[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[che-dev] Single Host on OpenShift
|
Hi all,
for the past couple of weeks the platform team has been working on POCs for
enabling the single host server strategy for OpenShift. This is currently only
available on Kubernetes and even there the solution is not ideal.
We've actually set out to fix 2 problems:
1) Enable single host on OpenShift
2) Reduce the number of routes/ingresses we're creating per workspace
(https://github.com/eclipse/che/issues/12914)
We've also restricted ourselves to look for a solution that would work on
default installations of all Kubernetes 1.11+ (or whichever minimal supported
version), OpenShift 3.11 and OpenShift 4. We don't want to impose certain
configuration requirements on the target clusters.
The 2 problems (single-host and number of routes per workspace) are inter-
related for the following reasons:
1) The current solution requires path rewriting on routes, which is not
available on OpenShift yet.
2) The current solution requires routes in different namespaces to handle the
same host, which is disallowed by default on OpenShift and requires cluster-
wide change of configuration.
We tried to overcome the above limitations but any way we sliced it, we always
hit the limitation of routes only handling traffic within the namespace.
Because of the above reasons, the solution cannot be based on OpenShift
routes. Instead, we're looking for an HTTP gateway (aka reverse proxy) that
will be able to forward the traffic using path rewriting rules similar to what
we have now. We will be able to use a single route that will point to this
gateway and the gateway will handle the in-cluster traffic routing from that
point on. This is in contrast to my previous view when discussing single host
pros and cons, but I guess that's life ;)
We thought about the gateway simply transforming the URL based on some regex
rule that would rewrite the external URL to an internal one pointing to the
correct service, but we ruled this solution out, because the URLs would have
to contain too much information.
Instead, we're looking at solutions capable of dynamic reconfiguration. We're
currently in the process of evaluating Traefik, nginx, and HAProxy as our
candidates gateways and we've identified a couple of ways to achieve what we
need. We are preparing performance tests that are going to enable us to make
an informed choice of the right tool for the job from the three candidates
(which are otherwise all capable of dealing with the task).
I won't bore you with the details of what and how we're trying out here and
instead invite you to participate under the umbrella of
https://github.com/eclipse/che/issues/12914.
Thanks,
Lukas