We recently announced that Otomi Container Platform will be made available as Open Source. The list below provides a sneak preview on what is offered with Otomi Container Platform Community Edition:
Otomi Core
Otomi Core is a monorepo which holds the following:
Otomi CLI:
To generate, operate on and work with an external encrypted git repo holding the configuration for Otomi Core
Validate the state of the values
To apply desired state to target clusters
Preconfigured jobs and core apps working in tandem:
[Monitoring & Alerting] Prometheus Operator with extra Grafana dashboards for teams
[Service Mesh] Istio Operator for easier lifecycle management of Istio controlplane
[Autoscalable Services] Knative Operator: team services are served by knative serving
Encryption of all secrets with SOPS
Lot of integrated apps that can be toggled on or off:
[Security] Harbor registry with image scanning: only deploy what has been approved.
[Security] Gatekeeper Operator: enforce OPA policies on all resources, allow only images from Harbor
SSO: Keycloak as IDP, optionally proxying to external IDP like Azure AD
GitOps: Drone running in each cluster reconciling with external git repo (webhook based)
Configuration of teams and their resources:
OIDC settings for kubectl access, SSO for web apps
Secrets (certs, docker, generic)
Containerized workloads: registry image, resources, labels, annotations, scale to zero
Ingress management:
Public exposure of a service on a custom url
Optional SSO with RBAC permissions, even per path
Role Based Access Control (admin / team-admin / team-member / viewer) to:
all the stack web apps
k8s resources
Dev tools:
Jsonschema spec for validation of input values, easing developer workflow
Validation (Kubeval) of all k8s output resources against the target k8s versions
VSCode configuration for out of the box everything automated: autoformatting and linting of all things yaml (k8s resources, values), commitizen for meaningful commits, spell checks, lots of best practices!
Ops tools:
Smoke tests for core apps
Service probes and alerts for exposed services
Alerts for all things that need to be looked at: workload issues (kube-prometheus rules), services not available (prom-blackbox rules)
Otomi Console CE
In CE mode (no API found) the console will fall back to only showing the list of core apps available for the role(s) of the logged in user.
We use cookies to improve your website experience and provide more personalized services to you, both on this website and through other media. Cookie settingsAcceptRead our privacy statement
Privacy & Cookies Policy
Privacy Overview
This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.