[memory-bank] Document more components (supervisor, ws-daemon)

Tool: gitpod/catfood.gitpod.cloud

Author: geropl

memory-bank/activeContext.md

@@ -20,6 +20,8 @@ Key areas of focus include:
   - content-service: Manages various types of content within the platform
   - dashboard: Web-based user interface for Gitpod
   - ws-manager-mk2: Kubernetes controller for managing workspace lifecycle
+  - supervisor: Init process that runs inside each workspace container
+  - ws-daemon: Node-level daemon for workspace operations
 
 As work progresses, this section will continue to be updated to reflect:
 - Additional component documentation
@@ -33,8 +35,6 @@ As work progresses, this section will continue to be updated to reflect:
 The immediate next steps are:
 
 1. **Continue Component Documentation**: Document additional key components such as:
-   - supervisor
-   - ws-daemon
    - ide-service
    - registry-facade
    - image-builder

memory-bank/components/supervisor.md

@@ -0,0 +1,119 @@
+# Supervisor Component
+
+## Overview
+
+The Supervisor is a critical component that runs inside each Gitpod workspace container. It serves as the init process (PID 1) for the workspace and manages various aspects of the workspace lifecycle, including terminal management, IDE integration, and process control.
+
+## Purpose
+
+The primary purposes of the Supervisor are:
+- Act as the init process for workspace containers
+- Manage terminal sessions within workspaces
+- Provide an API for workspace interaction
+- Serve the frontend UI for workspace access
+- Handle process lifecycle and graceful termination
+- Integrate with the IDE and other workspace services
+- Provide SSH access to workspaces
+
+## Architecture
+
+The Supervisor operates as a multi-faceted service with several key components:
+
+1. **Init Process**: Runs as PID 1 in the workspace container, responsible for process management
+2. **API Server**: Provides a gRPC API for workspace interaction
+3. **Terminal Manager**: Handles creation and management of terminal sessions
+4. **Frontend Server**: Serves the web UI for workspace access
+5. **IDE Integration**: Manages communication with the IDE
+6. **SSH Server**: Provides SSH access to the workspace
+
+The Supervisor is designed to be lightweight but robust, ensuring proper workspace initialization, operation, and termination.
+
+## Key Files and Structure
+
+- `main.go`: Entry point that calls the Execute function from the cmd package
+- `cmd/root.go`: Defines the root command and basic service configuration
+- `cmd/init.go`: Implements the init process functionality
+- `cmd/run.go`: Implements the main supervisor service
+- `cmd/terminal-*.go`: Terminal management commands
+- `pkg/`: Supporting packages for supervisor functionality
+- `frontend/`: Web UI for workspace access
+- `openssh/`: SSH server integration
+
+## Dependencies
+
+### Internal Dependencies
+- `components/common-go:lib`: Common Go utilities
+- `components/content-service-api/go:lib`: Content service API definitions
+- `components/content-service:lib`: Content service client
+- `components/gitpod-protocol/go:lib`: Gitpod protocol definitions
+- `components/supervisor-api/go:lib`: Supervisor API definitions
+- `components/ws-daemon-api/go:lib`: Workspace daemon API definitions
+- `components/ide-metrics-api/go:lib`: IDE metrics API definitions
+- `components/public-api/go:lib`: Public API definitions
+
+### External Dependencies
+- Process management libraries
+- Terminal handling libraries
+- gRPC for API communication
+- Web server for frontend
+
+## Configuration
+
+The Supervisor is configured via a JSON configuration file (`supervisor-config.json`) that includes:
+
+- IDE configuration location
+- Desktop IDE root directory
+- Frontend location
+- API endpoint port
+- SSH port
+
+Additional configuration may be provided through environment variables and command-line flags.
+
+## API Services
+
+The Supervisor exposes a gRPC API that provides:
+- Terminal management (create, attach, list, close)
+- Workspace status information
+- IDE integration
+- Process control
+
+## Integration Points
+
+The Supervisor integrates with:
+1. **IDE**: Provides integration with VS Code, JetBrains, and other supported IDEs
+2. **Content Service**: For workspace content management
+3. **WS Daemon**: For workspace runtime operations
+4. **SSH**: Provides SSH access to the workspace
+5. **Frontend UI**: Serves the web UI for workspace access
+
+## Security Considerations
+
+- Runs as the init process with elevated privileges
+- Manages process isolation within the workspace
+- Handles secure terminal sessions
+- Provides controlled access to workspace resources
+- Implements proper shutdown and cleanup procedures
+
+## Common Usage Patterns
+
+The Supervisor is typically used to:
+1. Initialize the workspace environment
+2. Manage terminal sessions for user interaction
+3. Provide API access for IDE and other tools
+4. Handle graceful shutdown of workspace processes
+5. Serve the frontend UI for workspace access
+6. Enable SSH access to the workspace
+
+## Lifecycle Management
+
+The Supervisor implements sophisticated lifecycle management:
+1. **Initialization**: Sets up the workspace environment and starts required services
+2. **Runtime**: Manages processes, terminals, and API services during workspace operation
+3. **Termination**: Ensures graceful shutdown of all processes when the workspace is stopped
+
+## Related Components
+
+- **WS Daemon**: Works with Supervisor to manage workspace runtime
+- **Content Service**: Manages workspace content
+- **IDE Service**: Integrates with Supervisor for IDE functionality
+- **Workspace Manager**: Manages the workspace container in which Supervisor runs

memory-bank/components/ws-daemon.md

@@ -0,0 +1,110 @@
+# Workspace Daemon (ws-daemon) Component
+
+## Overview
+
+The Workspace Daemon (ws-daemon) is a critical component that runs on each Kubernetes node in the Gitpod cluster. It manages workspace-related operations at the node level, including workspace initialization, content synchronization, backup, and resource management.
+
+## Purpose
+
+The primary purposes of the Workspace Daemon are:
+- Initialize workspace content on the node
+- Manage workspace backups and snapshots
+- Enforce workspace resource limits (disk space, etc.)
+- Monitor workspace health and status
+- Provide low-level workspace operations that require node-level access
+- Synchronize workspace content with storage backends
+
+## Architecture
+
+The Workspace Daemon operates as a node-level daemon with several key components:
+
+1. **Content Manager**: Handles workspace content initialization and synchronization
+2. **Backup System**: Manages periodic backups of workspace content
+3. **Resource Controller**: Enforces resource limits and quotas
+4. **gRPC API Server**: Provides an API for workspace operations
+5. **Health Monitoring**: Monitors workspace and node health
+
+The daemon runs with elevated privileges on each node to perform operations that require system-level access, such as managing LVM volumes, enforcing disk quotas, and accessing workspace filesystems.
+
+## Key Files and Structure
+
+- `main.go`: Entry point that calls the Execute function from the cmd package
+- `cmd/root.go`: Defines the root command and basic service configuration
+- `cmd/run.go`: Implements the main daemon service
+- `cmd/client*.go`: Client commands for interacting with the daemon
+- `pkg/daemon/`: Core daemon implementation
+- `pkg/content/`: Workspace content management
+- `nsinsider/`: Namespace operations helper
+
+## Dependencies
+
+### Internal Dependencies
+- `components/common-go:lib`: Common Go utilities
+- `components/content-service-api/go:lib`: Content service API definitions
+- `components/content-service:lib`: Content service client
+- `components/ws-daemon-api/go:lib`: Workspace daemon API definitions
+- `components/ws-manager-api/go:lib`: Workspace manager API definitions
+- `components/ws-manager-mk2:crd`: Workspace manager custom resource definitions
+
+### External Dependencies
+- Kubernetes client libraries
+- Storage backend libraries (Minio, GCloud)
+- System-level libraries for resource management
+- gRPC for API communication
+
+## Configuration
+
+The Workspace Daemon is configured via a JSON configuration file that includes:
+
+### Content Configuration
+- Working area location
+- Backup period
+- Workspace size limits
+- Storage backend configuration (Minio, GCloud)
+
+### Service Configuration
+- API server address
+- TLS settings
+
+### Monitoring Configuration
+- Prometheus metrics endpoint
+- Health check settings
+
+## Integration Points
+
+The Workspace Daemon integrates with:
+1. **Workspace Manager**: Receives workspace lifecycle events
+2. **Content Service**: For workspace content storage and retrieval
+3. **Supervisor**: For workspace-level operations
+4. **Storage Backends**: For content backup and synchronization
+5. **Kubernetes**: For node and pod information
+
+## Security Considerations
+
+- Runs with elevated privileges on the node
+- Manages sensitive workspace content
+- Enforces isolation between workspaces
+- Handles resource limits and quotas
+- Requires secure communication with other components
+
+## Common Usage Patterns
+
+The Workspace Daemon is typically used to:
+1. Initialize workspace content when a workspace starts
+2. Perform periodic backups of workspace content
+3. Enforce disk quotas and resource limits
+4. Provide workspace snapshots for persistence
+5. Clean up workspace resources when a workspace is deleted
+
+## Resource Management
+
+The Workspace Daemon implements sophisticated resource management:
+1. **Disk Quotas**: Enforces workspace disk usage limits
+2. **Disk Space Monitoring**: Ensures sufficient disk space is available on the node
+3. **LVM Management**: Creates and manages LVM volumes for workspaces (when applicable)
+
+## Related Components
+
+- **Workspace Manager**: Orchestrates workspace lifecycle, interacts with ws-daemon for node-level operations
+- **Supervisor**: Runs inside workspace containers, interacts with ws-daemon for content operations
+- **Content Service**: Provides storage for workspace content

memory-bank/progress.md

@@ -6,7 +6,7 @@ We are in the early stages of our work with the Gitpod codebase. The current sta
 
 - **Memory Bank**: Initial setup complete with core files and component documentation
 - **Codebase Understanding**: Basic overview obtained, with detailed understanding of key components
-- **Component Documentation**: Documentation created for 4 key components
+- **Component Documentation**: Documentation created for 6 key components
 - **Development Environment**: Not yet configured
 - **Task Identification**: Not yet started
 
@@ -19,6 +19,8 @@ Our current contributions:
   - content-service
   - dashboard
   - ws-manager-mk2
+  - supervisor
+  - ws-daemon
 
 The existing functionality of the Gitpod platform:
 
@@ -40,8 +42,6 @@ The existing functionality of the Gitpod platform:
 
 ### Immediate Tasks
 - Document additional key components:
-  - supervisor
-  - ws-daemon
   - ide-service
   - registry-facade
   - image-builder
@@ -68,7 +68,8 @@ As we begin working with the codebase, we have not yet identified specific issue
 ### Completed Milestones
 - Memory bank initialization
 - Component documentation structure
-- Documentation of first set of key components
+- Documentation of first set of key components (blobserve, content-service, dashboard, ws-manager-mk2)
+- Documentation of second set of key components (supervisor, ws-daemon)
 
 ### Upcoming Milestones
 - Documentation of remaining key components
@@ -100,6 +101,8 @@ No specific blockers or dependencies have been identified yet. This section will
   - Documented content-service component
   - Documented dashboard component
   - Documented ws-manager-mk2 component
+  - Documented supervisor component
+  - Documented ws-daemon component
 
 ## Next Evaluation Point