Skip to content

Commit 68f21fa

Browse files
mafredrimafredri
authored
feat(dogfood/coder): add docker volume for... docker (#18455)
1 parent 3ad842b commit 68f21fa

File tree

1 file changed

+47
-7
lines changed

1 file changed

+47
-7
lines changed

dogfood/coder/main.tf

Lines changed: 47 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -454,6 +454,11 @@ resource "coder_agent" "dev" {
454454
threshold = data.coder_parameter.res_mon_volume_threshold.value
455455
path = data.coder_parameter.res_mon_volume_path.value
456456
}
457+
volume {
458+
enabled = true
459+
threshold = data.coder_parameter.res_mon_volume_threshold.value
460+
path = "/var/lib/docker"
461+
}
457462
}
458463

459464
startup_script = <<-EOT
@@ -483,15 +488,13 @@ resource "coder_agent" "dev" {
483488
#!/usr/bin/env bash
484489
set -eux -o pipefail
485490
486-
# Stop all running containers and prune the system to clean up
487-
# /var/lib/docker to prevent errors during workspace destroy.
491+
# Clean up the unused resources to keep storage usage low.
488492
#
489493
# WARNING! This will remove:
490-
# - all containers
491-
# - all networks
492-
# - all images
493-
# - all build cache
494-
docker ps -q | xargs docker stop
494+
# - all stopped containers
495+
# - all networks not used by at least one container
496+
# - all images without at least one container associated to them
497+
# - all build cache
495498
docker system prune -a -f
496499
497500
# Stop the Docker service to prevent errors during workspace destroy.
@@ -532,6 +535,38 @@ resource "docker_volume" "home_volume" {
532535
}
533536
}
534537

538+
resource "coder_metadata" "docker_volume" {
539+
resource_id = docker_volume.docker_volume.id
540+
hide = true # Hide it as it is not useful to see in the UI.
541+
}
542+
543+
resource "docker_volume" "docker_volume" {
544+
name = "coder-${data.coder_workspace.me.id}-docker"
545+
# Protect the volume from being deleted due to changes in attributes.
546+
lifecycle {
547+
ignore_changes = all
548+
}
549+
# Add labels in Docker to keep track of orphan resources.
550+
labels {
551+
label = "coder.owner"
552+
value = data.coder_workspace_owner.me.name
553+
}
554+
labels {
555+
label = "coder.owner_id"
556+
value = data.coder_workspace_owner.me.id
557+
}
558+
labels {
559+
label = "coder.workspace_id"
560+
value = data.coder_workspace.me.id
561+
}
562+
# This field becomes outdated if the workspace is renamed but can
563+
# be useful for debugging or cleaning out dangling volumes.
564+
labels {
565+
label = "coder.workspace_name_at_creation"
566+
value = data.coder_workspace.me.name
567+
}
568+
}
569+
535570
data "docker_registry_image" "dogfood" {
536571
name = data.coder_parameter.image_type.value
537572
}
@@ -593,6 +628,11 @@ resource "docker_container" "workspace" {
593628
volume_name = docker_volume.home_volume.name
594629
read_only = false
595630
}
631+
volumes {
632+
container_path = "/var/lib/docker/"
633+
volume_name = docker_volume.docker_volume.name
634+
read_only = false
635+
}
596636
capabilities {
597637
add = ["CAP_NET_ADMIN", "CAP_SYS_NICE"]
598638
}

0 commit comments

Comments
 (0)