Otomi

Otomi: Self-hosted PaaS for Kubernetes

Integrated technologies

Core features

  • Drag and Drop to activate popular open-source apps to create your preferred suite of apps
  • An advanced ingress architecture. Expose services with just a few clicks
  • Configure network policies for internal ingress and external egress
  • Create Kubernetes Jobs and Cron Jobs without writing any YAML
  • Onboard (development) teams or projects within minutes in a comprehensive multi-tenant setup
  • Make developers self-serving by providing access to predefined automation tasks

Optional (if app is activated)

  • Deploy serverless workloads without writing any YAML
  • Create and manage secrets in HashiCorp Vault and use them in your workloads
  • GitOps with Argo CD out-of-the-box
  • Policy enforcement based on a default set of security policies using OPA/Gatekeeper
  • Full observability based on Prometheus, Grafana, Loki and Alert manager
  • Store images in Harbor

Integrated technologies

Integrated technologies

Creating an App using the Control Panel

Click this button to install a Kubernetes 1-Click Application. If you aren’t logged in, this link will prompt you to log in with your DigitalOcean account.

Deploy to DO

Creating an App using the API

In addition to creating Otomi using the control panel, you can also use the DigitalOcean API. As an example, to create a 3 node DigitalOcean Kubernetes cluster made up of Basic Droplets in the SFO2 region, you can use the following doctl command. You need to authenticate with doctl with your API access token) and replace the $CLUSTER_NAME variable with the chosen name for your cluster in the command below.

doctl kubernetes clusters create --size s-4vcpu-8gb $CLUSTER_NAME --1-clicks otomi

Getting Started After Deploying Otomi

How to Connect to Your Cluster

Follow these instructions to connect to your cluster with kubectl and doctl.

Confirming that Otomi is Running

First, check if the Otomi installation was successful by running the command below:

kubectl get job otomi -w

The output looks similar to the following:

NAME    COMPLETIONS   DURATION   AGE
otomi   1/1           14m        14m

Next, check the installer job logs to get the otomi console url and credentials by running the following command:

kubectl logs jobs/otomi -n default --tail=7

The output looks similar to the following:

########################################################################################################################################
#
#  To start using Otomi, go to https://otomi.134.209.133.239.nip.io and sign in to the web console
#  with username "otomi-admin" and password "OTzVCbJbvIN1T0LIij4U".
#  Then activate Drone. For more information see: https://otomi.io/docs/installation/activation/
#
########################################################################################################################################

Accessing Otomi console

  • Sign in to the Otomi web console url using the credentials found in the installer job logs.

otomi console login

  • Add the auto-generated CA to your keychain/credential manager (optional)

download ca

NOTE:
# To prevent you from clicking away lots of security warnings in your browser, you can add the generated CA to your keychain/credential manager:
# Since we install Otomi without proving a custom CA or using LetsEncrypt, the installer generated a CA which is not trusted on your local machine.
  • In the left menu of Otomi Console, click on “Download CA”
  • Double click the downloaded ca.crt or add the CA to your keychain on your mac using the following command:
# On Mac
  sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Downloads/ca.crt
  # Restart the browser or open it in private mode
# On Windows(PowerShell - Run as Administrator)
  # Use certutil:
  certutil.exe -addstore root <downloaded cert path>
  # Or 
  Import-Certificate -FilePath "<downloaded cert path>" -CertStoreLocation Cert:\LocalMachine\Root
  # Restart the browser or open it in private mode

Post-install configurations

  • In the side menu of Otomi Console under Platform, select Apps and click on the Drone app
  • Click on the play button in the top right. A new tab will open for Drone and click CONTINUE
  • Sign in locally with as otomi-admin and the password provided in the logs of the installer job.
  • Click on Authorize Application
  • Click on SUBMIT on the Complete your Drone Registration page. You don’t need to fill in your Email, Full Name or Company Name if you don’t want to
  • Click on the otomi/values repository
  • Click on + ACTIVATE REPOSITORY

activate drone