Discover Otomi Console
An OSX like experience for Kubernetes
On the platform level, admins can access all the integrated and pre-configured platform-level applications like
- Drone; configured with a pipeline for configuration synchronization)
- Gitea; the local Git repository for storing the platform configuration files)
- KeyCloak; IDP configuration
- Grafana; dashboards for all platform resources
- Harbor: platform container registry management
- Loki; log aggregation for all platform resources (Teams excluded)
Otomi Platform Settings
In the Settings section in Otomi Console, a platform admin can see and change all the Otomi platform settings, like configuring platform notification settings, adding DNS zones, adding additional clusters running Otomi, Configuring OIDC connect settings, and configuring SMTP mail server settings.
Teams are isolated spaces on Kubernetes and can be used for Projects, DevOps teams, or even DTAP. Admins can use the self-service flags to delegate permissions to a team. When a flag is set, members of the team can configure Ingress, change alerting receivers, change the OIDC group id or even change team resource quotas.
A service in Otomi is a feature for exposing pre-deployed Kubernetes or Knative services private or public. Otomi will automatically create all ingress resources and configuration needed, including certificates, Istio virtual services, DNS records, or even an Oauth2 proxy for Single Sign-On.
Next to configuring exposure for a pre-deployed service, it is also possible to create a Knative service using Otomi. Just fill-in the container image you like to deploy and optionally configure environment variables, annotations, secrets, secret mounts, and/or files.
Creating an Otomi Service with Knative removes the need to set up a CD pipeline. Coming soon: Use the Continuous Delivery option to automatically deploy new versions of your application based on a chosen tagging format.
Use Otomi Jobs to create and run Kubernetes jobs and CronJobs.
A job creates one or more Pods and will continue to retry execution of the Pods until a specified number of them successfully terminate. As pods successfully complete, the Job tracks the successful completions. When a specified number of successful completions is reached, the task (ie, Job) is complete.
Create a CronJob to create a Job that will run at specified times/dates.
Secrets created and managed using HashiCorp Vault can be ‘mapped’ into the Otomi configuration and then be used by Otomi Services (for public and private expose and to mount into the pod as an environment variable when creating a Knative service) and by any other pod within the team space.
Otomi supports three kinds of secrets:
- Docker Registry
When multi-tenancy is enabled (in the settings), each team will get access to:
- A project in Harbor
- A space in Vault
- Loki to see logs of apps deployed by the team
- Grafana to see metrics of apps deployed by the team
- Kubeapps to install applications from a catalog
- A dedicated Alertmanager and Prometheus instance