Thanks to visit codestin.com
Credit goes to github.com

Skip to content

docs: clarify requirements for offline deployments #6418

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 2, 2023
Merged

docs: clarify requirements for offline deployments #6418

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
a13d696
docs: clarify requirements for offline deployments
bpmct Mar 2, 2023
58b7546
fix punctuation
bpmct Mar 2, 2023
7df498c
fix typo and add postgres
bpmct Mar 2, 2023
155bfdc
mention update check
bpmct Mar 2, 2023
3121ab2
disable update checks
bpmct Mar 2, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
35 changes: 33 additions & 2 deletions docs/install/offline.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,22 @@
# Offline Deployments

Coder can run in offline / air-gapped environments.
All Coder features are supported in offline / behind firewalls / in air-gapped environments. However, some changes to your configuration are necessary.

## Building & push a custom Coder image
> This is a general comparison. Keep reading for a full tutorial running Coder offline with Kubernetes or Docker.

| | Public deployments | Offline deployments |
| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Terraform binary | By default, Coder downloads Terraform binary from [releases.hashicorp.com](https://releases.hashicorp.com) | Terraform binary must be included in `PATH` for the VM or container image. [Supported versions](https://github.com/coder/coder/blob/main/provisioner/terraform/install.go#L23-L24) |
| Terraform registry | Coder templates will attempt to download providers from [registry.terraform.io](https://registry.terraform.io) or [custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) specified in each template | [Custom source addresses](https://developer.hashicorp.com/terraform/language/providers/requirements#source-addresses) can be specified in each Coder template, or a custom registry/mirror can be used. More details below |
| STUN | By default, Coder uses Google's public STUN server for direct workspace connections | STUN can be safely [disabled](../cli/coder_server#--derp-server-stun-addresses), users can still connect via [relayed connections](../networking.md#-geo-distribution). Alternatively, you can set a [custom DERP server](../cli/coder_server#--derp-server-stun-addresses) |
| DERP | By default, Coder's built-in DERP relay can be used, or [Tailscale's public relays](../networking.md#relayed-connections). | By default, Coder's built-in DERP relay can be used, or [custom relays](../networking.md#custom-relays). |
| PostgreSQL | If no [PostgreSQL connection URL](../cli/coder_server#--postgres-url) is specified, Coder will download Postgres from [repo1.maven.org](https://repo1.maven.org) | An external database is required, you must specify a [PostgreSQL connection URL](../cli/coder_server#--postgres-url) |
| Telemetry | Telemetry is on by default, and [can be disabled](../cli/coder_server#--telemetry) | Telemetry [can be disabled](../cli/coder_server#--telemetry) |
| Update check | By default, Coder checks for updates from [GitHub releases](https:/github.com/coder/coder/releases) | Update checks [can be disabled](../cli/coder_server#--update-check) |

## Offline container images

The following instructions walk you through how to build a custom Coder server image for Docker or Kubernetes

First, build and push a container image extending our official image with the following:

Expand Down Expand Up @@ -127,6 +141,10 @@ services:
volumes:
- ./plugins:/opt/terraform/plugins
# ...
environment:
CODER_TELEMETRY_ENABLE: "false" # Disable telemetry
CODER_DERP_SERVER_STUN_ADDRESSES: "" # Only use relayed connections
CODER_UPDATE_CHECK: "false" # Disable automatic update checks
database:
image: registry.example.com/postgres:13
# ...
Expand All @@ -144,5 +162,18 @@ coder:
image:
repo: "registry.example.com/coder"
tag: "latest"
env:
# Disable telemetry
- name: "CODER_TELEMETRY_ENABLE"
value: "false"
# Disable automatic update checks
- name: "CODER_UPDATE_CHECK"
value: "false"
# Only use relayed connections
- name: "CODER_DERP_SERVER_STUN_ADDRESSES"
value: ""
# You must set up an external PostgreSQL database
- name: "CODER_PG_CONNECTION_URL"
value: ""
# ...
```
14 changes: 8 additions & 6 deletions docs/networking.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,22 +50,24 @@ Direct connections are a straight line between the user and workspace, so there
is no special geo-distribution configuration. To speed up direct connections,
move the user and workspace closer together.

If a direct connection is not available (e.g. client or server is behind NAT), Coder
will use a relayed connection. By default, [Coder uses Google's public STUN server](./cli/coder_server#--derp-server-stun-addresses), but
this can be disabled or changed for [offline deployments](./install/offline.md).

### Relayed connections

Tailscale has graciously allowed us to use
[their global DERP relays](https://tailscale.com/kb/1118/custom-derp-servers/#what-are-derp-servers).
By default, your Coder server also runs a built-in DERP relay which can be used for both public and [offline deployments](./install/offline.md).

You can launch `coder server` with Tailscale's DERPs like so:
However, Tailscale has graciously allowed us to use
[their global DERP relays](https://tailscale.com/kb/1118/custom-derp-servers/#what-are-derp-servers). You can launch `coder server` with Tailscale's DERPs like so:

```bash
$ coder server --derp-config-url https://controlplane.tailscale.com/derpmap/default
```

#### Custom Relays

If you run Coder in air-gap mode or want lower latency than what Tailscale offers,
you may run custom DERP servers. Refer to
[Tailscale's documentation](https://tailscale.com/kb/1118/custom-derp-servers/#why-run-your-own-derp-server)
If you want lower latency than what Tailscale offers or want additional DERP relays for offline deployments, you may run custom DERP servers. Refer to [Tailscale's documentation](https://tailscale.com/kb/1118/custom-derp-servers/#why-run-your-own-derp-server)
to learn how to set them up.

After you have custom DERP servers, you can launch Coder with them like so:
Expand Down