@@ -20,13 +20,13 @@ data, including workspace information and session tokens.
2020## Doctor
2121
2222Before proceeding, we strongly recommend running
23- [ Doctor] ( https://github.com/coder/coder-doctor ) , which is Coder-supplied
23+ [ Doctor] ( https://github.com/coder/coder-doctor ) , which is a Coder-supplied
2424command-line tool that evaluates whether your environment is ready to install
2525Coder. If there are issues with your cluster that may impact the installation
26- process, Doctor will return information on what the issue is and suggestions on
27- how you can fix it.
26+ process, Doctor will return information on what the problem is and suggestions
27+ on how you can fix it.
2828
29- ## Creating the Coder namespace (optional)
29+ ## Create the Coder namespace (optional)
3030
3131We recommend running Coder in a separate
3232[ namespace] ( https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ ) ;
@@ -42,7 +42,7 @@ Next, change the kubectl context to point to your newly created namespace:
4242kubectl config set-context --current --namespace=coder
4343```
4444
45- ## Installing Coder
45+ ## Install Coder
4646
47471 . Add the Coder Helm repo
4848
@@ -54,42 +54,68 @@ kubectl config set-context --current --namespace=coder
5454 [ changelog] ( ../changelog/index.md ) for a list of Coder versions or run
5555 ` helm search repo coder -l ` )
5656
57+ > This step will install Coder with the default configuration. This does not set
58+ > up dev URLs, TLS, ingress controllers, or an external database. To configure
59+ > these recommended features, please go to step 4.
60+
5761 ``` console
5862 helm install coder coder/coder --namespace coder --version=<VERSION>
5963 ```
6064
61- ** Steps 3-5 are optional for non-production deployments.**
65+ 1 . Once ` coderd ` is running, tail the logs to find the randomly generated
66+ password for the admin user:
67+
68+ ``` console
69+ kubectl logs -n coder -l coder.deployment=coderd -c coderd \
70+ --tail=-1 | grep -A1 -B2 Password
71+ ```
72+
73+ When this step is done, you will see:
74+
75+ ``` text
76+ ----------------------
77+ User: admin
78+ Password: kv...k3
79+ ----------------------
80+ ```
81+
82+ You will need these credentials to continue setup using Coder's web UI.
6283
63- 1 . Get a copy of your Helm config values so that you can modify it; you'll need
64- to modify these values to update your PostgreSQL databases (step 4) and
65- enable dev URLs (step 5):
84+ > If you lose your admin credentials, you can use the
85+ > [ admin password reset ] ( ../admin/access-control/users/password-reset.md#resetting-the-site-admin-password )
86+ > process to regain access.
6687
67- a. Create an empty file called ` values.yaml ` which will contain your
68- deployment configuration options.
88+ 1 . Create a ` values.yaml ` file to configure Coder:
6989
70- b. Edit the ` values.yaml ` file as needed.
90+ ``` console
91+ helm show values coder/coder --version=<VERSION> > values.yaml
92+ ```
7193
7294 > View the
7395> [ configuration options available in the ` values.yaml ` file.] ( https://github.com/coder/enterprise-helm#values )
7496
75- c. Upgrade/install your Coder deployment with the updated Helm chart (be sure
76- to replace the placeholder value with your Coder version). ** This must be
77- done whenever you update the Helm chart:**
97+ 1 . ** Optional** : change the admin user password by updating ` values.yaml ` as
98+ follows:
7899
79- ``` console
80- helm upgrade coder coder/coder --namespace coder --version=<VERSION> --values values.yaml
100+ ``` yaml
101+ superAdmin :
102+ # Options for configuring the secret used to specify the password for the
103+ # built-in super admin account.
104+ passwordSecret :
105+ # coderd.superAdmin.passwordSecret.name -- Name of a secret that should
106+ # be used to determine the password for the super admin account. The
107+ # password should be contained in the field `password`, or the manually
108+ # specified one.
109+ name : " "
110+ # coderd.superAdmin.passwordSecret.key -- The key of the secret that
111+ # contains the super admin password.
112+ key : " password"
81113 ` ` `
82114
83- > If you omit ` --version ` , you'll upgrade to the latest version, excluding
84- > release candidates (RCs). To include RCs, provide the ` --devel ` flag.
85- >
86- > We do not provide documentation for RCs, and you should not use them unless
87- > you've been instructed to do so by Coder. You can identify RCs by the
88- > presence of ` -rc ` in the version number (e.g., ` 1.16.0-rc.1 ` ).
115+ 1. **Optional**: To configure an externally hosted database, set the following
116+ in ` values.yaml`:
89117
90- 1 . Ensure that you have superuser privileges to your PostgreSQL database. Add
91- the following to your Helm values so that Coder uses your external PostgreSQL
92- databases:
118+ > Ensure that you have superuser privileges to your PostgreSQL database.
93119
94120 ` ` ` yaml
95121 postgres:
@@ -103,60 +129,93 @@ kubectl config set-context --current --namespace=coder
103129 sslMode: require
104130 ` ` `
105131
106- To create the ` passwordSecret`, run
107- ` kubectl create secret generic <NAME> --from-literal="password=UserDefinedPassword"`
108- (be sure to replace `UserDefinedPassword` with your actual password).
132+ a. To create the `passwordSecret`, run :
133+
134+ ` ` ` console
135+ kubectl create secret generic <NAME> --from-literal="password=UserDefinedPassword"
136+ ` ` `
109137
110138 > Put a space before the command to prevent it from being saved in your shell
111139 > history.
112140 >
113- > Running this command could potentially expose your database password to
114- > other users on your system through `/proc`. If this is a concern, you can
115- > use `--from-file=password=/dev/stdin` instead of `--from-literal=...` to
116- > enter your password and press `Ctrl+D` when you're done to submit it.
141+ > Running this command could potentially expose your database password to other
142+ > users on your system through `/proc`. If this is a concern, you can use
143+ > `--from-file=password=/dev/stdin` instead of `--from-literal=...` to enter
144+ > your password and press `Ctrl+D` when you're done to submit it.
117145 >
118146 > Ensure that there are no trailing white spaces in your password secret.
119147
120- You can find/define these values in your
121- [PostgreSQL server configuration file](https://www.postgresql.org/docs/current/config-setting.html).
148+ For more detailed configuration instructions,
149+ [see our PostgreSQL setup guide](../guides/deployments/postgres.md).
150+
151+ 1. **Optional** : Enable dev URL usage.
152+ [You must provide a wildcard domain in the Helm chart](../admin/devurls.md).
122153
123- > For more information, [see our guide](../guides/deployments/postgres.md) on
124- > setting up a PostgreSQL instance.
154+ ` ` ` yaml
155+ coderd:
156+ devurlsHost: "*.my-custom-domain.io"
157+ ` ` `
125158
126- 1. [Enable dev URL usage](../admin/devurls.md). Dev URLs allow users to access
127- the web servers running in your workspace. To enable, provide a wildcard
128- domain and its DNS certificate and update your Helm chart accordingly. This
129- step is **optional** but recommended.
159+ 1. **Optional:** To set up TLS :
130160
131- 1. After you've created the pod, tail the logs to find the randomly generated
132- password for the admin user
161+ a. You will need to create a TLS secret. To do so, run the following with the
162+ `.pem` files provided by your certificate :
133163
134164 ` ` ` console
135- kubectl logs -n coder -l coder.deployment=coderd -c coderd \
136- --tail=-1 | grep -A1 -B2 Password
165+ kubectl create secret tls tls-secret --key key.pem --cert cert.pem
137166 ` ` `
138167
139- When this step is done, you will see :
168+ > If your certificate provider does not provide `.pem` files, then you may
169+ > need to attach the certificate to the LoadBalancer manually.
140170
141- ` ` ` text
142- ----------------------
143- User: admin
144- Password: kv...k3
145- ----------------------
171+ b. Attach the secret to the `coderd` service by setting the following values :
172+
173+ ` ` ` yaml
174+ coderd:
175+ tls:
176+ hostSecretName: <tls-secret>
177+ devurlsHostSecretName: <tls-secret>
146178 ` ` `
147179
148- These are the credentials you need to continue setup using Coder's web UI.
180+ 1. **Optional:** If you cannot use a load balancer, you may need an ingress
181+ controller. To configure one with Coder, set the following in `values.yaml` :
182+
183+ > We assume that you already have an ingress controller installed in your
184+ > cluster.
149185
150- > If you lose your admin credentials, you can use the
151- > [admin password reset](../admin/access-control/users/password-reset.md#resetting-the-site-admin-password)
152- > process to regain access.
186+ ` ` ` yaml
187+ coderd:
188+ devurlsHost: "*.devurls.coderhost.com"
189+ serviceSpec:
190+ # The Ingress will route traffic to the internal ClusterIP.
191+ type: ClusterIP
192+ externalTrafficPolicy: ""
193+ tls:
194+ hostSecretName: <tls-secret>
195+ devurlsHostSecretName: <tls-secret>
196+ ingress:
197+ enable: true
198+ # Hostname to use for routing decisions
199+ host: "coder.coderhost.com"
200+ # Custom annotations to apply to the resulting Ingress object
201+ # This is useful for configuring other controllers in the cluster
202+ # such as cert-manager or the ingress controller
203+ annotations: {}
204+ ` ` `
205+
206+ 1. Once you've implemented all of the changes in `values.yaml`, install Coder
207+ with the following command :
208+
209+ ` ` ` console
210+ helm install coder coder/coder --namespace coder --version=<VERSION> -f values.yaml
211+ ` ` `
153212
154213# # Logging
155214
156215At this time, we recommend reviewing Coder's default
157- [logging](../guides/admin/logging.md) settings. Logs are helpful for monitoring
158- the health of your cluster and troubleshooting, and Coder offers you several
159- options for obtaining these.
216+ [logging](../guides/admin/logging.md) settings. Logs help monitor the health of
217+ your cluster and troubleshooting, and Coder offers you several options for
218+ obtaining these.
160219
161220# # Accessing Coder
162221
0 commit comments