Kubernetes setup
For convenient Kubernetes deployment we provide organized Helm charts for Lobby and Relay respectively.
Before you start you must have the following:
Kubernetes cluster and use CertManager along with ACME issuer type for managing the HTTPS certificates.
kubectl
helm
at least of version 3.x.x
Run the following commands to configure helm repos:
helm repo add code-with-me-lobby https://download.jetbrains.com/idea/code-with-me/backend/helm-charts/lobby-server/ helm repo add code-with-me-relay https://download.jetbrains.com/idea/code-with-me/backend/helm-charts/relay-server/
Generate certificates for Lobby and Relay for authentication of users on relays:
openssl ecparam -name secp384r1 -genkey -noout -out relay_auth_private.pem openssl ec -in relay_auth_private.pem -pubout -out relay_auth_public.pem
note
Let's assume the current Relay version is 1103.
First, pull relay helm chart:
helm pull code-with-me-relay/code-with-me-relay
tar -xvf code-with-me-relay-0.0.1103.tgz
cp code-with-me-relay/values.yaml my_relay_values.yaml
Now you have an unpacked relay helm chart with my_relay_values.yaml in your working directory.
note
If during the "helm pull" step you encounter the following error:
Error: failed to fetch... : 403 Forbidden
, update the list of repositories.
- Configuration
Main entries that you should configure in your my_relay_values.yaml are:
clusterGlobalMainDomain
: your cluster main domainservices_per_region
: the number of relays on clusterjwtPublicKey
: insert yourrelay_auth_public.pem
note
Make sure it is not a path to a file, but content of a file.
For example:
clusterGlobalMainDomain: my_own.google.com services_per_region: 2 jwtPublicKey: |- -----BEGIN PUBLIC KEY----- MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEfB9kX03d22JjL0Az0y1g008PYhadEAW6 mu+eLqYNCmn7HNtgM0MLtsjTsk82NsceORKBkRqHodO3y+76Cq9nJw0Q9rVpCNvE fwIkHbxOg2jsua2XdwNXaxjsTK+txM6J -----END PUBLIC KEY-----
note
Let's assume the current Lobby version is 1550
First, pull lobby helm chart
helm pull code-with-me-lobby/code-with-me-lobby
tar -xvf code-with-me-lobby-0.0.1550.tgz
cp code-with-me-lobby/values.yaml my_lobby_values.yaml
Now you have an unpacked relay helm chart with my_lobby_values.yaml in your working directory.
You should configure the following main entries in your my_lobby_values.yaml:
usePersistentRedisVolume
- true, if you want to preserve your sessions between lobby maintenance periods, requires KubernetesPersistentVolumeClaim
.Obtain you license file licenseFiles. To obtain it visit the Code With Me website.
Check the following example:
licenseFiles: licenze1: |- CONTENT_OF LICENSE_FILE_1 licenze2: |- CONTENT_OF ANOTHER_LICENSE-FILE_2
relaysConfigJson
is a json with configuration of your relays, which was completed in Relay setup section.{ "stunTurnServers": [ { "uri": "stun:stun.l.google.com:19302" }, { "uri": "stun:stun2.l.google.com:19302" } ], "relays": [ { "regionName": "my_region", "latitude": 0, "longitude": 0, "servers": [ "wss://<YOUR-RELAY-DOMAIN-1.CLUSTER_DOMAIN>", "wss://<YOUR-RELAY-DOMAIN-2.CLUSTER_DOMAIN>" ] } ] }
Check the following example:
relaysConfigJson: |- { "stunTurnServers": [ { "uri": "stun:stun.l.google.com:19302" }, { "uri": "stun:stun2.l.google.com:19302" } ], "relays": [ { "regionName": "my_region", "latitude": 0, "longitude": 0, "servers": [ "wss://code-with-me-relay-1.internal_lab.com" ] } ] }
If you don't know what to put in
YOUR_RELAY_DOMAIN
andCLUSTER_DOMAIN
, look foringressHostPattern
in my_relay_values.yaml.Configure lobby settings:
lobby
: main lobby settings.lobby.config.relayPrivateKey
: use this option to add the content of your relay_auth_private.pem.lobby.ingresses
: is an array of parameters for KubernetesIngress
. Main entry here is host (for example, "code-with-me.jetbrains.com"), others are optional. Most likely host it will contain only one ingress with content will contain your main cluster domain and array.
base_url
- is the domain which will be used in links generation, most of the time is the same aslobby.ingresses[0].host
After you are finished with tuning, install the chart on your cluster.
helm install -f my_lobby_values.yaml code-with-me-lobby ./codewithme-lobby
The lobby server is set and should work successfully.
Thanks for your feedback!