Release Workspaces HTTP Server in GitLab Agent Server(KAS)
General Information:
- Point of contact for this request: @vtak
- Related issue for context (if applicable):
- Foundations owned service this relates to: DNS
Details
We are currently working on simplifying the setup for Workspaces. As part of this, we have built a reverse-gRPC tunnel in GitLab Agent Server(KAS) for HTTP traffic arriving on the workspaces domain(*.gitlab.dev).
We need to resolve *.gitlab.dev to the Workspaces HTTP Server in GitLab Agent Server(KAS) on port 8160 in the legacy cell as per the discussion here. Helm chart changes were done in Add workspaces external URL config (gitlab-org/charts/gitlab!4473 - merged)
We also need to resolve kas.gitlab.com/workspaces/ to the Workspaces HTTP Server in GitLab Agent Server(KAS) on port 8160 in the legacy cell as per the discussion here. Helm chart changes were done in add workspaces server config to KAS helm chart (gitlab-org/charts/gitlab!4420 - merged)
In order to enable the workspaces service, we also need wildcard certificates for the workspaces domains.
The gitlab.dev domain is already purchased and is available on Cloudflare. All existing records should stay as is.
| Environment | Workspaces Domain | KAS domain |
|---|---|---|
| Staging | *.staging.gitlab.dev | kas.staging.gitlab.com/workspaces |
| Production | *.gitlab.dev | kas.gitlab.com/workspaces |
Priority
Please check one:
-
Very urgent, blocking significant other work: Production EngineeringP1 - The release of Simplify Workspaces setup by removing GitLab Wo... (gitlab-org&16785) requires these changes. This epic unblocks other work which we have committed to in our Interlock process.
-
A blocker, but we have workarounds: Production EngineeringP2 -
Not currently a blocker but will be soon: Production EngineeringP3 -
Not likely to be a blocker, this is a nice-to-have improvement or suggestion: Production EngineeringP4 -
Unsure