SSO: Keycloak as IDP, optionally proxying to external IDP like Azure AD
GitOps: Drone running in each cluster reconciling with external git repo (webhook based)
Configuration of teams and their resources:
OIDC settings for kubectl access, SSO for web apps
Secrets (certs, docker, generic)
Containerized workloads: registry image, resources, labels, annotations, scale to zero
Public exposure of a service on a custom url
Optional SSO with RBAC permissions, even per path
Role Based Access Control (admin / team-admin / team-member / viewer) to:
all the stack web apps
Jsonschema spec for validation of input values, easing developer workflow
Validation (Kubeval) of all k8s output resources against the target k8s versions
VSCode configuration for out of the box everything automated: autoformatting and linting of all things yaml (k8s resources, values), commitizen for meaningful commits, spell checks, lots of best practices!
Smoke tests for core apps
Service probes and alerts for exposed services
Alerts for all things that need to be looked at: workload issues (kube-prometheus rules), services not available (prom-blackbox rules)
Otomi Console CE
In CE mode (no API found) the console will fall back to only showing the list of core apps available for the role(s) of the logged in user.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.