This article walks you through the process of installing Coder onto your Kubernetes cluster.
Dependencies
Install the following dependencies if you haven't already:
For production deployments: set up and use an external PostgreSQL instance to store data, including workspace information and session tokens.
Doctor
Before proceeding, we strongly recommend running Doctor, which is Coder-supplied command-line tool that evaluates whether your environment is ready to install Coder. If there are issues with your cluster that may impact the installation process, Doctor will return information on what the issue is and suggestions on how you can fix it.
Creating the Coder namespace (optional)
We recommend running Coder in a separate namespace; to do so, run
kubectl create namespace coder
Next, change the kubectl context to point to your newly created namespace:
kubectl config set-context --current --namespace=coder
Installing Coder
-
Add the Coder Helm repo
helm repo add coder https://helm.coder.com
-
Install the Helm chart onto your cluster (see the changelog for a list of Coder versions or run
helm search repo coder -l
)helm install coder coder/coder --namespace coder --version=<VERSION>
Steps 3-5 are optional for non-production deployments.
-
Get a copy of your Helm config values so that you can modify it; you'll need to modify these values to update your PostgreSQL databases (step 4) and enable dev URLs (step 5):
a. Create an empty file called
values.yaml
which will contain your deployment configuration options.b. Edit the
values.yaml
file as needed.View the configuration options available in the
values.yaml
file.c. Upgrade/install your Coder deployment with the updated Helm chart (be sure to replace the placeholder value with your Coder version). This must be done whenever you update the Helm chart:
helm upgrade coder coder/coder --namespace coder --version=<VERSION> --values values.yaml
If you omit
--version
, you'll upgrade to the latest version, excluding release candidates (RCs). To include RCs, provide the--devel
flag.We do not provide documentation for RCs, and you should not use them unless you've been instructed to do so by Coder. You can identify RCs by the presence of
-rc
in the version number (e.g.,1.16.0-rc.1
). -
Ensure that you have superuser privileges to your PostgreSQL database. Add the following to your Helm values so that Coder uses your external PostgreSQL databases:
postgres: default: enable: false host: HOST_ADDRESS port: PORT_NUMBER user: YOUR_USER_NAME database: YOUR_DATABASE passwordSecret: secret-name sslMode: require
To create the
passwordSecret
, runkubectl create secret generic <NAME> --from-literal="password=UserDefinedPassword"
(be sure to replaceUserDefinedPassword
with your actual password).Put a space before the command to prevent it from being saved in your shell history.
Running this command could potentially expose your database password to other users on your system through
/proc
. If this is a concern, you can use--from-file=password=/dev/stdin
instead of--from-literal=...
to enter your password and pressCtrl+D
when you're done to submit it.Ensure that there are no trailing white spaces in your password secret.
You can find/define these values in your PostgreSQL server configuration file.
For more information, see our guide on setting up a PostgreSQL instance.
-
Enable dev URL usage. Dev URLs allow users to access the web servers running in your workspace. To enable, provide a wildcard domain and its DNS certificate and update your Helm chart accordingly. This step is optional but recommended.
-
After you've created the pod, tail the logs to find the randomly generated password for the admin user
kubectl logs -n coder -l coder.deployment=coderd -c coderd \ --tail=-1 | grep -A1 -B2 Password
When this step is done, you will see:
---------------------- User: admin Password: kv...k3 ----------------------
These are the credentials you need to continue setup using Coder's web UI.
If you lose your admin credentials, you can use the admin password reset process to regain access.
Logging
At this time, we recommend reviewing Coder's default logging settings. Logs are helpful for monitoring the health of your cluster and troubleshooting, and Coder offers you several options for obtaining these.
Accessing Coder
-
To access Coder's web UI, you'll need to get its IP address by running the following in the terminal to list the Kubernetes services running:
kubectl --namespace coder get services
You'll see a row named coderd with an EXTERNAL-IP value; this is the IP address you need.
-
In your browser, navigate to the external IP.
-
Use the admin credentials you obtained in this installation guide's previous step to log in to the Coder platform. If this is the first time you've logged in, Coder will prompt you to change your password.
At this point, you're ready to proceed to configuring Coder.
EKS troubleshooting
If you're unable to access your Coder deployment via the external IP generated
by EKS, this is likely due to coderd
being scheduled onto the incorrect node
group, causing the load balancer health checks to fail. Below are two methods to
resolve this:
-
Set the
externalTrafficPolicy
Helm value toCluster
by running the following command:helm upgrade --install coder coder/coder --set coderd.serviceSpec.externalTrafficPolicy=Cluster
Note that setting
externalTrafficPolicy
toCluster
masks the source IP address of your Coder users. For more information on this value, see the Kubernetes documentation. -
Set the
services.nodeSelector
Helm value to a label assigned to thestandard-workers
node group created by AWS. Common labels include:eks.amazonaws.com/nodegroup=standard-workers alpha.eksctl.io/nodegroup-name=standard-workers beta.kubernetes.io/instance-type=t3.small
This option is recommended if you'd like to preserve the source IP. See the Kubernetes documentation for a full list of the standard node labels.