Che architecture with DevWorkspace
Technology preview feature
Managing workspaces with the DevWorkspace engine is an experimental feature. Don’t use this workspace engine in production.
Workspaces are not secured. Whoever knows the URL of a workspace can have access to it and leak the user credentials.
When Che is running with the DevWorkspace operator, it runs on three groups of components:
- Che server components
Manage User namespace and workspaces. The main component is the User dashboard, from which users control their workspaces.
- DevWorkspace operator
Creates and controls the necessary Kubernetes objects to run User workspaces. Including
- User workspaces
Container-based development environments, the IDE included.
The role of these Kubernetes features is central:
- DevWorkspace Custom Resources
Valid Kubernetes objects representing the User workspaces and manipulated by Che. It is the communication channel for the three groups of components.
- Kubernetes role-based access control (RBAC)
Controls access to all resources.