,8 @@ include::partial$proc_configuring-github-oauth.adoc[leveloffset=+2] include::partial$proc_configuring-bitbucket-server-oauth1.adoc[leveloffset=+2] +include::partial$proc_configuring-gitlab-oauth.adoc[leveloffset=+2] + include::partial$proc_using-protocol-based-providers.adoc[leveloffset=+1] include::example$proc_{project-context}-managing-users-using-identity-provider.adoc[leveloffset=+1] diff --git a/modules/administration-guide/partials/proc_configuring-gitlab-oauth.adoc b/modules/administration-guide/partials/proc_configuring-gitlab-oauth.adoc new file mode 100644 index 0000000000..9792399c41 --- /dev/null +++ b/modules/administration-guide/partials/proc_configuring-gitlab-oauth.adoc @@ -0,0 +1,46 @@ +// Module included in the following assemblies: +// +// Configuring GitLab OAuth + + +[id="configuring-gitlab-oauth_{context}"] += Configuring GitLab OAuth 2 + +OAuth 2 for GitLab allows accepting factories from private GitLab repositories. + +.Prerequisites + +* GitLab server is running and available from {prod-short}. + +.Procedure + +. link:https://docs.gitlab.com/ee/integration/oauth_provider.html#authorized-applications[Create an Authorized application in GitLab] with following parameters: ++ +Application name:: {prod-short} +Callback URL:: {identity-provider} GitLab endpoint URL. ++ +.Callback URL default value +==== +`++https://++keycloak-{prod-namespace}.____/auth/realms/{prod-deployment}/broker/gitlab/endpoint`, where `____` is the {orch-name} cluster domain. +==== +Store the `Application ID` and `Secret` values. + +. Create a custom OIDC provider link on {identity-provider} pointing to GitLab server. Fill the following fields: + +Client ID:: a value from the `Application ID` field provided by GitLab server in previous step; +Client Secret:: a value from `Secret` field provided by GitLab server in previous step; +Authorization URL:: a URL which have a `https://____/oauth/oauth/authorize` format; +Token URL:: a URL which have a `https://____/oauth/oauth/token` format; +Scopes:: set of scopes which must contain (but not limited to) the following set: `api write_repository openid` + ++ +[NOTE] +==== +* Substitute `__` with the URL and port of the GitLab installation. +==== + + +.Additional resources + +* xref:installation-guide:importing-untrusted-tls-certificates.adoc[]. +* xref:installation-guide:deploying-che-with-support-for-git-repositories-with-self-signed-certificates.adoc[]. diff --git a/modules/installation-guide/pages/advanced-configuration-options-for-the-che-server-component.adoc b/modules/installation-guide/pages/advanced-configuration-options-for-the-che-server-component.adoc index c355662d10..aa051acda5 100644 --- a/modules/installation-guide/pages/advanced-configuration-options-for-the-che-server-component.adoc +++ b/modules/installation-guide/pages/advanced-configuration-options-for-the-che-server-component.adoc @@ -5,3 +5,4 @@ :page-aliases: .:advanced-configuration-options-for-the-che-server-component, .:configuring-system-variables include::partial$assembly_advanced-configuration-options-for-the-che-server-component.adoc[] + diff --git a/modules/installation-guide/partials/assembly_advanced-configuration-options-for-the-che-server-component.adoc b/modules/installation-guide/partials/assembly_advanced-configuration-options-for-the-che-server-component.adoc index 2f84a6aaf4..8428c1a0bc 100644 --- a/modules/installation-guide/partials/assembly_advanced-configuration-options-for-the-che-server-component.adoc +++ b/modules/installation-guide/partials/assembly_advanced-configuration-options-for-the-che-server-component.adoc @@ -18,7 +18,8 @@ include::partial$con_understanding-che-server-advanced-configuration-not-using-t endif::[] -include::partial$ref_che-server-component-system-properties-reference.adoc[leveloffset=+1] +include::partial$assembly_che-server-environment-variables-reference.adoc[leveloffset=+1] + .Additional resources diff --git a/modules/installation-guide/partials/assembly_che-server-environment-variables-reference.adoc b/modules/installation-guide/partials/assembly_che-server-environment-variables-reference.adoc new file mode 100644 index 0000000000..c5dfc444f5 --- /dev/null +++ b/modules/installation-guide/partials/assembly_che-server-environment-variables-reference.adoc @@ -0,0 +1,253 @@ +:parent-context-of-assembly_che-server-environment-variables-reference: {context} + +[id=assembly_{prod-id-short}-server-environment-variables-reference_{context}] += {prod-short} server environment variables reference + +:context: assembly_che-server-environment-variables-reference + + +== {prod-short} server + +include::ref_che_api.adoc[leveloffset=+2] +include::ref_che_api_internal.adoc[leveloffset=+2] +include::ref_che_database.adoc[leveloffset=+2] +include::ref_che_devworkspaces_enabled.adoc[leveloffset=+2] +include::ref_che_websocket_endpoint.adoc[leveloffset=+2] +include::ref_che_workspace_activity__check__scheduler__delay__s.adoc[leveloffset=+2] +include::ref_che_workspace_activity__check__scheduler__period__s.adoc[leveloffset=+2] +include::ref_che_workspace_activity__cleanup__scheduler__initial__delay__s.adoc[leveloffset=+2] +include::ref_che_workspace_activity__cleanup__scheduler__period__s.adoc[leveloffset=+2] +include::ref_che_workspace_auto__start.adoc[leveloffset=+2] +include::ref_che_workspace_cleanup__temporary__initial__delay__min.adoc[leveloffset=+2] +include::ref_che_workspace_cleanup__temporary__period__min.adoc[leveloffset=+2] +include::ref_che_workspace_default__cpu__limit__cores.adoc[leveloffset=+2] +include::ref_che_workspace_default__cpu__request__cores.adoc[leveloffset=+2] +include::ref_che_workspace_default__memory__limit__mb.adoc[leveloffset=+2] +include::ref_che_workspace_default__memory__request__mb.adoc[leveloffset=+2] +include::ref_che_workspace_devfile_async_storage_plugin.adoc[leveloffset=+2] +include::ref_che_workspace_devfile_default__editor.adoc[leveloffset=+2] +include::ref_che_workspace_devfile_default__editor_plugins.adoc[leveloffset=+2] +include::ref_che_workspace_devfile__registry__internal__url.adoc[leveloffset=+2] +include::ref_che_workspace_devfile__registry__url.adoc[leveloffset=+2] +include::ref_che_workspace_http__proxy.adoc[leveloffset=+2] +include::ref_che_workspace_http__proxy__java__options.adoc[leveloffset=+2] +include::ref_che_workspace_https__proxy.adoc[leveloffset=+2] +include::ref_che_workspace_java__options.adoc[leveloffset=+2] +include::ref_che_workspace_logs_root__dir.adoc[leveloffset=+2] +include::ref_che_workspace_maven__options.adoc[leveloffset=+2] +include::ref_che_workspace_no__proxy.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__broker_artifacts_image.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__broker_default__merge__plugins.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__broker_metadata_image.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__broker_pull__policy.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__broker_wait__timeout__min.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__registry__internal__url.adoc[leveloffset=+2] +include::ref_che_workspace_plugin__registry__url.adoc[leveloffset=+2] +include::ref_che_workspace_pod_node__selector.adoc[leveloffset=+2] +include::ref_che_workspace_pod_tolerations__json.adoc[leveloffset=+2] +include::ref_che_workspace_pool_cores__multiplier.adoc[leveloffset=+2] +include::ref_che_workspace_pool_exact__size.adoc[leveloffset=+2] +include::ref_che_workspace_pool_type.adoc[leveloffset=+2] +include::ref_che_workspace_probe__pool__size.adoc[leveloffset=+2] +include::ref_che_workspace_projects_storage.adoc[leveloffset=+2] +include::ref_che_workspace_projects_storage_default_size.adoc[leveloffset=+2] +include::ref_che_workspace_provision_secret_labels.adoc[leveloffset=+2] +include::ref_che_workspace_server_liveness__probes.adoc[leveloffset=+2] +include::ref_che_workspace_server_ping__interval__milliseconds.adoc[leveloffset=+2] +include::ref_che_workspace_server_ping__success__threshold.adoc[leveloffset=+2] +include::ref_che_workspace_sidecar_default__cpu__limit__cores.adoc[leveloffset=+2] +include::ref_che_workspace_sidecar_default__cpu__request__cores.adoc[leveloffset=+2] +include::ref_che_workspace_sidecar_default__memory__limit__mb.adoc[leveloffset=+2] +include::ref_che_workspace_sidecar_default__memory__request__mb.adoc[leveloffset=+2] +include::ref_che_workspace_sidecar_image__pull__policy.adoc[leveloffset=+2] +include::ref_che_workspace_startup__debug__log__limit__bytes.adoc[leveloffset=+2] +include::ref_che_workspace_stop_role_enabled.adoc[leveloffset=+2] +include::ref_che_workspace_storage_available__types.adoc[leveloffset=+2] +include::ref_che_workspace_storage_preferred__type.adoc[leveloffset=+2] + +== Authentication parameters + + +include::ref_che_auth_access__denied__error__page.adoc[leveloffset=+2] +include::ref_che_auth_reserved__user__names.adoc[leveloffset=+2] +include::ref_che_auth_user__self__creation.adoc[leveloffset=+2] +include::ref_che_oauth1_bitbucket_consumerkeypath.adoc[leveloffset=+2] +include::ref_che_oauth1_bitbucket_endpoint.adoc[leveloffset=+2] +include::ref_che_oauth1_bitbucket_privatekeypath.adoc[leveloffset=+2] +include::ref_che_oauth_github_authuri.adoc[leveloffset=+2] +include::ref_che_oauth_github_clientid.adoc[leveloffset=+2] +include::ref_che_oauth_github_clientsecret.adoc[leveloffset=+2] +include::ref_che_oauth_github_redirecturis.adoc[leveloffset=+2] +include::ref_che_oauth_github_tokenuri.adoc[leveloffset=+2] +include::ref_che_oauth_openshift_clientid.adoc[leveloffset=+2] +include::ref_che_oauth_openshift_clientsecret.adoc[leveloffset=+2] +include::ref_che_oauth_openshift_oauth__endpoint.adoc[leveloffset=+2] +include::ref_che_oauth_openshift_verify__token__url.adoc[leveloffset=+2] +include::ref_che_oauth_service__mode.adoc[leveloffset=+2] + + +== Internal parameters + +include::ref_db_schema_flyway_baseline_enabled.adoc[leveloffset=+2] +include::ref_db_schema_flyway_baseline_version.adoc[leveloffset=+2] +include::ref_db_schema_flyway_scripts_locations.adoc[leveloffset=+2] +include::ref_db_schema_flyway_scripts_prefix.adoc[leveloffset=+2] +include::ref_db_schema_flyway_scripts_suffix.adoc[leveloffset=+2] +include::ref_db_schema_flyway_scripts_version__separator.adoc[leveloffset=+2] +include::ref_schedule_core__pool__size.adoc[leveloffset=+2] + + +== Kubernetes Infra parameters + +include::ref_che_infra_kubernetes_async_storage_image.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_async_storage_shutdown__check__period__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_async_storage_shutdown__timeout__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_client_http_async__requests_max.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_client_http_async__requests_max__per__host.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_client_http_connection__pool_keep__alive__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_client_http_connection__pool_max__idle.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_ingress_annotations__json.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_ingress_domain.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_ingress_labels.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_ingress_path__transform.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_ingress__start__timeout__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_master__url.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_allow__user__defined.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_annotations.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_creation__allowed.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_default.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_label.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_namespace_labels.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pod_security__context_fs__group.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pod_security__context_run__as__user.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pod_termination__grace__period__sec.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_access__mode.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_enabled.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_jobs_image.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_jobs_image_pull__policy.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_jobs_memorylimit.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_name.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_precreate__subpaths.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_quantity.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_storage__class__name.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_strategy.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_pvc_wait__bound.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_runtimes__consistency__check__period__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_server__strategy.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_service__account__name.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_singlehost_gateway_configmap__labels.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_singlehost_workspace_devfile__endpoint__exposure.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_singlehost_workspace_exposure.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_tls__cert.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_tls__enabled.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_tls__key.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_tls__secret.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_trust__certs.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_trusted__ca_dest__configmap.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_trusted__ca_dest__configmap__labels.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_trusted__ca_mount__path.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_trusted__ca_src__configmap.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_workspace__sa__cluster__roles.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_workspace__start__timeout__min.adoc[leveloffset=+2] +include::ref_che_infra_kubernetes_workspace__unrecoverable__events.adoc[leveloffset=+2] + + +== OpenShift Infra parameters + +include::ref_che_infra_openshift_oauth__identity__provider.adoc[leveloffset=+2] +include::ref_che_infra_openshift_project.adoc[leveloffset=+2] +include::ref_che_infra_openshift_route_host_domain__suffix.adoc[leveloffset=+2] +include::ref_che_infra_openshift_route_labels.adoc[leveloffset=+2] +include::ref_che_infra_openshift_trusted__ca_dest__configmap__labels.adoc[leveloffset=+2] + + +== Configuration of the major WebSocket endpoint + +include::ref_che_core_jsonrpc_processor__core__pool__size.adoc[leveloffset=+2] +include::ref_che_core_jsonrpc_processor__max__pool__size.adoc[leveloffset=+2] +include::ref_che_core_jsonrpc_processor__queue__capacity.adoc[leveloffset=+2] +include::ref_che_metrics_port.adoc[leveloffset=+2] + + +== CORS parameters + +include::ref_che_cors_allow__credentials.adoc[leveloffset=+2] +include::ref_che_cors_allowed__origins.adoc[leveloffset=+2] + +== Factory defaults parameters + +include::ref_che_factory_default__devfile__filenames.adoc[leveloffset=+2] +include::ref_che_factory_default__plugins.adoc[leveloffset=+2] + +== Devfile defaults parameters + +include::ref_che_factory_default__editor.adoc[leveloffset=+2] + +== Integration parameters + +include::ref_che_integration_bitbucket_server__endpoints.adoc[leveloffset=+2] +include::ref_che_integration_gitlab_server__endpoints.adoc[leveloffset=+2] + + +== Keycloak parameters + +include::ref_che_keycloak_admin__password.adoc[leveloffset=+2] +include::ref_che_keycloak_admin__username.adoc[leveloffset=+2] +include::ref_che_keycloak_allowed__clock__skew__sec.adoc[leveloffset=+2] +include::ref_che_keycloak_auth__internal__server__url.adoc[leveloffset=+2] +include::ref_che_keycloak_auth__server__url.adoc[leveloffset=+2] +include::ref_che_keycloak_cascade__user__removal__enabled.adoc[leveloffset=+2] +include::ref_che_keycloak_client__id.adoc[leveloffset=+2] +include::ref_che_keycloak_github_endpoint.adoc[leveloffset=+2] +include::ref_che_keycloak_js__adapter__url.adoc[leveloffset=+2] +include::ref_che_keycloak_oidc__provider.adoc[leveloffset=+2] +include::ref_che_keycloak_oso_endpoint.adoc[leveloffset=+2] +include::ref_che_keycloak_realm.adoc[leveloffset=+2] +include::ref_che_keycloak_use__fixed__redirect__urls.adoc[leveloffset=+2] +include::ref_che_keycloak_use__nonce.adoc[leveloffset=+2] +include::ref_che_keycloak_username__claim.adoc[leveloffset=+2] +include::ref_che_keycloak_username_replacement__patterns.adoc[leveloffset=+2] + + +== Organizations workspace limits parameters + +include::ref_che_limits_organization_workspaces_count.adoc[leveloffset=+2] +include::ref_che_limits_organization_workspaces_ram.adoc[leveloffset=+2] +include::ref_che_limits_organization_workspaces_run_count.adoc[leveloffset=+2] + + +== Users workspace limits parameters + +include::ref_che_limits_user_workspaces_count.adoc[leveloffset=+2] +include::ref_che_limits_user_workspaces_ram.adoc[leveloffset=+2] +include::ref_che_limits_user_workspaces_run_count.adoc[leveloffset=+2] + + +== Workspace limits parameters + +include::ref_che_limits_workspace_env_ram.adoc[leveloffset=+2] +include::ref_che_limits_workspace_idle_timeout.adoc[leveloffset=+2] +include::ref_che_limits_workspace_run_timeout.adoc[leveloffset=+2] + + +== {prod-short} system parameters + +include::ref_che_system_admin__name.adoc[leveloffset=+2] +include::ref_che_system_super__privileged__mode.adoc[leveloffset=+2] + + +== Experimental properties + +include::ref_che_server_secure__exposer.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_auth_loader_path.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_cpu__limit.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_cpu__request.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_image.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_memory__limit.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_memory__request.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_token_issuer.adoc[leveloffset=+2] +include::ref_che_server_secure__exposer_jwtproxy_token_ttl.adoc[leveloffset=+2] + + +:context: {parent-context-of-assembly_che-server-environment-variables-reference} diff --git a/modules/installation-guide/partials/ref_che_api.adoc b/modules/installation-guide/partials/ref_che_api.adoc new file mode 100644 index 0000000000..f47478179b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_api.adoc @@ -0,0 +1,13 @@ +[id="che_api_{context}"] += `+CHE_API+` + +API service. Browsers initiate REST communications to {prod-short} server with this URL. + + +.Default value for `+CHE_API+` +==== +---- +http://${CHE_HOST}:${CHE_PORT}/api +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_api_internal.adoc b/modules/installation-guide/partials/ref_che_api_internal.adoc new file mode 100644 index 0000000000..5a6cbaadbd --- /dev/null +++ b/modules/installation-guide/partials/ref_che_api_internal.adoc @@ -0,0 +1,13 @@ +[id="che_api_internal_{context}"] += `+CHE_API_INTERNAL+` + +API service internal network URL. Back-end services should initiate REST communications to {prod-short} server with this URL + + +.Default value for `+CHE_API_INTERNAL+` +==== +---- +http://${CHE_HOST}:${CHE_PORT}/api +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_auth_access__denied__error__page.adoc b/modules/installation-guide/partials/ref_che_auth_access__denied__error__page.adoc new file mode 100644 index 0000000000..aa9ff42346 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_auth_access__denied__error__page.adoc @@ -0,0 +1,13 @@ +[id="che_auth_access__denied__error__page_{context}"] += `+CHE_AUTH_ACCESS__DENIED__ERROR__PAGE+` + +Authentication error page address + + +.Default value for `+CHE_AUTH_ACCESS__DENIED__ERROR__PAGE+` +==== +---- +/error-oauth +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_auth_reserved__user__names.adoc b/modules/installation-guide/partials/ref_che_auth_reserved__user__names.adoc new file mode 100644 index 0000000000..719c5e86a2 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_auth_reserved__user__names.adoc @@ -0,0 +1,13 @@ +[id="che_auth_reserved__user__names_{context}"] += `+CHE_AUTH_RESERVED__USER__NAMES+` + +Reserved user names + + +.Default value for `+CHE_AUTH_RESERVED__USER__NAMES+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_auth_user__self__creation.adoc b/modules/installation-guide/partials/ref_che_auth_user__self__creation.adoc new file mode 100644 index 0000000000..82deda3761 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_auth_user__self__creation.adoc @@ -0,0 +1,13 @@ +[id="che_auth_user__self__creation_{context}"] += `+CHE_AUTH_USER__SELF__CREATION+` + +{prod-short} has a single identity implementation, so this does not change the user experience. If true, enables user creation at API level + + +.Default value for `+CHE_AUTH_USER__SELF__CREATION+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__core__pool__size.adoc b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__core__pool__size.adoc new file mode 100644 index 0000000000..671dc43fc8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__core__pool__size.adoc @@ -0,0 +1,13 @@ +[id="che_core_jsonrpc_processor__core__pool__size_{context}"] += `+CHE_CORE_JSONRPC_PROCESSOR__CORE__POOL__SIZE+` + +Initial JSON processing pool. Minimum number of threads that used to process major JSON RPC messages. + + +.Default value for `+CHE_CORE_JSONRPC_PROCESSOR__CORE__POOL__SIZE+` +==== +---- +5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__max__pool__size.adoc b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__max__pool__size.adoc new file mode 100644 index 0000000000..977b2ac923 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__max__pool__size.adoc @@ -0,0 +1,13 @@ +[id="che_core_jsonrpc_processor__max__pool__size_{context}"] += `+CHE_CORE_JSONRPC_PROCESSOR__MAX__POOL__SIZE+` + +Maximum size of the JSON RPC processing pool in case if pool size would be exceeded message execution will be rejected + + +.Default value for `+CHE_CORE_JSONRPC_PROCESSOR__MAX__POOL__SIZE+` +==== +---- +50 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__queue__capacity.adoc b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__queue__capacity.adoc new file mode 100644 index 0000000000..4563ffe251 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_core_jsonrpc_processor__queue__capacity.adoc @@ -0,0 +1,13 @@ +[id="che_core_jsonrpc_processor__queue__capacity_{context}"] += `+CHE_CORE_JSONRPC_PROCESSOR__QUEUE__CAPACITY+` + +Configuration of queue used to process JSON RPC messages. + + +.Default value for `+CHE_CORE_JSONRPC_PROCESSOR__QUEUE__CAPACITY+` +==== +---- +100000 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_cors_allow__credentials.adoc b/modules/installation-guide/partials/ref_che_cors_allow__credentials.adoc new file mode 100644 index 0000000000..b872848627 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_cors_allow__credentials.adoc @@ -0,0 +1,13 @@ +[id="che_cors_allow__credentials_{context}"] += `+CHE_CORS_ALLOW__CREDENTIALS+` + +Indicates if it allows processing of requests with credentials (in cookies, headers, TLS client certificates). + + +.Default value for `+CHE_CORS_ALLOW__CREDENTIALS+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_cors_allowed__origins.adoc b/modules/installation-guide/partials/ref_che_cors_allowed__origins.adoc new file mode 100644 index 0000000000..234c3c6047 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_cors_allowed__origins.adoc @@ -0,0 +1,13 @@ +[id="che_cors_allowed__origins_{context}"] += `+CHE_CORS_ALLOWED__ORIGINS+` + +Indicates which request origins are allowed. CORS filter on WS Master is turned off by default. Use environment variable "CHE_CORS_ENABLED=true" to turn it on. + + +.Default value for `+CHE_CORS_ALLOWED__ORIGINS+` +==== +---- +* +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_database.adoc b/modules/installation-guide/partials/ref_che_database.adoc new file mode 100644 index 0000000000..cd68b85283 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_database.adoc @@ -0,0 +1,13 @@ +[id="che_database_{context}"] += `+CHE_DATABASE+` + +Folder where {prod-short} stores internal data objects. + + +.Default value for `+CHE_DATABASE+` +==== +---- +${che.home}/storage +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_devworkspaces_enabled.adoc b/modules/installation-guide/partials/ref_che_devworkspaces_enabled.adoc new file mode 100644 index 0000000000..9658d12679 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_devworkspaces_enabled.adoc @@ -0,0 +1,13 @@ +[id="che_devworkspaces_enabled_{context}"] += `+CHE_DEVWORKSPACES_ENABLED+` + +Specifies whether {prod-short} is deployed with DevWorkspaces enabled. This property is set by the {prod-short} Operator if it also installed the support for DevWorkspaces. This property is used to advertise this fact to the {prod-short} dashboard. It does not make sense to change the value of this property manually. + + +.Default value for `+CHE_DEVWORKSPACES_ENABLED+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_factory_default__devfile__filenames.adoc b/modules/installation-guide/partials/ref_che_factory_default__devfile__filenames.adoc new file mode 100644 index 0000000000..08b82a0306 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_factory_default__devfile__filenames.adoc @@ -0,0 +1,13 @@ +[id="che_factory_default__devfile__filenames_{context}"] += `+CHE_FACTORY_DEFAULT__DEVFILE__FILENAMES+` + +Devfile filenames to look on repository-based factories (for example GitHub). Factory will try to locate those files in the order they enumerated in the property. + + +.Default value for `+CHE_FACTORY_DEFAULT__DEVFILE__FILENAMES+` +==== +---- +devfile.yaml,.devfile.yaml +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_factory_default__editor.adoc b/modules/installation-guide/partials/ref_che_factory_default__editor.adoc new file mode 100644 index 0000000000..cd755bf9ce --- /dev/null +++ b/modules/installation-guide/partials/ref_che_factory_default__editor.adoc @@ -0,0 +1,13 @@ +[id="che_factory_default__editor_{context}"] += `+CHE_FACTORY_DEFAULT__EDITOR+` + +Editor that will be used for factories that are created from a remote Git repository which does not contain any {prod-short}-specific workspace descriptor. + + +.Default value for `+CHE_FACTORY_DEFAULT__EDITOR+` +==== +---- +eclipse/che-theia/next +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_factory_default__plugins.adoc b/modules/installation-guide/partials/ref_che_factory_default__plugins.adoc new file mode 100644 index 0000000000..b709dc29bc --- /dev/null +++ b/modules/installation-guide/partials/ref_che_factory_default__plugins.adoc @@ -0,0 +1,13 @@ +[id="che_factory_default__plugins_{context}"] += `+CHE_FACTORY_DEFAULT__PLUGINS+` + +Editor and plugin which will be used for factories that are created from a remote Git repository which does not contain any {prod-short}-specific workspace descriptor Multiple plugins must be comma-separated, for example: `pluginFooPublisher/pluginFooName/pluginFooVersion,pluginBarPublisher/pluginBarName/pluginBarVersion` + + +.Default value for `+CHE_FACTORY_DEFAULT__PLUGINS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_image.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_image.adoc new file mode 100644 index 0000000000..8a38841612 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_image.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_async_storage_image_{context}"] += `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_IMAGE+` + +Docker image for the {prod-short} asynchronous storage + + +.Default value for `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_IMAGE+` +==== +---- +quay.io/eclipse/che-workspace-data-sync-storage:0.0.1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__check__period__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__check__period__min.adoc new file mode 100644 index 0000000000..800f3297f7 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__check__period__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_async_storage_shutdown__check__period__min_{context}"] += `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_SHUTDOWN__CHECK__PERIOD__MIN+` + +Defines the period with which the Asynchronous Storage Pod stopping ability will be performed (once in 30 minutes by default) + + +.Default value for `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_SHUTDOWN__CHECK__PERIOD__MIN+` +==== +---- +30 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__timeout__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__timeout__min.adoc new file mode 100644 index 0000000000..ba3e97a2aa --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_async_storage_shutdown__timeout__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_async_storage_shutdown__timeout__min_{context}"] += `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_SHUTDOWN__TIMEOUT__MIN+` + +The timeout for the Asynchronous Storage Pod shutdown after stopping the last used workspace. Value less or equal to 0 interpreted as disabling shutdown ability. + + +.Default value for `+CHE_INFRA_KUBERNETES_ASYNC_STORAGE_SHUTDOWN__TIMEOUT__MIN+` +==== +---- +120 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max.adoc new file mode 100644 index 0000000000..0c1480ac5b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_client_http_async__requests_max_{context}"] += `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX+` + +Number of maximum concurrent asynchronous web requests (HTTP requests or ongoing WebSocket calls) supported in the underlying shared HTTP client of the `KubernetesClient` instances. Default values: `max=64`, and `max_per_host:5`. Default values are not suitable for multi-user scenarios, as {prod-short} keeps open connections, for example for command or ws-agent logs. + + +.Default value for `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX+` +==== +---- +1000 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max__per__host.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max__per__host.adoc new file mode 100644 index 0000000000..2f72c690fb --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_async__requests_max__per__host.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_client_http_async__requests_max__per__host_{context}"] += `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX__PER__HOST+` + +Number of maximum concurrent asynchronous web requests per host. + + +.Default value for `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_ASYNC__REQUESTS_MAX__PER__HOST+` +==== +---- +1000 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_keep__alive__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_keep__alive__min.adoc new file mode 100644 index 0000000000..327059e21e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_keep__alive__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_client_http_connection__pool_keep__alive__min_{context}"] += `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_CONNECTION__POOL_KEEP__ALIVE__MIN+` + +Keep-alive timeout of the connection pool of the Kubernetes-client shared HTTP client in minutes. + + +.Default value for `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_CONNECTION__POOL_KEEP__ALIVE__MIN+` +==== +---- +5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_max__idle.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_max__idle.adoc new file mode 100644 index 0000000000..795699cc25 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_client_http_connection__pool_max__idle.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_client_http_connection__pool_max__idle_{context}"] += `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_CONNECTION__POOL_MAX__IDLE+` + +Max number of idle connections in the connection pool of the Kubernetes-client shared HTTP client. + + +.Default value for `+CHE_INFRA_KUBERNETES_CLIENT_HTTP_CONNECTION__POOL_MAX__IDLE+` +==== +---- +5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress__start__timeout__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress__start__timeout__min.adoc new file mode 100644 index 0000000000..b0d710aeef --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress__start__timeout__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_ingress__start__timeout__min_{context}"] += `+CHE_INFRA_KUBERNETES_INGRESS__START__TIMEOUT__MIN+` + +Defines the timeout in minutes that limits the period for which Kubernetes Ingress become ready + + +.Default value for `+CHE_INFRA_KUBERNETES_INGRESS__START__TIMEOUT__MIN+` +==== +---- +5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_annotations__json.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_annotations__json.adoc new file mode 100644 index 0000000000..e90b59c31f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_annotations__json.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_ingress_annotations__json_{context}"] += `+CHE_INFRA_KUBERNETES_INGRESS_ANNOTATIONS__JSON+` + +Defines annotations for ingresses which are used for servers exposing. Value depends on the kind of ingress controller. OpenShift infrastructure ignores this property because it uses Routes rather than Ingresses. the {prod-short} Operator that for a single-host deployment strategy to work, a controller supporting URL rewriting has to be used (so that URLs can point to different servers while the servers do not need to support changing the app root). The `che.infra.kubernetes.ingress.path.rewrite_transform` property defines how the path of the ingress should be transformed to support the URL rewriting and this property defines the set of annotations on the ingress itself that instruct the chosen ingress controller to actually do the URL rewriting, potentially building on the path transformation (if required by the chosen ingress controller). For example for Nginx ingress controller 0.22.0 and later the following value is recommended: `{"ingress.kubernetes.io/rewrite-target": "/$1","ingress.kubernetes.io/ssl-redirect": "false",\ "ingress.kubernetes.io/proxy-connect-timeout": "3600","ingress.kubernetes.io/proxy-read-timeout": "3600"}` and the `che.infra.kubernetes.ingress.path.rewrite_transform` should be set to `"%s(.*)"`. For nginx ingress controller older than 0.22.0, the rewrite-target should be set to merely `/` and the path transform to `%s` (see the `che.infra.kubernetes.ingress.path.rewrite_transform` property). See the Nginx ingress controller documentation for the explanation of how the ingress controller uses the regular expression present in the ingress path and how it achieves the URL rewriting. + + +.Default value for `+CHE_INFRA_KUBERNETES_INGRESS_ANNOTATIONS__JSON+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_domain.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_domain.adoc new file mode 100644 index 0000000000..f56ade0b3a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_domain.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_ingress_domain_{context}"] += `+CHE_INFRA_KUBERNETES_INGRESS_DOMAIN+` + +Used to generate domain for a server in a workspace in case property `che.infra.kubernetes.server_strategy` is set to `multi-host` + + +.Default value for `+CHE_INFRA_KUBERNETES_INGRESS_DOMAIN+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_labels.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_labels.adoc new file mode 100644 index 0000000000..62aa0170c6 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_ingress_labels_{context}"] += `+CHE_INFRA_KUBERNETES_INGRESS_LABELS+` + +Additional labels to add into every Ingress created by {prod-short} server to allow clear identification. + + +.Default value for `+CHE_INFRA_KUBERNETES_INGRESS_LABELS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_path__transform.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_path__transform.adoc new file mode 100644 index 0000000000..f29e490fe8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_ingress_path__transform.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_ingress_path__transform_{context}"] += `+CHE_INFRA_KUBERNETES_INGRESS_PATH__TRANSFORM+` + +Defines a "recipe" on how to declare the path of the ingress that should expose a server. The "%s" represents the base public URL of the server and is guaranteed to end with a forward slash. This property must be a valid input to the String.format() method and contain exactly one reference to "%s". See the description of the `che.infra.kubernetes.ingress.annotations_json` property to see how these two properties interplay when specifying the ingress annotations and path. If not defined, this property defaults to "%s" (without the quotes) which means that the path is not transformed in any way for use with the ingress controller. + + +.Default value for `+CHE_INFRA_KUBERNETES_INGRESS_PATH__TRANSFORM+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_master__url.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_master__url.adoc new file mode 100644 index 0000000000..5b2406f3c7 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_master__url.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_master__url_{context}"] += `+CHE_INFRA_KUBERNETES_MASTER__URL+` + +Configuration of Kubernetes client master URL that Infra will use. + + +.Default value for `+CHE_INFRA_KUBERNETES_MASTER__URL+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace.adoc new file mode 100644 index 0000000000..48501eb44f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE+` + +DEPRECATED - Do not change the value of this property otherwise the existing workspaces will loose data. Do not set it on new installations. Defines Kubernetes namespace in which all workspaces will be created. If not set, every workspace will be created in a new namespace, where namespace = workspace id It's possible to use `` and `` placeholders (for example: `che-workspace-`). In that case, new namespace will be created for each user. Service account with permission to create new namespace must be used. Ignored for OpenShift infra. Use `che.infra.openshift.project` instead If the namespace pointed to by this property exists, it will be used for all workspaces. If it does not exist, the namespace specified by `che.infra.kubernetes.namespace.default` will be created and used. This parameter is subject to removal in future releases. Legacy workspaces located in this namespace may become unreachable in future releases. See the documentation about possible next steps. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_allow__user__defined.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_allow__user__defined.adoc new file mode 100644 index 0000000000..542516f0f1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_allow__user__defined.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_allow__user__defined_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_ALLOW__USER__DEFINED+` + +Defines if a user is able to specify {orch-namespace} different from the default. It's NOT RECOMMENDED to configured true without OAuth configured. This property is also used by the OpenShift infra. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_ALLOW__USER__DEFINED+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_annotations.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_annotations.adoc new file mode 100644 index 0000000000..18c7dc72e8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_annotations.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_annotations_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_ANNOTATIONS+` + +List of annotations to find {orch-namespace} prepared for {prod-short} users workspaces. Only {orch-namespace} matching the `che.infra.kubernetes.namespace.labels` will be matched against these annotations. {orch-namespace} that matches both `che.infra.kubernetes.namespace.labels` and `che.infra.kubernetes.namespace.annotations` will be preferentially used for User's workspaces. It's possible to use `` placeholder to specify the {orch-namespace} to concrete user. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_ANNOTATIONS+` +==== +---- +che.eclipse.org/username= +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_creation__allowed.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_creation__allowed.adoc new file mode 100644 index 0000000000..cec52edf7b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_creation__allowed.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_creation__allowed_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_CREATION__ALLOWED+` + +Indicates whether {prod-short} server is allowed to create {orch-namespace} for user workspaces, or they're intended to be created manually by cluster administrator. This property is also used by the OpenShift infra. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_CREATION__ALLOWED+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_default.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_default.adoc new file mode 100644 index 0000000000..351ee07453 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_default.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_default_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_DEFAULT+` + +Defines Kubernetes default namespace in which user's workspaces are created if user does not override it. It's possible to use `` and `` placeholders (for example: `che-workspace-`). In that case, new namespace will be created for each user (or workspace). Used by OpenShift infra as well to specify a Project. The `` placeholder is deprecated and is subject to removal in future releases. The `` or `` placeholder is mandatory. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_DEFAULT+` +==== +---- +-che +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_label.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_label.adoc new file mode 100644 index 0000000000..59e5bb3edf --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_label.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_label_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_LABEL+` + +Defines whether che-server should try to label the workspace namespaces. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_LABEL+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_labels.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_labels.adoc new file mode 100644 index 0000000000..01eef2223b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_namespace_labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_namespace_labels_{context}"] += `+CHE_INFRA_KUBERNETES_NAMESPACE_LABELS+` + +List of labels to find {orch-namespace} that are used for {prod-short} Workspaces. They are used to: - find prepared {orch-namespace} for users in combination with `che.infra.kubernetes.namespace.annotations`. - actively label {orch-namespace} with any workspace. + + +.Default value for `+CHE_INFRA_KUBERNETES_NAMESPACE_LABELS+` +==== +---- +app.kubernetes.io/part-of=che.eclipse.org,app.kubernetes.io/component=workspaces-namespace +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_fs__group.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_fs__group.adoc new file mode 100644 index 0000000000..b0356ab40a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_fs__group.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pod_security__context_fs__group_{context}"] += `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_FS__GROUP+` + +Defines security context for Pods that will be created by Kubernetes Infra. A special supplemental group that applies to all containers in a Pod. This is ignored by OpenShift infra. + + +.Default value for `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_FS__GROUP+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_run__as__user.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_run__as__user.adoc new file mode 100644 index 0000000000..037d644bda --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_security__context_run__as__user.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pod_security__context_run__as__user_{context}"] += `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_RUN__AS__USER+` + +Defines security context for Pods that will be created by Kubernetes Infra This is ignored by OpenShift infra + + +.Default value for `+CHE_INFRA_KUBERNETES_POD_SECURITY__CONTEXT_RUN__AS__USER+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_termination__grace__period__sec.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_termination__grace__period__sec.adoc new file mode 100644 index 0000000000..e65023d308 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pod_termination__grace__period__sec.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pod_termination__grace__period__sec_{context}"] += `+CHE_INFRA_KUBERNETES_POD_TERMINATION__GRACE__PERIOD__SEC+` + +Defines grace termination period for Pods that will be created by {orch-name} infrastructures. Default value: `0`. It allows to stop Pods quickly and significantly decrease the time required for stopping a workspace. the {prod-short} Operator: if `terminationGracePeriodSeconds` have been explicitly set in {orch-name} recipe it will not be overridden. + + +.Default value for `+CHE_INFRA_KUBERNETES_POD_TERMINATION__GRACE__PERIOD__SEC+` +==== +---- +0 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_access__mode.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_access__mode.adoc new file mode 100644 index 0000000000..4bd18a7a03 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_access__mode.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_access__mode_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_ACCESS__MODE+` + +Defines Persistent Volume Claim access mode. the {prod-short} Operator that for common PVC strategy changing of access mode affects the number of simultaneously running workspaces. If the OpenShift instance running {prod-short} is using Persistent Volumes with RWX access mode, then a limit of running workspaces at the same time is bounded only by {prod-short} limits configuration: RAM, CPU, and so on. Detailed information about access mode is described here: https://docs.openshift.com/container-platform/latest/architecture/additional_concepts/storage.html#pv-access-modes + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_ACCESS__MODE+` +==== +---- +ReadWriteOnce +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_enabled.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_enabled.adoc new file mode 100644 index 0000000000..3cfb747c17 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_enabled.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_enabled_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_ENABLED+` + +Defines whether use the Persistent Volume Claim for {prod-short} workspace needs, for example: backup projects, logs, or disable it. + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_ENABLED+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image.adoc new file mode 100644 index 0000000000..a12ed6b605 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_jobs_image_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE+` + +Pod that is launched when performing persistent volume claim maintenance jobs on OpenShift + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE+` +==== +---- +registry.access.redhat.com/ubi8-minimal:8.3-230 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image_pull__policy.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image_pull__policy.adoc new file mode 100644 index 0000000000..bbb38fee6a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_image_pull__policy.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_jobs_image_pull__policy_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE_PULL__POLICY+` + +Image pull policy of container that used for the maintenance jobs on {orch-name} cluster + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_JOBS_IMAGE_PULL__POLICY+` +==== +---- +IfNotPresent +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_memorylimit.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_memorylimit.adoc new file mode 100644 index 0000000000..e4601eff08 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_jobs_memorylimit.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_jobs_memorylimit_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_JOBS_MEMORYLIMIT+` + +Defines Pod memory limit for persistent volume claim maintenance jobs + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_JOBS_MEMORYLIMIT+` +==== +---- +250Mi +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_name.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_name.adoc new file mode 100644 index 0000000000..65fef77040 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_name.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_name_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_NAME+` + +Defines the settings of PVC name for {prod-short} workspaces. Each PVC strategy supplies this value differently. See documentation for `che.infra.kubernetes.pvc.strategy` property + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_NAME+` +==== +---- +claim-che-workspace +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_precreate__subpaths.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_precreate__subpaths.adoc new file mode 100644 index 0000000000..ef0c768cdd --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_precreate__subpaths.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_precreate__subpaths_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS+` + +Defines whether to run a job that creates workspace's subpath directories in persistent volume for the `common` strategy before launching a workspace. Necessary in some versions of {orch-name} as workspace subpath volume mounts are created with root permissions, and therefore cannot be modified by workspaces running as a user (presents an error importing projects into a workspace in {prod-short}). The default is `true`, but should be set to `false` if the version of {orch-name} creates subdirectories with user permissions. Relevant issue: https://github.com/kubernetes/kubernetes/issues/41638 the {prod-short} Operator that this property has effect only if the `common` PVC strategy used. + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_PRECREATE__SUBPATHS+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_quantity.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_quantity.adoc new file mode 100644 index 0000000000..6694811cb5 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_quantity.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_quantity_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_QUANTITY+` + +Defines the size of Persistent Volume Claim of {prod-short} workspace. Format described here: https://docs.openshift.com/container-platform/latest/dev_guide/compute_resources.html#dev-compute-resources + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_QUANTITY+` +==== +---- +10Gi +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_storage__class__name.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_storage__class__name.adoc new file mode 100644 index 0000000000..d26ec29dfb --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_storage__class__name.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_storage__class__name_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_STORAGE__CLASS__NAME+` + +Defines the storage class of Persistent Volume Claim for the workspaces. Empty strings means "use default". + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_STORAGE__CLASS__NAME+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_strategy.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_strategy.adoc new file mode 100644 index 0000000000..48edd3c442 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_strategy.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_strategy_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_STRATEGY+` + +Defined which strategy will be used while choosing PVC for workspaces. Supported strategies: `common`:: All workspaces in the same {orch-namespace} will reuse the same PVC. Name of PVC may be configured with `che.infra.kubernetes.pvc.name`. Existing PVC will be used or a new one will be created if it does not exist. `unique`:: Separate PVC for each workspace's volume will be used. Name of PVC is evaluated as `'{che.infra.kubernetes.pvc.name} + '-' + {generated_8_chars}'`. Existing PVC will be used or a new one will be created if it does not exist. `per-workspace`:: Separate PVC for each workspace will be used. Name of PVC is evaluated as `'{che.infra.kubernetes.pvc.name} + '-' + {WORKSPACE_ID}'`. Existing PVC will be used or a new one will be created if it doesn't exist. + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_STRATEGY+` +==== +---- +common +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_wait__bound.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_wait__bound.adoc new file mode 100644 index 0000000000..21983c43df --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_pvc_wait__bound.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_pvc_wait__bound_{context}"] += `+CHE_INFRA_KUBERNETES_PVC_WAIT__BOUND+` + +Defines if {prod-short} Server should wait workspaces Persistent Volume Claims to become bound after creating. Default value is `true`. The parameter is used by all Persistent Volume Claim strategies. It should be set to `false` when `volumeBindingMode` is configured to `WaitForFirstConsumer` otherwise workspace starts will hangs up on phase of waiting PVCs. + + +.Default value for `+CHE_INFRA_KUBERNETES_PVC_WAIT__BOUND+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_runtimes__consistency__check__period__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_runtimes__consistency__check__period__min.adoc new file mode 100644 index 0000000000..bd9b0911d4 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_runtimes__consistency__check__period__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_runtimes__consistency__check__period__min_{context}"] += `+CHE_INFRA_KUBERNETES_RUNTIMES__CONSISTENCY__CHECK__PERIOD__MIN+` + +Defines the period with which runtimes consistency checks will be performed. If runtime has inconsistent state then runtime will be stopped automatically. Value must be more than 0 or `-1`, where `-1` means that checks won't be performed at all. It is disabled by default because there is possible {prod-short} Server configuration when {prod-short} Server doesn't have an ability to interact with Kubernetes API when operation is not invoked by user. It DOES work on the following configurations: - workspaces objects are created in the same namespace where {prod-short} Server is located; - `cluster-admin` service account token is mounted to {prod-short} Server Pod. It DOES NOT work on the following configurations: - {prod-short} Server communicates with Kubernetes API using token from OAuth provider. + + +.Default value for `+CHE_INFRA_KUBERNETES_RUNTIMES__CONSISTENCY__CHECK__PERIOD__MIN+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_server__strategy.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_server__strategy.adoc new file mode 100644 index 0000000000..f835eae4db --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_server__strategy.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_server__strategy_{context}"] += `+CHE_INFRA_KUBERNETES_SERVER__STRATEGY+` + +Defines the way how servers are exposed to the world in Kubernetes infra. List of strategies implemented in {prod-short}: `default-host`, `multi-host`, `single-host`. + + +.Default value for `+CHE_INFRA_KUBERNETES_SERVER__STRATEGY+` +==== +---- +multi-host +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_service__account__name.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_service__account__name.adoc new file mode 100644 index 0000000000..658f114dcb --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_service__account__name.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_service__account__name_{context}"] += `+CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME+` + +Defines Kubernetes Service Account name which should be specified to be bound to all workspaces Pods. the {prod-short} Operator that Kubernetes Infrastructure will not create the service account and it should exist. OpenShift infrastructure will check if project is predefined(if `che.infra.openshift.project` is not empty): - if it is predefined then service account must exist there - if it is 'NULL' or empty string then infrastructure will create new OpenShift project per workspace and prepare workspace service account with needed roles there + + +.Default value for `+CHE_INFRA_KUBERNETES_SERVICE__ACCOUNT__NAME+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_gateway_configmap__labels.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_gateway_configmap__labels.adoc new file mode 100644 index 0000000000..cf7c4c58f1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_gateway_configmap__labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_singlehost_gateway_configmap__labels_{context}"] += `+CHE_INFRA_KUBERNETES_SINGLEHOST_GATEWAY_CONFIGMAP__LABELS+` + +Defines labels which will be set to ConfigMaps configuring single-host gateway. + + +.Default value for `+CHE_INFRA_KUBERNETES_SINGLEHOST_GATEWAY_CONFIGMAP__LABELS+` +==== +---- +app=che,component=che-gateway-config +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_devfile__endpoint__exposure.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_devfile__endpoint__exposure.adoc new file mode 100644 index 0000000000..3dba538ce7 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_devfile__endpoint__exposure.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_singlehost_workspace_devfile__endpoint__exposure_{context}"] += `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_DEVFILE__ENDPOINT__EXPOSURE+` + +Defines the way how to expose devfile endpoints, as end-user's applications, in single-host server strategy. They can either follow the single-host strategy and be exposed on subpaths, or they can be exposed on subdomains. `multi-host`:: expose on subdomains `single-host`:: expose on subpaths + + +.Default value for `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_DEVFILE__ENDPOINT__EXPOSURE+` +==== +---- +multi-host +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_exposure.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_exposure.adoc new file mode 100644 index 0000000000..825bd388ad --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_singlehost_workspace_exposure.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_singlehost_workspace_exposure_{context}"] += `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_EXPOSURE+` + +Defines the way in which the workspace plugins and editors are exposed in the single-host mode. Supported exposures: `native`:: Exposes servers using Kubernetes Ingresses. Works only on Kubernetes. `gateway`:: Exposes servers using reverse-proxy gateway. + + +.Default value for `+CHE_INFRA_KUBERNETES_SINGLEHOST_WORKSPACE_EXPOSURE+` +==== +---- +native +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__cert.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__cert.adoc new file mode 100644 index 0000000000..86689d3310 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__cert.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_tls__cert_{context}"] += `+CHE_INFRA_KUBERNETES_TLS__CERT+` + +Certificate data for TLS Secret that should be used for workspaces Ingresses. Certificate should be encoded with Base64 algorithm. This property is ignored by OpenShift infrastructure. + + +.Default value for `+CHE_INFRA_KUBERNETES_TLS__CERT+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__enabled.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__enabled.adoc new file mode 100644 index 0000000000..682487ac76 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__enabled.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_tls__enabled_{context}"] += `+CHE_INFRA_KUBERNETES_TLS__ENABLED+` + +Creates Ingresses with Transport Layer Security (TLS) enabled. In OpenShift infrastructure, Routes will be TLS-enabled. + + +.Default value for `+CHE_INFRA_KUBERNETES_TLS__ENABLED+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__key.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__key.adoc new file mode 100644 index 0000000000..1c0d4168eb --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__key.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_tls__key_{context}"] += `+CHE_INFRA_KUBERNETES_TLS__KEY+` + +Data for TLS Secret that should be used for workspaces Ingresses. `cert` and `key` should be encoded with Base64 algorithm. These properties are ignored by OpenShift infrastructure. + + +.Default value for `+CHE_INFRA_KUBERNETES_TLS__KEY+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__secret.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__secret.adoc new file mode 100644 index 0000000000..4428cd9b5c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_tls__secret.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_tls__secret_{context}"] += `+CHE_INFRA_KUBERNETES_TLS__SECRET+` + +Name of a secret that should be used when creating workspace ingresses with TLS. This property is ignored by OpenShift infrastructure. + + +.Default value for `+CHE_INFRA_KUBERNETES_TLS__SECRET+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_trust__certs.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_trust__certs.adoc new file mode 100644 index 0000000000..009c61b05e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_trust__certs.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_trust__certs_{context}"] += `+CHE_INFRA_KUBERNETES_TRUST__CERTS+` + +Boolean to configure Kubernetes client to use trusted certificates. + + +.Default value for `+CHE_INFRA_KUBERNETES_TRUST__CERTS+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap.adoc new file mode 100644 index 0000000000..d538464c7c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_trusted__ca_dest__configmap_{context}"] += `+CHE_INFRA_KUBERNETES_TRUSTED__CA_DEST__CONFIGMAP+` + +Name of the ConfigMap in a workspace namespace with additional CA TLS certificates. Holds the copy of `che.infra.kubernetes.trusted_ca.src_configmap` but in a workspace namespace. Content of this ConfigMap is mounted into all workspace containers including plugin brokers. Do not change the ConfigMap name unless it conflicts with the already existing ConfigMap. the {prod-short} Operator that the resulting ConfigMap name can be adjusted eventually to make it unique in {orch-namespace}. The original name would be stored in `che.original_name` label. + + +.Default value for `+CHE_INFRA_KUBERNETES_TRUSTED__CA_DEST__CONFIGMAP+` +==== +---- +ca-certs +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap__labels.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap__labels.adoc new file mode 100644 index 0000000000..ee0289a926 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_dest__configmap__labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_trusted__ca_dest__configmap__labels_{context}"] += `+CHE_INFRA_KUBERNETES_TRUSTED__CA_DEST__CONFIGMAP__LABELS+` + +Comma separated list of labels to add to the CA certificates ConfigMap in user workspace. See the `che.infra.kubernetes.trusted_ca.dest_configmap` property. + + +.Default value for `+CHE_INFRA_KUBERNETES_TRUSTED__CA_DEST__CONFIGMAP__LABELS+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_mount__path.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_mount__path.adoc new file mode 100644 index 0000000000..658a8554ee --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_mount__path.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_trusted__ca_mount__path_{context}"] += `+CHE_INFRA_KUBERNETES_TRUSTED__CA_MOUNT__PATH+` + +Configures path on workspace containers where the CA bundle should be mounted. Content of ConfigMap specified by `che.infra.kubernetes.trusted_ca.dest_configmap` is mounted. + + +.Default value for `+CHE_INFRA_KUBERNETES_TRUSTED__CA_MOUNT__PATH+` +==== +---- +/public-certs +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_src__configmap.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_src__configmap.adoc new file mode 100644 index 0000000000..d88c704712 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_trusted__ca_src__configmap.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_trusted__ca_src__configmap_{context}"] += `+CHE_INFRA_KUBERNETES_TRUSTED__CA_SRC__CONFIGMAP+` + +Name of the ConfigMap in {prod-short} server namespace with additional CA TLS certificates to be propagated into all user's workspaces. If the property is set on OpenShift 4 infrastructure, and `che.infra.openshift.trusted_ca.dest_configmap_labels` includes the `config.openshift.io/inject-trusted-cabundle=true` label, then cluster CA bundle will be propagated too. + + +.Default value for `+CHE_INFRA_KUBERNETES_TRUSTED__CA_SRC__CONFIGMAP+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__sa__cluster__roles.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__sa__cluster__roles.adoc new file mode 100644 index 0000000000..315eb1fcdf --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__sa__cluster__roles.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_workspace__sa__cluster__roles_{context}"] += `+CHE_INFRA_KUBERNETES_WORKSPACE__SA__CLUSTER__ROLES+` + +Specifies optional, additional cluster roles to use with the workspace service account. the {prod-short} Operator that the cluster role names must already exist, and the {prod-short} service account needs to be able to create a Role Binding to associate these cluster roles with the workspace service account. The names are comma separated. This property deprecates `che.infra.kubernetes.cluster_role_name`. + + +.Default value for `+CHE_INFRA_KUBERNETES_WORKSPACE__SA__CLUSTER__ROLES+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__start__timeout__min.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__start__timeout__min.adoc new file mode 100644 index 0000000000..31b5aeb332 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__start__timeout__min.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_workspace__start__timeout__min_{context}"] += `+CHE_INFRA_KUBERNETES_WORKSPACE__START__TIMEOUT__MIN+` + +Defines time frame that limits the Kubernetes workspace start time + + +.Default value for `+CHE_INFRA_KUBERNETES_WORKSPACE__START__TIMEOUT__MIN+` +==== +---- +8 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__unrecoverable__events.adoc b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__unrecoverable__events.adoc new file mode 100644 index 0000000000..7c00df9186 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_kubernetes_workspace__unrecoverable__events.adoc @@ -0,0 +1,13 @@ +[id="che_infra_kubernetes_workspace__unrecoverable__events_{context}"] += `+CHE_INFRA_KUBERNETES_WORKSPACE__UNRECOVERABLE__EVENTS+` + +If during workspace startup an unrecoverable event defined in the property occurs, stop the workspace immediately rather than waiting until timeout. the {prod-short} Operator that this SHOULD NOT include a mere "Failed" reason, because that might catch events that are not unrecoverable. A failed container startup is handled explicitly by {prod-short} server. + + +.Default value for `+CHE_INFRA_KUBERNETES_WORKSPACE__UNRECOVERABLE__EVENTS+` +==== +---- +FailedMount,FailedScheduling,MountVolume.SetUpfailed,Failed to pull image,FailedCreate,ReplicaSetCreateError +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_openshift_oauth__identity__provider.adoc b/modules/installation-guide/partials/ref_che_infra_openshift_oauth__identity__provider.adoc new file mode 100644 index 0000000000..c327949eb9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_openshift_oauth__identity__provider.adoc @@ -0,0 +1,13 @@ +[id="che_infra_openshift_oauth__identity__provider_{context}"] += `+CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER+` + +Alias of the Openshift identity provider registered in Keycloak, that should be used to create workspace OpenShift resources in Openshift namespaces owned by the current Che user. Should be set to NULL if `che.infra.openshift.project` is set to a non-empty value. For more information see the following documentation: https://www.keycloak.org/docs/3.3/server_admin/topics/identity-broker/social/openshift.html + + +.Default value for `+CHE_INFRA_OPENSHIFT_OAUTH__IDENTITY__PROVIDER+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_openshift_project.adoc b/modules/installation-guide/partials/ref_che_infra_openshift_project.adoc new file mode 100644 index 0000000000..7c45015b7b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_openshift_project.adoc @@ -0,0 +1,13 @@ +[id="che_infra_openshift_project_{context}"] += `+CHE_INFRA_OPENSHIFT_PROJECT+` + +DEPRECATED - Do not change the value of this property otherwise the existing workspaces will loose data. Do not set it on new installations. Defines OpenShift namespace in which all workspaces will be created. If not set, every workspace will be created in a new project, where project name = workspace id It's possible to use `` and `` placeholders (for example: `che-workspace-`). In that case, new project will be created for each user. OpenShift OAuth or service account with permission to create new projects must be used. If the project pointed to by this property exists, it will be used for all workspaces. If it does not exist, the namespace specified by the `che.infra.kubernetes.namespace.default` will be created and used. This parameter is subject to removal in future releases. Legacy workspaces located in this namespace may become unreachable in future releases. See the documentation for possible next steps. + + +.Default value for `+CHE_INFRA_OPENSHIFT_PROJECT+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_openshift_route_host_domain__suffix.adoc b/modules/installation-guide/partials/ref_che_infra_openshift_route_host_domain__suffix.adoc new file mode 100644 index 0000000000..5fe7aadd5a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_openshift_route_host_domain__suffix.adoc @@ -0,0 +1,13 @@ +[id="che_infra_openshift_route_host_domain__suffix_{context}"] += `+CHE_INFRA_OPENSHIFT_ROUTE_HOST_DOMAIN__SUFFIX+` + +The hostname that should be used as a suffix for the workspace routes. For example: Using `domain_suffix=__<{che-host}>__`, the route resembles: `routed3qrtk.__<{che-host}>__`. It has to be a valid DNS name. + + +.Default value for `+CHE_INFRA_OPENSHIFT_ROUTE_HOST_DOMAIN__SUFFIX+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_openshift_route_labels.adoc b/modules/installation-guide/partials/ref_che_infra_openshift_route_labels.adoc new file mode 100644 index 0000000000..d8c6dfcded --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_openshift_route_labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_openshift_route_labels_{context}"] += `+CHE_INFRA_OPENSHIFT_ROUTE_LABELS+` + +Additional labels to add into every Route created by {prod-short} server to allow clear identification. + + +.Default value for `+CHE_INFRA_OPENSHIFT_ROUTE_LABELS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_infra_openshift_trusted__ca_dest__configmap__labels.adoc b/modules/installation-guide/partials/ref_che_infra_openshift_trusted__ca_dest__configmap__labels.adoc new file mode 100644 index 0000000000..3ce474eda8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_infra_openshift_trusted__ca_dest__configmap__labels.adoc @@ -0,0 +1,13 @@ +[id="che_infra_openshift_trusted__ca_dest__configmap__labels_{context}"] += `+CHE_INFRA_OPENSHIFT_TRUSTED__CA_DEST__CONFIGMAP__LABELS+` + +Comma separated list of labels to add to the CA certificates ConfigMap in user workspace. See `che.infra.kubernetes.trusted_ca.dest_configmap` property. This default value is used for automatic cluster CA bundle injection in OpenShift 4. + + +.Default value for `+CHE_INFRA_OPENSHIFT_TRUSTED__CA_DEST__CONFIGMAP__LABELS+` +==== +---- +config.openshift.io/inject-trusted-cabundle=true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_integration_bitbucket_server__endpoints.adoc b/modules/installation-guide/partials/ref_che_integration_bitbucket_server__endpoints.adoc new file mode 100644 index 0000000000..b07916d28e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_integration_bitbucket_server__endpoints.adoc @@ -0,0 +1,13 @@ +[id="che_integration_bitbucket_server__endpoints_{context}"] += `+CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS+` + +Bitbucket endpoints used for factory integrations. Comma separated list of Bitbucket server URLs or NULL if no integration expected. + + +.Default value for `+CHE_INTEGRATION_BITBUCKET_SERVER__ENDPOINTS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_integration_gitlab_server__endpoints.adoc b/modules/installation-guide/partials/ref_che_integration_gitlab_server__endpoints.adoc new file mode 100644 index 0000000000..536c332e9f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_integration_gitlab_server__endpoints.adoc @@ -0,0 +1,13 @@ +[id="che_integration_gitlab_server__endpoints_{context}"] += `+CHE_INTEGRATION_GITLAB_SERVER__ENDPOINTS+` + +GitLab endpoints used for factory integrations. Comma separated list of GitLab server URLs or NULL if no integration expected. + + +.Default value for `+CHE_INTEGRATION_GITLAB_SERVER__ENDPOINTS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_admin__password.adoc b/modules/installation-guide/partials/ref_che_keycloak_admin__password.adoc new file mode 100644 index 0000000000..62f3649b25 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_admin__password.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_admin__password_{context}"] += `+CHE_KEYCLOAK_ADMIN__PASSWORD+` + +Keycloak admin password. Will be used for deleting user from Keycloak on removing user from Che database. Make sense only in case $++{che.keycloak.cascade_user_removal_enabled}++ set to 'true' + + +.Default value for `+CHE_KEYCLOAK_ADMIN__PASSWORD+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_admin__username.adoc b/modules/installation-guide/partials/ref_che_keycloak_admin__username.adoc new file mode 100644 index 0000000000..e742bf0a0b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_admin__username.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_admin__username_{context}"] += `+CHE_KEYCLOAK_ADMIN__USERNAME+` + +Keycloak admin username. Will be used for deleting user from Keycloak on removing user from Che database. Make sense only in case $++{che.keycloak.cascade_user_removal_enabled}++ set to 'true' + + +.Default value for `+CHE_KEYCLOAK_ADMIN__USERNAME+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_allowed__clock__skew__sec.adoc b/modules/installation-guide/partials/ref_che_keycloak_allowed__clock__skew__sec.adoc new file mode 100644 index 0000000000..cdd2ac2e2e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_allowed__clock__skew__sec.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_allowed__clock__skew__sec_{context}"] += `+CHE_KEYCLOAK_ALLOWED__CLOCK__SKEW__SEC+` + +The number of seconds to tolerate for clock skew when verifying exp or nbf claims. + + +.Default value for `+CHE_KEYCLOAK_ALLOWED__CLOCK__SKEW__SEC+` +==== +---- +3 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_auth__internal__server__url.adoc b/modules/installation-guide/partials/ref_che_keycloak_auth__internal__server__url.adoc new file mode 100644 index 0000000000..103a556be2 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_auth__internal__server__url.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_auth__internal__server__url_{context}"] += `+CHE_KEYCLOAK_AUTH__INTERNAL__SERVER__URL+` + +Internal network service Url to keycloak identity provider server + + +.Default value for `+CHE_KEYCLOAK_AUTH__INTERNAL__SERVER__URL+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_auth__server__url.adoc b/modules/installation-guide/partials/ref_che_keycloak_auth__server__url.adoc new file mode 100644 index 0000000000..2bd735c1a8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_auth__server__url.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_auth__server__url_{context}"] += `+CHE_KEYCLOAK_AUTH__SERVER__URL+` + +Url to keycloak identity provider server Can be set to NULL only if `che.keycloak.oidcProvider` is used + + +.Default value for `+CHE_KEYCLOAK_AUTH__SERVER__URL+` +==== +---- +http://${CHE_HOST}:5050/auth +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_cascade__user__removal__enabled.adoc b/modules/installation-guide/partials/ref_che_keycloak_cascade__user__removal__enabled.adoc new file mode 100644 index 0000000000..69b639888f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_cascade__user__removal__enabled.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_cascade__user__removal__enabled_{context}"] += `+CHE_KEYCLOAK_CASCADE__USER__REMOVAL__ENABLED+` + +Configuration for enabling removing user from Keycloak server on removing user from Che database. By default it's disabled. Can be enabled in some special cases when deleting a user in Che database should execute removing related-user from Keycloak. For correct work need to set admin username $++{che.keycloak.admin_username}++ and password $++{che.keycloak.admin_password}++. + + +.Default value for `+CHE_KEYCLOAK_CASCADE__USER__REMOVAL__ENABLED+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_client__id.adoc b/modules/installation-guide/partials/ref_che_keycloak_client__id.adoc new file mode 100644 index 0000000000..37a50e2c46 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_client__id.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_client__id_{context}"] += `+CHE_KEYCLOAK_CLIENT__ID+` + +Keycloak client id in che.keycloak.realm that is used by dashboard, ide and cli to authenticate users + + +.Default value for `+CHE_KEYCLOAK_CLIENT__ID+` +==== +---- +che-public +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_github_endpoint.adoc b/modules/installation-guide/partials/ref_che_keycloak_github_endpoint.adoc new file mode 100644 index 0000000000..5679bb8a81 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_github_endpoint.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_github_endpoint_{context}"] += `+CHE_KEYCLOAK_GITHUB_ENDPOINT+` + +URL to access Github oauth tokens + + +.Default value for `+CHE_KEYCLOAK_GITHUB_ENDPOINT+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_js__adapter__url.adoc b/modules/installation-guide/partials/ref_che_keycloak_js__adapter__url.adoc new file mode 100644 index 0000000000..13b63395d0 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_js__adapter__url.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_js__adapter__url_{context}"] += `+CHE_KEYCLOAK_JS__ADAPTER__URL+` + +URL to the Keycloak Javascript adapter we want to use. if set to NULL, then the default used value is `$++{che.keycloak.auth_server_url}++/js/keycloak.js`, or `/api/keycloak/OIDCKeycloak.js` if an alternate `oidc_provider` is used + + +.Default value for `+CHE_KEYCLOAK_JS__ADAPTER__URL+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_oidc__provider.adoc b/modules/installation-guide/partials/ref_che_keycloak_oidc__provider.adoc new file mode 100644 index 0000000000..9d86fc5aaf --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_oidc__provider.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_oidc__provider_{context}"] += `+CHE_KEYCLOAK_OIDC__PROVIDER+` + +Base URL of an alternate OIDC provider that provides a discovery endpoint as detailed in the following specification https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig + + +.Default value for `+CHE_KEYCLOAK_OIDC__PROVIDER+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_oso_endpoint.adoc b/modules/installation-guide/partials/ref_che_keycloak_oso_endpoint.adoc new file mode 100644 index 0000000000..d86eb0e4b9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_oso_endpoint.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_oso_endpoint_{context}"] += `+CHE_KEYCLOAK_OSO_ENDPOINT+` + +URL to access OSO oauth tokens + + +.Default value for `+CHE_KEYCLOAK_OSO_ENDPOINT+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_realm.adoc b/modules/installation-guide/partials/ref_che_keycloak_realm.adoc new file mode 100644 index 0000000000..369c6a8fc8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_realm.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_realm_{context}"] += `+CHE_KEYCLOAK_REALM+` + +Keycloak realm is used to authenticate users Can be set to NULL only if `che.keycloak.oidcProvider` is used + + +.Default value for `+CHE_KEYCLOAK_REALM+` +==== +---- +che +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_use__fixed__redirect__urls.adoc b/modules/installation-guide/partials/ref_che_keycloak_use__fixed__redirect__urls.adoc new file mode 100644 index 0000000000..c2bf9de1ee --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_use__fixed__redirect__urls.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_use__fixed__redirect__urls_{context}"] += `+CHE_KEYCLOAK_USE__FIXED__REDIRECT__URLS+` + +Set to true when using an alternate OIDC provider that only supports fixed redirect Urls This property is ignored when `che.keycloak.oidc_provider` is NULL + + +.Default value for `+CHE_KEYCLOAK_USE__FIXED__REDIRECT__URLS+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_use__nonce.adoc b/modules/installation-guide/partials/ref_che_keycloak_use__nonce.adoc new file mode 100644 index 0000000000..8b86d3927c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_use__nonce.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_use__nonce_{context}"] += `+CHE_KEYCLOAK_USE__NONCE+` + +Use the OIDC optional `nonce` feature to increase security. + + +.Default value for `+CHE_KEYCLOAK_USE__NONCE+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_username__claim.adoc b/modules/installation-guide/partials/ref_che_keycloak_username__claim.adoc new file mode 100644 index 0000000000..f604203531 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_username__claim.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_username__claim_{context}"] += `+CHE_KEYCLOAK_USERNAME__CLAIM+` + +Username claim to be used as user display name when parsing JWT token if not defined the fallback value is 'preferred_username' + + +.Default value for `+CHE_KEYCLOAK_USERNAME__CLAIM+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_keycloak_username_replacement__patterns.adoc b/modules/installation-guide/partials/ref_che_keycloak_username_replacement__patterns.adoc new file mode 100644 index 0000000000..f3c27d387f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_keycloak_username_replacement__patterns.adoc @@ -0,0 +1,13 @@ +[id="che_keycloak_username_replacement__patterns_{context}"] += `+CHE_KEYCLOAK_USERNAME_REPLACEMENT__PATTERNS+` + +User name adjustment configuration. Che needs to use the usernames as part of K8s object names and labels and therefore has stricter requirements on their format than the identity providers usually allow (it needs them to be DNS-compliant). The adjustment is represented by comma-separated key-value pairs. These are sequentially used as arguments to the String.replaceAll function on the original username. The keys are regular expressions, values are replacement strings that replace the characters in the username that match the regular expression. The modified username will only be stored in the Che database and will not be advertised back to the identity provider. It is recommended to use DNS-compliant characters as replacement strings (values in the key-value pairs). Example: `\=-,@=-at-` changes `\` to `-` and `@` to `-at-` so the username `org\user@com` becomes `org-user-at-com.` + + +.Default value for `+CHE_KEYCLOAK_USERNAME_REPLACEMENT__PATTERNS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_organization_workspaces_count.adoc b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_count.adoc new file mode 100644 index 0000000000..4179c26e2f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_count.adoc @@ -0,0 +1,13 @@ +[id="che_limits_organization_workspaces_count_{context}"] += `+CHE_LIMITS_ORGANIZATION_WORKSPACES_COUNT+` + +The maximum number of workspaces that a organization is allowed to own. The organization will be presented an error message if they try to create additional workspaces. This applies to the total number of both running and stopped workspaces. + + +.Default value for `+CHE_LIMITS_ORGANIZATION_WORKSPACES_COUNT+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_organization_workspaces_ram.adoc b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_ram.adoc new file mode 100644 index 0000000000..495623c8be --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_ram.adoc @@ -0,0 +1,13 @@ +[id="che_limits_organization_workspaces_ram_{context}"] += `+CHE_LIMITS_ORGANIZATION_WORKSPACES_RAM+` + +The total amount of RAM that a single organization (team) is allowed to allocate to running workspaces. An organization owner can allocate this RAM however they see fit across the team's workspaces. + + +.Default value for `+CHE_LIMITS_ORGANIZATION_WORKSPACES_RAM+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_organization_workspaces_run_count.adoc b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_run_count.adoc new file mode 100644 index 0000000000..2f4acd7138 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_organization_workspaces_run_count.adoc @@ -0,0 +1,13 @@ +[id="che_limits_organization_workspaces_run_count_{context}"] += `+CHE_LIMITS_ORGANIZATION_WORKSPACES_RUN_COUNT+` + +The maximum number of running workspaces that a single organization is allowed. If the organization has reached this threshold and they try to start an additional workspace, they will be prompted with an error message. The organization will need to stop a running workspace to activate another. + + +.Default value for `+CHE_LIMITS_ORGANIZATION_WORKSPACES_RUN_COUNT+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_user_workspaces_count.adoc b/modules/installation-guide/partials/ref_che_limits_user_workspaces_count.adoc new file mode 100644 index 0000000000..a9f145fe9b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_user_workspaces_count.adoc @@ -0,0 +1,13 @@ +[id="che_limits_user_workspaces_count_{context}"] += `+CHE_LIMITS_USER_WORKSPACES_COUNT+` + +The maximum number of workspaces that a user is allowed to create. The user will be presented with an error message if they try to create additional workspaces. This applies to the total number of both running and stopped workspaces. + + +.Default value for `+CHE_LIMITS_USER_WORKSPACES_COUNT+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_user_workspaces_ram.adoc b/modules/installation-guide/partials/ref_che_limits_user_workspaces_ram.adoc new file mode 100644 index 0000000000..d1506a46a8 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_user_workspaces_ram.adoc @@ -0,0 +1,13 @@ +[id="che_limits_user_workspaces_ram_{context}"] += `+CHE_LIMITS_USER_WORKSPACES_RAM+` + +The total amount of RAM that a single user is allowed to allocate to running workspaces. A user can allocate this RAM to a single workspace or spread it across multiple workspaces. + + +.Default value for `+CHE_LIMITS_USER_WORKSPACES_RAM+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_user_workspaces_run_count.adoc b/modules/installation-guide/partials/ref_che_limits_user_workspaces_run_count.adoc new file mode 100644 index 0000000000..32cea7dfdc --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_user_workspaces_run_count.adoc @@ -0,0 +1,13 @@ +[id="che_limits_user_workspaces_run_count_{context}"] += `+CHE_LIMITS_USER_WORKSPACES_RUN_COUNT+` + +The maximum number of running workspaces that a single user is allowed to have. If the user has reached this threshold and they try to start an additional workspace, they will be prompted with an error message. The user will need to stop a running workspace to activate another. + + +.Default value for `+CHE_LIMITS_USER_WORKSPACES_RUN_COUNT+` +==== +---- +1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_workspace_env_ram.adoc b/modules/installation-guide/partials/ref_che_limits_workspace_env_ram.adoc new file mode 100644 index 0000000000..180f6abdd4 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_workspace_env_ram.adoc @@ -0,0 +1,13 @@ +[id="che_limits_workspace_env_ram_{context}"] += `+CHE_LIMITS_WORKSPACE_ENV_RAM+` + +Workspaces are the fundamental runtime for users when doing development. You can set parameters that limit how workspaces are created and the resources that are consumed. The maximum amount of RAM that a user can allocate to a workspace when they create a new workspace. The RAM slider is adjusted to this maximum value. + + +.Default value for `+CHE_LIMITS_WORKSPACE_ENV_RAM+` +==== +---- +16gb +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_workspace_idle_timeout.adoc b/modules/installation-guide/partials/ref_che_limits_workspace_idle_timeout.adoc new file mode 100644 index 0000000000..63e8ef7ba9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_workspace_idle_timeout.adoc @@ -0,0 +1,13 @@ +[id="che_limits_workspace_idle_timeout_{context}"] += `+CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT+` + +The length of time that a user is idle with their workspace when the system will suspend the workspace and then stopping it. Idleness is the length of time that the user has not interacted with the workspace, meaning that one of our agents has not received interaction. Leaving a browser window open counts toward idleness. + + +.Default value for `+CHE_LIMITS_WORKSPACE_IDLE_TIMEOUT+` +==== +---- +1800000 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_limits_workspace_run_timeout.adoc b/modules/installation-guide/partials/ref_che_limits_workspace_run_timeout.adoc new file mode 100644 index 0000000000..f256a9f651 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_limits_workspace_run_timeout.adoc @@ -0,0 +1,13 @@ +[id="che_limits_workspace_run_timeout_{context}"] += `+CHE_LIMITS_WORKSPACE_RUN_TIMEOUT+` + +The length of time in milliseconds that a workspace will run, regardless of activity, before the system will suspend it. Set this property if you want to automatically stop workspaces after a period of time. The default is zero, meaning that there is no run timeout. + + +.Default value for `+CHE_LIMITS_WORKSPACE_RUN_TIMEOUT+` +==== +---- +0 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_metrics_port.adoc b/modules/installation-guide/partials/ref_che_metrics_port.adoc new file mode 100644 index 0000000000..826ccd2226 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_metrics_port.adoc @@ -0,0 +1,13 @@ +[id="che_metrics_port_{context}"] += `+CHE_METRICS_PORT+` + +Port the HTTP server endpoint that would be exposed with Prometheus metrics. + + +.Default value for `+CHE_METRICS_PORT+` +==== +---- +8087 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth1_bitbucket_consumerkeypath.adoc b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_consumerkeypath.adoc new file mode 100644 index 0000000000..3a8ebf3f2c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_consumerkeypath.adoc @@ -0,0 +1,13 @@ +[id="che_oauth1_bitbucket_consumerkeypath_{context}"] += `+CHE_OAUTH1_BITBUCKET_CONSUMERKEYPATH+` + +Configuration of Bitbucket Server OAuth1 client. Used to obtain Personal access tokens. Location of the file with Bitbucket Server application consumer key (equivalent to a username). + + +.Default value for `+CHE_OAUTH1_BITBUCKET_CONSUMERKEYPATH+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth1_bitbucket_endpoint.adoc b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_endpoint.adoc new file mode 100644 index 0000000000..e0af93e59c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_endpoint.adoc @@ -0,0 +1,13 @@ +[id="che_oauth1_bitbucket_endpoint_{context}"] += `+CHE_OAUTH1_BITBUCKET_ENDPOINT+` + +ConfigurationofBitbucket Server OAuth1 client. Used to obtain Personal access tokens. Location of the file with Bitbucket Server application consumer key (equivalent to a username). Location of the file with Bitbucket Server application private key Bitbucket Server URL. To work correctly with factories the same URL has to be part of `che.integration.bitbucket.server_endpoints` too. + + +.Default value for `+CHE_OAUTH1_BITBUCKET_ENDPOINT+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth1_bitbucket_privatekeypath.adoc b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_privatekeypath.adoc new file mode 100644 index 0000000000..e4fa9d31f9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth1_bitbucket_privatekeypath.adoc @@ -0,0 +1,13 @@ +[id="che_oauth1_bitbucket_privatekeypath_{context}"] += `+CHE_OAUTH1_BITBUCKET_PRIVATEKEYPATH+` + +Configurationof Bitbucket Server OAuth1 client. Used to obtain Personal access tokens. Location of the file with Bitbucket Server application consumer key (equivalent to a username). Location of the file with Bitbucket Server application private key + + +.Default value for `+CHE_OAUTH1_BITBUCKET_PRIVATEKEYPATH+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_github_authuri.adoc b/modules/installation-guide/partials/ref_che_oauth_github_authuri.adoc new file mode 100644 index 0000000000..7fc862e4dd --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_github_authuri.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_github_authuri_{context}"] += `+CHE_OAUTH_GITHUB_AUTHURI+` + +GitHub OAuth authorization URI. + + +.Default value for `+CHE_OAUTH_GITHUB_AUTHURI+` +==== +---- +https://github.com/login/oauth/authorize +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_github_clientid.adoc b/modules/installation-guide/partials/ref_che_oauth_github_clientid.adoc new file mode 100644 index 0000000000..6d82e5cdff --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_github_clientid.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_github_clientid_{context}"] += `+CHE_OAUTH_GITHUB_CLIENTID+` + +Configuration of GitHub OAuth client. You can setup GitHub OAuth to automate authentication to remote repositories. You need to first register this application with GitHub OAuth. GitHub OAuth client ID. + + +.Default value for `+CHE_OAUTH_GITHUB_CLIENTID+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_github_clientsecret.adoc b/modules/installation-guide/partials/ref_che_oauth_github_clientsecret.adoc new file mode 100644 index 0000000000..c6b4296bc5 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_github_clientsecret.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_github_clientsecret_{context}"] += `+CHE_OAUTH_GITHUB_CLIENTSECRET+` + +GitHub OAuth client secret. + + +.Default value for `+CHE_OAUTH_GITHUB_CLIENTSECRET+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_github_redirecturis.adoc b/modules/installation-guide/partials/ref_che_oauth_github_redirecturis.adoc new file mode 100644 index 0000000000..0cc879a583 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_github_redirecturis.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_github_redirecturis_{context}"] += `+CHE_OAUTH_GITHUB_REDIRECTURIS+` + +GitHub OAuth redirect URIs. Separate multiple values with comma, for example: URI,URI,URI + + +.Default value for `+CHE_OAUTH_GITHUB_REDIRECTURIS+` +==== +---- +http://localhost:${CHE_PORT}/api/oauth/callback +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_github_tokenuri.adoc b/modules/installation-guide/partials/ref_che_oauth_github_tokenuri.adoc new file mode 100644 index 0000000000..5f6c20d25d --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_github_tokenuri.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_github_tokenuri_{context}"] += `+CHE_OAUTH_GITHUB_TOKENURI+` + +GitHub OAuth token URI. + + +.Default value for `+CHE_OAUTH_GITHUB_TOKENURI+` +==== +---- +https://github.com/login/oauth/access_token +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_openshift_clientid.adoc b/modules/installation-guide/partials/ref_che_oauth_openshift_clientid.adoc new file mode 100644 index 0000000000..e1e6197040 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_openshift_clientid.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_openshift_clientid_{context}"] += `+CHE_OAUTH_OPENSHIFT_CLIENTID+` + +Configuration of OpenShift OAuth client. Used to obtain OpenShift OAuth token. OpenShift OAuth client ID. + + +.Default value for `+CHE_OAUTH_OPENSHIFT_CLIENTID+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_openshift_clientsecret.adoc b/modules/installation-guide/partials/ref_che_oauth_openshift_clientsecret.adoc new file mode 100644 index 0000000000..68ac15d0d6 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_openshift_clientsecret.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_openshift_clientsecret_{context}"] += `+CHE_OAUTH_OPENSHIFT_CLIENTSECRET+` + +Configurationof OpenShift OAuth client. Used to obtain OpenShift OAuth token. OpenShift OAuth client ID. OpenShift OAuth client secret. + + +.Default value for `+CHE_OAUTH_OPENSHIFT_CLIENTSECRET+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_openshift_oauth__endpoint.adoc b/modules/installation-guide/partials/ref_che_oauth_openshift_oauth__endpoint.adoc new file mode 100644 index 0000000000..cd91aa6db2 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_openshift_oauth__endpoint.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_openshift_oauth__endpoint_{context}"] += `+CHE_OAUTH_OPENSHIFT_OAUTH__ENDPOINT+` + +ConfigurationofOpenShift OAuth client. Used to obtain OpenShift OAuth token. OpenShift OAuth client ID. OpenShift OAuth client secret. OpenShift OAuth endpoint. + + +.Default value for `+CHE_OAUTH_OPENSHIFT_OAUTH__ENDPOINT+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_openshift_verify__token__url.adoc b/modules/installation-guide/partials/ref_che_oauth_openshift_verify__token__url.adoc new file mode 100644 index 0000000000..8d87d99197 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_openshift_verify__token__url.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_openshift_verify__token__url_{context}"] += `+CHE_OAUTH_OPENSHIFT_VERIFY__TOKEN__URL+` + +ConfigurationofOpenShiftOAuth client. Used to obtain OpenShift OAuth token. OpenShift OAuth client ID. OpenShift OAuth client secret. OpenShift OAuth endpoint. OpenShift OAuth verification token URL. + + +.Default value for `+CHE_OAUTH_OPENSHIFT_VERIFY__TOKEN__URL+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_oauth_service__mode.adoc b/modules/installation-guide/partials/ref_che_oauth_service__mode.adoc new file mode 100644 index 0000000000..bb7a5f3796 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_oauth_service__mode.adoc @@ -0,0 +1,13 @@ +[id="che_oauth_service__mode_{context}"] += `+CHE_OAUTH_SERVICE__MODE+` + +Configuration of OAuth Authentication Service that can be used in "embedded" or "delegated" mode. If set to "embedded", then the service work as a wrapper to Che's OAuthAuthenticator ( as in Single User mode). If set to "delegated", then the service will use Keycloak IdentityProvider mechanism. Runtime Exception wii be thrown, in case if this property is not set properly. + + +.Default value for `+CHE_OAUTH_SERVICE__MODE+` +==== +---- +delegated +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer.adoc new file mode 100644 index 0000000000..ce6204272c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_{context}"] += `+CHE_SERVER_SECURE__EXPOSER+` + +Configures in which way secure servers will be protected with authentication. Suitable values: - `default`: `jwtproxy` is configured in a pass-through mode. Servers should authenticate requests themselves. - `jwtproxy`: `jwtproxy` will authenticate requests. Servers will receive only authenticated requests. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER+` +==== +---- +jwtproxy +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_auth_loader_path.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_auth_loader_path.adoc new file mode 100644 index 0000000000..d7ea4f09c1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_auth_loader_path.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_auth_loader_path_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_AUTH_LOADER_PATH+` + +Optional authentication page path to route unsigned requests to. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_AUTH_LOADER_PATH+` +==== +---- +/_app/loader.html +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__limit.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__limit.adoc new file mode 100644 index 0000000000..4e9a9bc4b1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__limit.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_cpu__limit_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_CPU__LIMIT+` + +JWTProxy CPU limit. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_CPU__LIMIT+` +==== +---- +0.5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__request.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__request.adoc new file mode 100644 index 0000000000..9adc0181b4 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_cpu__request.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_cpu__request_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_CPU__REQUEST+` + +JWTProxy CPU request. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_CPU__REQUEST+` +==== +---- +0.03 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_image.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_image.adoc new file mode 100644 index 0000000000..de5e476dfa --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_image.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_image_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_IMAGE+` + +JWTProxy image. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_IMAGE+` +==== +---- +quay.io/eclipse/che-jwtproxy:0.10.0 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__limit.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__limit.adoc new file mode 100644 index 0000000000..f98c7c5d03 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__limit.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_memory__limit_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_MEMORY__LIMIT+` + +JWTProxy memory limit. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_MEMORY__LIMIT+` +==== +---- +128mb +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__request.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__request.adoc new file mode 100644 index 0000000000..661a16adb9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_memory__request.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_memory__request_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_MEMORY__REQUEST+` + +JWTProxy memory request. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_MEMORY__REQUEST+` +==== +---- +15mb +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_issuer.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_issuer.adoc new file mode 100644 index 0000000000..6728d0fa5b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_issuer.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_token_issuer_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_TOKEN_ISSUER+` + +`Jwtproxy` issuer string, token lifetime, and optional auth page path to route unsigned requests to. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_TOKEN_ISSUER+` +==== +---- +wsmaster +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_ttl.adoc b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_ttl.adoc new file mode 100644 index 0000000000..463185f020 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_server_secure__exposer_jwtproxy_token_ttl.adoc @@ -0,0 +1,13 @@ +[id="che_server_secure__exposer_jwtproxy_token_ttl_{context}"] += `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_TOKEN_TTL+` + +JWTProxy issuer token lifetime. + + +.Default value for `+CHE_SERVER_SECURE__EXPOSER_JWTPROXY_TOKEN_TTL+` +==== +---- +8800h +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_system_admin__name.adoc b/modules/installation-guide/partials/ref_che_system_admin__name.adoc new file mode 100644 index 0000000000..19d7199799 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_system_admin__name.adoc @@ -0,0 +1,13 @@ +[id="che_system_admin__name_{context}"] += `+CHE_SYSTEM_ADMIN__NAME+` + +Grant system permission for 'che.admin.name' user. If the user already exists it'll happen on component startup, if not - during the first login when user is persisted in the database. + + +.Default value for `+CHE_SYSTEM_ADMIN__NAME+` +==== +---- +admin +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_system_super__privileged__mode.adoc b/modules/installation-guide/partials/ref_che_system_super__privileged__mode.adoc new file mode 100644 index 0000000000..e1fb6ac9d6 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_system_super__privileged__mode.adoc @@ -0,0 +1,13 @@ +[id="che_system_super__privileged__mode_{context}"] += `+CHE_SYSTEM_SUPER__PRIVILEGED__MODE+` + +System Super Privileged Mode. Grants users with the manageSystem permission additional permissions for getByKey, getByNameSpace, stopWorkspaces, and getResourcesInformation. These are not given to admins by default and these permissions allow admins gain visibility to any workspace along with naming themselves with admin privileges to those workspaces. + + +.Default value for `+CHE_SYSTEM_SUPER__PRIVILEGED__MODE+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_websocket_endpoint.adoc b/modules/installation-guide/partials/ref_che_websocket_endpoint.adoc new file mode 100644 index 0000000000..72180c004c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_websocket_endpoint.adoc @@ -0,0 +1,13 @@ +[id="che_websocket_endpoint_{context}"] += `+CHE_WEBSOCKET_ENDPOINT+` + +{prod-short} WebSocket major endpoint. Provides basic communication endpoint for major WebSocket interactions and messaging. + + +.Default value for `+CHE_WEBSOCKET_ENDPOINT+` +==== +---- +ws://${CHE_HOST}:${CHE_PORT}/api/websocket +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__delay__s.adoc b/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__delay__s.adoc new file mode 100644 index 0000000000..695285b8fd --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__delay__s.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_activity__check__scheduler__delay__s_{context}"] += `+CHE_WORKSPACE_ACTIVITY__CHECK__SCHEDULER__DELAY__S+` + +Delay before first workspace idleness check job started to avoid mass suspend if ws master was unavailable for period close to inactivity timeout. + + +.Default value for `+CHE_WORKSPACE_ACTIVITY__CHECK__SCHEDULER__DELAY__S+` +==== +---- +180 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__period__s.adoc b/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__period__s.adoc new file mode 100644 index 0000000000..88d6e7be9e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_activity__check__scheduler__period__s.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_activity__check__scheduler__period__s_{context}"] += `+CHE_WORKSPACE_ACTIVITY__CHECK__SCHEDULER__PERIOD__S+` + +Period of inactive workspaces suspend job execution. + + +.Default value for `+CHE_WORKSPACE_ACTIVITY__CHECK__SCHEDULER__PERIOD__S+` +==== +---- +60 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__initial__delay__s.adoc b/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__initial__delay__s.adoc new file mode 100644 index 0000000000..38424c7c4f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__initial__delay__s.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_activity__cleanup__scheduler__initial__delay__s_{context}"] += `+CHE_WORKSPACE_ACTIVITY__CLEANUP__SCHEDULER__INITIAL__DELAY__S+` + +The delay after server startup to start the first activity clean up job. + + +.Default value for `+CHE_WORKSPACE_ACTIVITY__CLEANUP__SCHEDULER__INITIAL__DELAY__S+` +==== +---- +60 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__period__s.adoc b/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__period__s.adoc new file mode 100644 index 0000000000..75dab0e290 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_activity__cleanup__scheduler__period__s.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_activity__cleanup__scheduler__period__s_{context}"] += `+CHE_WORKSPACE_ACTIVITY__CLEANUP__SCHEDULER__PERIOD__S+` + +The period of the cleanup of the activity table. The activity table can contain invalid or stale data if some unforeseen errors happen, as a server failure at a peculiar point in time. The default is to run the cleanup job every hour. + + +.Default value for `+CHE_WORKSPACE_ACTIVITY__CLEANUP__SCHEDULER__PERIOD__S+` +==== +---- +3600 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_auto__start.adoc b/modules/installation-guide/partials/ref_che_workspace_auto__start.adoc new file mode 100644 index 0000000000..29a6e52879 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_auto__start.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_auto__start_{context}"] += `+CHE_WORKSPACE_AUTO__START+` + +By default, when users access a workspace with its URL, the workspace automatically starts (if currently stopped). Set this to `false` to disable this behavior. + + +.Default value for `+CHE_WORKSPACE_AUTO__START+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__initial__delay__min.adoc b/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__initial__delay__min.adoc new file mode 100644 index 0000000000..4398200760 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__initial__delay__min.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_cleanup__temporary__initial__delay__min_{context}"] += `+CHE_WORKSPACE_CLEANUP__TEMPORARY__INITIAL__DELAY__MIN+` + +Time period to delay the first execution of temporary workspaces cleanup job. + + +.Default value for `+CHE_WORKSPACE_CLEANUP__TEMPORARY__INITIAL__DELAY__MIN+` +==== +---- +5 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__period__min.adoc b/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__period__min.adoc new file mode 100644 index 0000000000..2586a451ac --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_cleanup__temporary__period__min.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_cleanup__temporary__period__min_{context}"] += `+CHE_WORKSPACE_CLEANUP__TEMPORARY__PERIOD__MIN+` + +Time period delay between the termination of one execution and the commencement of the next execution of temporary workspaces cleanup job + + +.Default value for `+CHE_WORKSPACE_CLEANUP__TEMPORARY__PERIOD__MIN+` +==== +---- +180 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_default__cpu__limit__cores.adoc b/modules/installation-guide/partials/ref_che_workspace_default__cpu__limit__cores.adoc new file mode 100644 index 0000000000..26916e02f7 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_default__cpu__limit__cores.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_default__cpu__limit__cores_{context}"] += `+CHE_WORKSPACE_DEFAULT__CPU__LIMIT__CORES+` + +CPU limit for each container that has no CPU settings in its environment. Specify either in floating point cores number, for example, `0.125`, or using the Kubernetes format, integer millicores, for example, `125m`. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_DEFAULT__CPU__LIMIT__CORES+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_default__cpu__request__cores.adoc b/modules/installation-guide/partials/ref_che_workspace_default__cpu__request__cores.adoc new file mode 100644 index 0000000000..c991034e0b --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_default__cpu__request__cores.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_default__cpu__request__cores_{context}"] += `+CHE_WORKSPACE_DEFAULT__CPU__REQUEST__CORES+` + +CPU request for each container that has no CPU settings in environment. A CPU request exceeding the CPU limit is ignored, and only limit number is used. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_DEFAULT__CPU__REQUEST__CORES+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_default__memory__limit__mb.adoc b/modules/installation-guide/partials/ref_che_workspace_default__memory__limit__mb.adoc new file mode 100644 index 0000000000..cec322cc87 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_default__memory__limit__mb.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_default__memory__limit__mb_{context}"] += `+CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB+` + +RAM limit default for each machine that has no RAM settings in its environment. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_DEFAULT__MEMORY__LIMIT__MB+` +==== +---- +1024 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_default__memory__request__mb.adoc b/modules/installation-guide/partials/ref_che_workspace_default__memory__request__mb.adoc new file mode 100644 index 0000000000..f69accf9f1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_default__memory__request__mb.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_default__memory__request__mb_{context}"] += `+CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB+` + +RAM request for each container that has no explicit RAM settings in its environment. This amount is allocated when the workspace container is created. This property may not be supported by all infrastructure implementations. Currently it is supported by {orch-name}. A memory request exceeding the memory limit is ignored, and only the limit size is used. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_DEFAULT__MEMORY__REQUEST__MB+` +==== +---- +200 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_devfile__registry__internal__url.adoc b/modules/installation-guide/partials/ref_che_workspace_devfile__registry__internal__url.adoc new file mode 100644 index 0000000000..d43e22ce4e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_devfile__registry__internal__url.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_devfile__registry__internal__url_{context}"] += `+CHE_WORKSPACE_DEVFILE__REGISTRY__INTERNAL__URL+` + +Devfile Registry "internal" endpoint. Should be a valid HTTP URL. Example: ++http://plugin-registry.che.svc.cluster.local:8080++ In case {prod-short} plug-ins registry is not needed value 'NULL' should be used + + +.Default value for `+CHE_WORKSPACE_DEVFILE__REGISTRY__INTERNAL__URL+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_devfile__registry__url.adoc b/modules/installation-guide/partials/ref_che_workspace_devfile__registry__url.adoc new file mode 100644 index 0000000000..ccb31ad56f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_devfile__registry__url.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_devfile__registry__url_{context}"] += `+CHE_WORKSPACE_DEVFILE__REGISTRY__URL+` + +Devfile Registry endpoint. Should be a valid HTTP URL. Example: ++http://che-devfile-registry-eclipse-che.192.168.65.2.nip.io++ In case {prod-short} plug-ins registry is not needed value 'NULL' should be used + + +.Default value for `+CHE_WORKSPACE_DEVFILE__REGISTRY__URL+` +==== +---- +https://che-devfile-registry.prod-preview.openshift.io/ +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_devfile_async_storage_plugin.adoc b/modules/installation-guide/partials/ref_che_workspace_devfile_async_storage_plugin.adoc new file mode 100644 index 0000000000..a7b74505f6 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_devfile_async_storage_plugin.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_devfile_async_storage_plugin_{context}"] += `+CHE_WORKSPACE_DEVFILE_ASYNC_STORAGE_PLUGIN+` + +Plugin is added in case asynchronous storage feature will be enabled in workspace configuration and supported by environment + + +.Default value for `+CHE_WORKSPACE_DEVFILE_ASYNC_STORAGE_PLUGIN+` +==== +---- +eclipse/che-async-pv-plugin/latest +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor.adoc b/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor.adoc new file mode 100644 index 0000000000..4ff3dcc27f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_devfile_default__editor_{context}"] += `+CHE_WORKSPACE_DEVFILE_DEFAULT__EDITOR+` + +Default Editor that should be provisioned into Devfile if there is no specified Editor Format is `editorPublisher/editorName/editorVersion` value. `NULL` or absence of value means that default editor should not be provisioned. + + +.Default value for `+CHE_WORKSPACE_DEVFILE_DEFAULT__EDITOR+` +==== +---- +eclipse/che-theia/next +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor_plugins.adoc b/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor_plugins.adoc new file mode 100644 index 0000000000..2242f67147 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_devfile_default__editor_plugins.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_devfile_default__editor_plugins_{context}"] += `+CHE_WORKSPACE_DEVFILE_DEFAULT__EDITOR_PLUGINS+` + +Default Plug-ins which should be provisioned for Default Editor. All the plugins from this list that are not explicitly mentioned in the user-defined devfile will be provisioned but only when the default editor is used or if the user-defined editor is the same as the default one (even if in different version). Format is comma-separated `pluginPublisher/pluginName/pluginVersion` values, and URLs. For example: `eclipse/che-theia-exec-plugin/0.0.1,eclipse/che-theia-terminal-plugin/0.0.1,https://cdn.pluginregistry.com/vi-mode/meta.yaml` If the plugin is a URL, the plugin's `meta.yaml` is retrieved from that URL. + + +.Default value for `+CHE_WORKSPACE_DEVFILE_DEFAULT__EDITOR_PLUGINS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_http__proxy.adoc b/modules/installation-guide/partials/ref_che_workspace_http__proxy.adoc new file mode 100644 index 0000000000..fea9c2a1df --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_http__proxy.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_http__proxy_{context}"] += `+CHE_WORKSPACE_HTTP__PROXY+` + +Configures environment variable HTTP_PROXY to a specified value in containers powering workspaces. + + +.Default value for `+CHE_WORKSPACE_HTTP__PROXY+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_http__proxy__java__options.adoc b/modules/installation-guide/partials/ref_che_workspace_http__proxy__java__options.adoc new file mode 100644 index 0000000000..a047489c87 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_http__proxy__java__options.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_http__proxy__java__options_{context}"] += `+CHE_WORKSPACE_HTTP__PROXY__JAVA__OPTIONS+` + +HTTP proxy setting for workspace JVM. + + +.Default value for `+CHE_WORKSPACE_HTTP__PROXY__JAVA__OPTIONS+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_https__proxy.adoc b/modules/installation-guide/partials/ref_che_workspace_https__proxy.adoc new file mode 100644 index 0000000000..573031d680 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_https__proxy.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_https__proxy_{context}"] += `+CHE_WORKSPACE_HTTPS__PROXY+` + +Configures environment variable HTTPS_PROXY to a specified value in containers powering workspaces. + + +.Default value for `+CHE_WORKSPACE_HTTPS__PROXY+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_java__options.adoc b/modules/installation-guide/partials/ref_che_workspace_java__options.adoc new file mode 100644 index 0000000000..cee8740b78 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_java__options.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_java__options_{context}"] += `+CHE_WORKSPACE_JAVA__OPTIONS+` + +Java command-line options added to JVMs running in workspaces. + + +.Default value for `+CHE_WORKSPACE_JAVA__OPTIONS+` +==== +---- +-XX:MaxRAM=150m-XX:MaxRAMFraction=2 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xms20m -Djava.security.egd=file:/dev/./urandom +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_logs_root__dir.adoc b/modules/installation-guide/partials/ref_che_workspace_logs_root__dir.adoc new file mode 100644 index 0000000000..56f4c370ab --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_logs_root__dir.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_logs_root__dir_{context}"] += `+CHE_WORKSPACE_LOGS_ROOT__DIR+` + +Defines the directory inside the machine where all the workspace logs are placed. Provide this value into the machine, for example, as an environment variable. This is to ensure that agent developers can use this directory to back up agent logs. + + +.Default value for `+CHE_WORKSPACE_LOGS_ROOT__DIR+` +==== +---- +/workspace_logs +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_maven__options.adoc b/modules/installation-guide/partials/ref_che_workspace_maven__options.adoc new file mode 100644 index 0000000000..93fec9e132 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_maven__options.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_maven__options_{context}"] += `+CHE_WORKSPACE_MAVEN__OPTIONS+` + +Maven command-line options added to JVMs running agents in workspaces. + + +.Default value for `+CHE_WORKSPACE_MAVEN__OPTIONS+` +==== +---- +-XX:MaxRAM=150m-XX:MaxRAMFraction=2 -XX:+UseParallelGC -XX:MinHeapFreeRatio=10 -XX:MaxHeapFreeRatio=20 -XX:GCTimeRatio=4 -XX:AdaptiveSizePolicyWeight=90 -Dsun.zip.disableMemoryMapping=true -Xms20m -Djava.security.egd=file:/dev/./urandom +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_no__proxy.adoc b/modules/installation-guide/partials/ref_che_workspace_no__proxy.adoc new file mode 100644 index 0000000000..12695395ae --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_no__proxy.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_no__proxy_{context}"] += `+CHE_WORKSPACE_NO__PROXY+` + +Configures environment variable NO_PROXY to a specified value in containers powering workspaces. + + +.Default value for `+CHE_WORKSPACE_NO__PROXY+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__broker_artifacts_image.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_artifacts_image.adoc new file mode 100644 index 0000000000..33cbc011f9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_artifacts_image.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__broker_artifacts_image_{context}"] += `+CHE_WORKSPACE_PLUGIN__BROKER_ARTIFACTS_IMAGE+` + +Docker image of Che plugin artifacts broker. This broker runs as an init container on the workspace Pod. Its job is to take in a list of plugin identifiers (either references to a plugin in the registry or a link to a plugin meta.yaml) and ensure that the correct .vsix and .theia extensions are downloaded into the /plugins directory, for each plugin requested for the workspace. + + +.Default value for `+CHE_WORKSPACE_PLUGIN__BROKER_ARTIFACTS_IMAGE+` +==== +---- +quay.io/eclipse/che-plugin-artifacts-broker:v3.4.0 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__broker_default__merge__plugins.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_default__merge__plugins.adoc new file mode 100644 index 0000000000..8e9c4331c1 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_default__merge__plugins.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__broker_default__merge__plugins_{context}"] += `+CHE_WORKSPACE_PLUGIN__BROKER_DEFAULT__MERGE__PLUGINS+` + +Configures the default behavior of the plugin brokers when provisioning plugins into a workspace. If set to true, the plugin brokers will attempt to merge plugins when possible: they run in the same sidecar image and do not have conflicting settings. This value is the default setting used when the devfile does not specify the `mergePlugins` attribute. + + +.Default value for `+CHE_WORKSPACE_PLUGIN__BROKER_DEFAULT__MERGE__PLUGINS+` +==== +---- +false +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__broker_metadata_image.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_metadata_image.adoc new file mode 100644 index 0000000000..02882e482f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_metadata_image.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__broker_metadata_image_{context}"] += `+CHE_WORKSPACE_PLUGIN__BROKER_METADATA_IMAGE+` + +Docker image of {prod-short} plugin broker app that resolves workspace tools configuration and copies plugins dependencies to a workspace. The {prod-short} Operator overrides these images by default. Changing the images here will not have an effect if {prod-short} is installed using the Operator. + + +.Default value for `+CHE_WORKSPACE_PLUGIN__BROKER_METADATA_IMAGE+` +==== +---- +quay.io/eclipse/che-plugin-metadata-broker:v3.4.0 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__broker_pull__policy.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_pull__policy.adoc new file mode 100644 index 0000000000..4904527cfc --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_pull__policy.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__broker_pull__policy_{context}"] += `+CHE_WORKSPACE_PLUGIN__BROKER_PULL__POLICY+` + +Docker image of {prod-short} plugin broker app that resolves workspace tools configuration and copies plugins dependencies to a workspace + + +.Default value for `+CHE_WORKSPACE_PLUGIN__BROKER_PULL__POLICY+` +==== +---- +Always +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__broker_wait__timeout__min.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_wait__timeout__min.adoc new file mode 100644 index 0000000000..669153c567 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__broker_wait__timeout__min.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__broker_wait__timeout__min_{context}"] += `+CHE_WORKSPACE_PLUGIN__BROKER_WAIT__TIMEOUT__MIN+` + +Defines the timeout in minutes that limits the max period of result waiting for plugin broker. + + +.Default value for `+CHE_WORKSPACE_PLUGIN__BROKER_WAIT__TIMEOUT__MIN+` +==== +---- +3 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__registry__internal__url.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__registry__internal__url.adoc new file mode 100644 index 0000000000..028538606d --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__registry__internal__url.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__registry__internal__url_{context}"] += `+CHE_WORKSPACE_PLUGIN__REGISTRY__INTERNAL__URL+` + +Workspace plugins registry internal endpoint. Should be a valid HTTP URL. Example: ++http://devfile-registry.che.svc.cluster.local:8080++ In case {prod-short} plug-ins registry is not needed value 'NULL' should be used + + +.Default value for `+CHE_WORKSPACE_PLUGIN__REGISTRY__INTERNAL__URL+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_plugin__registry__url.adoc b/modules/installation-guide/partials/ref_che_workspace_plugin__registry__url.adoc new file mode 100644 index 0000000000..686695f1fd --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_plugin__registry__url.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_plugin__registry__url_{context}"] += `+CHE_WORKSPACE_PLUGIN__REGISTRY__URL+` + +Workspace plug-ins registry endpoint. Should be a valid HTTP URL. Example: ++http://che-plugin-registry-eclipse-che.192.168.65.2.nip.io++ In case {prod-short} plug-ins registry is not needed value 'NULL' should be used + + +.Default value for `+CHE_WORKSPACE_PLUGIN__REGISTRY__URL+` +==== +---- +https://che-plugin-registry.prod-preview.openshift.io/v3 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_pod_node__selector.adoc b/modules/installation-guide/partials/ref_che_workspace_pod_node__selector.adoc new file mode 100644 index 0000000000..e7fb9ed3ad --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_pod_node__selector.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_pod_node__selector_{context}"] += `+CHE_WORKSPACE_POD_NODE__SELECTOR+` + +Optionally configures node selector for workspace Pod. Format is comma-separated key=value pairs, for example: `disktype=ssd,cpu=xlarge,foo=bar` + + +.Default value for `+CHE_WORKSPACE_POD_NODE__SELECTOR+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_pod_tolerations__json.adoc b/modules/installation-guide/partials/ref_che_workspace_pod_tolerations__json.adoc new file mode 100644 index 0000000000..8488fb2a17 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_pod_tolerations__json.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_pod_tolerations__json_{context}"] += `+CHE_WORKSPACE_POD_TOLERATIONS__JSON+` + +Optionally configures tolerations for workspace Pod. Format is a string representing a JSON Array of taint tolerations, or `NULL` to disable it. The objects contained in the array have to follow this link:https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.20/#toleration-v1-core[spec]. Example: `[{"effect":"NoExecute","key":"aNodeTaint","operator":"Equal","value":"aValue"}]` + + +.Default value for `+CHE_WORKSPACE_POD_TOLERATIONS__JSON+` +==== +---- +NULL +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_pool_cores__multiplier.adoc b/modules/installation-guide/partials/ref_che_workspace_pool_cores__multiplier.adoc new file mode 100644 index 0000000000..a01722fa62 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_pool_cores__multiplier.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_pool_cores__multiplier_{context}"] += `+CHE_WORKSPACE_POOL_CORES__MULTIPLIER+` + +This property is ignored when pool type is not set to `fixed`, `che.workspace.pool.exact_size` is set. When set, the pool size is `N_CORES * multiplier`. + + +.Default value for `+CHE_WORKSPACE_POOL_CORES__MULTIPLIER+` +==== +---- +2 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_pool_exact__size.adoc b/modules/installation-guide/partials/ref_che_workspace_pool_exact__size.adoc new file mode 100644 index 0000000000..3eca1c821d --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_pool_exact__size.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_pool_exact__size_{context}"] += `+CHE_WORKSPACE_POOL_EXACT__SIZE+` + +This property is ignored when pool type is different from `fixed`. It configures the exact size of the pool. When set, the `multiplier` property is ignored. If this property is not set (`0`, `<0`, `NULL`), then the pool size equals the number of cores. See also `che.workspace.pool.cores_multiplier`. + + +.Default value for `+CHE_WORKSPACE_POOL_EXACT__SIZE+` +==== +---- +30 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_pool_type.adoc b/modules/installation-guide/partials/ref_che_workspace_pool_type.adoc new file mode 100644 index 0000000000..405a595f8a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_pool_type.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_pool_type_{context}"] += `+CHE_WORKSPACE_POOL_TYPE+` + +Workspace threads pool configuration. This pool is used for workspace-related operations that require asynchronous execution, for example, starting and stopping. Possible values are `fixed` and `cached`. + + +.Default value for `+CHE_WORKSPACE_POOL_TYPE+` +==== +---- +fixed +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_probe__pool__size.adoc b/modules/installation-guide/partials/ref_che_workspace_probe__pool__size.adoc new file mode 100644 index 0000000000..79bab0959c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_probe__pool__size.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_probe__pool__size_{context}"] += `+CHE_WORKSPACE_PROBE__POOL__SIZE+` + +This property specifies how many threads to use for workspace server liveness probes. + + +.Default value for `+CHE_WORKSPACE_PROBE__POOL__SIZE+` +==== +---- +10 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_projects_storage.adoc b/modules/installation-guide/partials/ref_che_workspace_projects_storage.adoc new file mode 100644 index 0000000000..91340e3d5c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_projects_storage.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_projects_storage_{context}"] += `+CHE_WORKSPACE_PROJECTS_STORAGE+` + +Your projects are synchronized from the {prod-short} server into the machine running each workspace. This is the directory in the machine where your projects are placed. + + +.Default value for `+CHE_WORKSPACE_PROJECTS_STORAGE+` +==== +---- +/projects +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_projects_storage_default_size.adoc b/modules/installation-guide/partials/ref_che_workspace_projects_storage_default_size.adoc new file mode 100644 index 0000000000..96aeb1b768 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_projects_storage_default_size.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_projects_storage_default_size_{context}"] += `+CHE_WORKSPACE_PROJECTS_STORAGE_DEFAULT_SIZE+` + +Used when {orch-name}-type components in a devfile request project PVC creation (Applied in case of `unique` and `per workspace` PVC strategy. In case of the `common` PVC strategy, it is rewritten with the value of the `che.infra.kubernetes.pvc.quantity` property.) + + +.Default value for `+CHE_WORKSPACE_PROJECTS_STORAGE_DEFAULT_SIZE+` +==== +---- +1Gi +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_provision_secret_labels.adoc b/modules/installation-guide/partials/ref_che_workspace_provision_secret_labels.adoc new file mode 100644 index 0000000000..88006e1589 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_provision_secret_labels.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_provision_secret_labels_{context}"] += `+CHE_WORKSPACE_PROVISION_SECRET_LABELS+` + +Defines comma-separated list of labels for selecting secrets from a user namespace, which will be mount into workspace containers as a files or environment variables. Only secrets that match ALL given labels will be selected. + + +.Default value for `+CHE_WORKSPACE_PROVISION_SECRET_LABELS+` +==== +---- +app.kubernetes.io/part-of=che.eclipse.org,app.kubernetes.io/component=workspace-secret +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_server_liveness__probes.adoc b/modules/installation-guide/partials/ref_che_workspace_server_liveness__probes.adoc new file mode 100644 index 0000000000..4541b6b130 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_server_liveness__probes.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_server_liveness__probes_{context}"] += `+CHE_WORKSPACE_SERVER_LIVENESS__PROBES+` + +List of servers names which require liveness probes + + +.Default value for `+CHE_WORKSPACE_SERVER_LIVENESS__PROBES+` +==== +---- +wsagent/http,exec-agent/http,terminal,theia,jupyter,dirigible,cloud-shell,intellij +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_server_ping__interval__milliseconds.adoc b/modules/installation-guide/partials/ref_che_workspace_server_ping__interval__milliseconds.adoc new file mode 100644 index 0000000000..3926bb6798 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_server_ping__interval__milliseconds.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_server_ping__interval__milliseconds_{context}"] += `+CHE_WORKSPACE_SERVER_PING__INTERVAL__MILLISECONDS+` + +Interval, in milliseconds, between successive pings to workspace server. + + +.Default value for `+CHE_WORKSPACE_SERVER_PING__INTERVAL__MILLISECONDS+` +==== +---- +3000 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_server_ping__success__threshold.adoc b/modules/installation-guide/partials/ref_che_workspace_server_ping__success__threshold.adoc new file mode 100644 index 0000000000..44ba342c2c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_server_ping__success__threshold.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_server_ping__success__threshold_{context}"] += `+CHE_WORKSPACE_SERVER_PING__SUCCESS__THRESHOLD+` + +Number of sequential successful pings to server after which it is treated as available. the {prod-short} Operator: the property is common for all servers, for example, workspace agent, terminal, exec. + + +.Default value for `+CHE_WORKSPACE_SERVER_PING__SUCCESS__THRESHOLD+` +==== +---- +1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__limit__cores.adoc b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__limit__cores.adoc new file mode 100644 index 0000000000..e352743863 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__limit__cores.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_sidecar_default__cpu__limit__cores_{context}"] += `+CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__LIMIT__CORES+` + +CPU limit default for each sidecar that has no CPU settings in the {prod-short} plug-in configuration. Specify either in floating point cores number, for example, `0.125`, or using the Kubernetes format, integer millicores, for example, `125m`. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__LIMIT__CORES+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__request__cores.adoc b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__request__cores.adoc new file mode 100644 index 0000000000..c18eaeaa5f --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__cpu__request__cores.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_sidecar_default__cpu__request__cores_{context}"] += `+CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__REQUEST__CORES+` + +CPU request default for each sidecar that has no CPU settings in the {prod-short} plug-in configuration. Specify either in floating point cores number, for example, `0.125`, or using the Kubernetes format, integer millicores, for example, `125m`. + + +.Default value for `+CHE_WORKSPACE_SIDECAR_DEFAULT__CPU__REQUEST__CORES+` +==== +---- +-1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__limit__mb.adoc b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__limit__mb.adoc new file mode 100644 index 0000000000..a85207b78a --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__limit__mb.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_sidecar_default__memory__limit__mb_{context}"] += `+CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB+` + +RAM limit for each sidecar that has no RAM settings in the {prod-short} plug-in configuration. Value less or equal to 0 is interpreted as disabling the limit. + + +.Default value for `+CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__LIMIT__MB+` +==== +---- +128 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__request__mb.adoc b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__request__mb.adoc new file mode 100644 index 0000000000..322ef89b7e --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_sidecar_default__memory__request__mb.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_sidecar_default__memory__request__mb_{context}"] += `+CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__REQUEST__MB+` + +RAM request for each sidecar that has no RAM settings in the {prod-short} plug-in configuration. + + +.Default value for `+CHE_WORKSPACE_SIDECAR_DEFAULT__MEMORY__REQUEST__MB+` +==== +---- +64 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_sidecar_image__pull__policy.adoc b/modules/installation-guide/partials/ref_che_workspace_sidecar_image__pull__policy.adoc new file mode 100644 index 0000000000..513cf2694c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_sidecar_image__pull__policy.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_sidecar_image__pull__policy_{context}"] += `+CHE_WORKSPACE_SIDECAR_IMAGE__PULL__POLICY+` + +Defines image-pulling strategy for sidecars. Possible values are: `Always`, `Never`, `IfNotPresent`. For any other value, `Always` is assumed for images with the `:latest` tag, or `IfNotPresent` for all other cases. + + +.Default value for `+CHE_WORKSPACE_SIDECAR_IMAGE__PULL__POLICY+` +==== +---- +Always +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_startup__debug__log__limit__bytes.adoc b/modules/installation-guide/partials/ref_che_workspace_startup__debug__log__limit__bytes.adoc new file mode 100644 index 0000000000..02943a7165 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_startup__debug__log__limit__bytes.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_startup__debug__log__limit__bytes_{context}"] += `+CHE_WORKSPACE_STARTUP__DEBUG__LOG__LIMIT__BYTES+` + +Limit size of the logs collected from single container that can be observed by che-server when debugging workspace startup. default 10MB=10485760 + + +.Default value for `+CHE_WORKSPACE_STARTUP__DEBUG__LOG__LIMIT__BYTES+` +==== +---- +10485760 +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_stop_role_enabled.adoc b/modules/installation-guide/partials/ref_che_workspace_stop_role_enabled.adoc new file mode 100644 index 0000000000..1b2e0b866c --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_stop_role_enabled.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_stop_role_enabled_{context}"] += `+CHE_WORKSPACE_STOP_ROLE_ENABLED+` + +If true, 'stop-workspace' role with the edit privileges will be granted to the 'che' ServiceAccount if OpenShift OAuth is enabled. This configuration is mainly required for workspace idling when the OpenShift OAuth is enabled. + + +.Default value for `+CHE_WORKSPACE_STOP_ROLE_ENABLED+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_storage_available__types.adoc b/modules/installation-guide/partials/ref_che_workspace_storage_available__types.adoc new file mode 100644 index 0000000000..5a4c879597 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_storage_available__types.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_storage_available__types_{context}"] += `+CHE_WORKSPACE_STORAGE_AVAILABLE__TYPES+` + +The configuration property that defines available values for storage types that clients such as the Dashboard should propose to users during workspace creation and update. Available values: - `persistent`: Persistent Storage slow I/O but persistent. - `ephemeral`: Ephemeral Storage allows for faster I/O but may have limited storage and is not persistent. - `async`: Experimental feature: Asynchronous storage is combination of Ephemeral and Persistent storage. Allows for faster I/O and keep your changes, will backup on stop and restore on start workspace. Will work only if: - `che.infra.kubernetes.pvc.strategy='common'` - `che.limits.user.workspaces.run.count=1` - `che.infra.kubernetes.namespace.allow_user_defined=false` - `che.infra.kubernetes.namespace.default` contains `` in other cases remove `async` from the list. + + +.Default value for `+CHE_WORKSPACE_STORAGE_AVAILABLE__TYPES+` +==== +---- +persistent,ephemeral,async +---- +==== + diff --git a/modules/installation-guide/partials/ref_che_workspace_storage_preferred__type.adoc b/modules/installation-guide/partials/ref_che_workspace_storage_preferred__type.adoc new file mode 100644 index 0000000000..8862be44b9 --- /dev/null +++ b/modules/installation-guide/partials/ref_che_workspace_storage_preferred__type.adoc @@ -0,0 +1,13 @@ +[id="che_workspace_storage_preferred__type_{context}"] += `+CHE_WORKSPACE_STORAGE_PREFERRED__TYPE+` + +The configuration property that defines a default value for storage type that clients such as the Dashboard should propose to users during workspace creation and update. The `async` value is an experimental feature, not recommended as default type. + + +.Default value for `+CHE_WORKSPACE_STORAGE_PREFERRED__TYPE+` +==== +---- +persistent +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_baseline_enabled.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_baseline_enabled.adoc new file mode 100644 index 0000000000..2e118e5ae4 --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_baseline_enabled.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_baseline_enabled_{context}"] += `+DB_SCHEMA_FLYWAY_BASELINE_ENABLED+` + +DB initialization and migration configuration If true, ignore scripts up to the version configured by baseline.version. + + +.Default value for `+DB_SCHEMA_FLYWAY_BASELINE_ENABLED+` +==== +---- +true +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_baseline_version.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_baseline_version.adoc new file mode 100644 index 0000000000..3c946ab4ab --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_baseline_version.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_baseline_version_{context}"] += `+DB_SCHEMA_FLYWAY_BASELINE_VERSION+` + +Scripts with version up to this are ignored. Note that scripts with version equal to baseline version are also ignored. + + +.Default value for `+DB_SCHEMA_FLYWAY_BASELINE_VERSION+` +==== +---- +5.0.0.8.1 +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_scripts_locations.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_locations.adoc new file mode 100644 index 0000000000..9989bb7718 --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_locations.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_scripts_locations_{context}"] += `+DB_SCHEMA_FLYWAY_SCRIPTS_LOCATIONS+` + +Locations where to search migration scripts. + + +.Default value for `+DB_SCHEMA_FLYWAY_SCRIPTS_LOCATIONS+` +==== +---- +classpath:che-schema +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_scripts_prefix.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_prefix.adoc new file mode 100644 index 0000000000..b39a6e155f --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_prefix.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_scripts_prefix_{context}"] += `+DB_SCHEMA_FLYWAY_SCRIPTS_PREFIX+` + +Prefix of migration scripts. + + +.Default value for `+DB_SCHEMA_FLYWAY_SCRIPTS_PREFIX+` +==== +---- + +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_scripts_suffix.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_suffix.adoc new file mode 100644 index 0000000000..23c9276a48 --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_suffix.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_scripts_suffix_{context}"] += `+DB_SCHEMA_FLYWAY_SCRIPTS_SUFFIX+` + +Suffix of migration scripts. + + +.Default value for `+DB_SCHEMA_FLYWAY_SCRIPTS_SUFFIX+` +==== +---- +.sql +---- +==== + diff --git a/modules/installation-guide/partials/ref_db_schema_flyway_scripts_version__separator.adoc b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_version__separator.adoc new file mode 100644 index 0000000000..a3657f48ff --- /dev/null +++ b/modules/installation-guide/partials/ref_db_schema_flyway_scripts_version__separator.adoc @@ -0,0 +1,13 @@ +[id="db_schema_flyway_scripts_version__separator_{context}"] += `+DB_SCHEMA_FLYWAY_SCRIPTS_VERSION__SEPARATOR+` + +Separator of version from the other part of script name. + + +.Default value for `+DB_SCHEMA_FLYWAY_SCRIPTS_VERSION__SEPARATOR+` +==== +---- +__ +---- +==== + diff --git a/modules/installation-guide/partials/ref_schedule_core__pool__size.adoc b/modules/installation-guide/partials/ref_schedule_core__pool__size.adoc new file mode 100644 index 0000000000..91c0b1a497 --- /dev/null +++ b/modules/installation-guide/partials/ref_schedule_core__pool__size.adoc @@ -0,0 +1,13 @@ +[id="schedule_core__pool__size_{context}"] += `+SCHEDULE_CORE__POOL__SIZE+` + +{prod-short} extensions can be scheduled executions on a time basis. This configures the size of the thread pool allocated to extensions that are launched on a recurring schedule. + + +.Default value for `+SCHEDULE_CORE__POOL__SIZE+` +==== +---- +10 +---- +==== +