Otomi: Self-hosted PaaS for Kubernetes on Windows (minikube)
Abhimanyu Selvan
Posted on April 13, 2022
Otomi is a self-hosted PaaS for Kubernetes and offers a complete suite of integrated, pre-configured applications combined with automation. Otomi is optimized for running on managed Kubernetes services like AKS, EKS, and GCP, but now it can be installed on any K8s cluster, even on Minikube.
What's new?
The latest version of Otomi, by default, installs a minimal set of apps, called the Core
. The core offers an advanced ingress architecture based on Istio, Nginx ingress controller, Keycloak as IdP, OAuth2 Proxy, and cert-manager. With the web UI (Otomi Console) you can add services to the mesh and securely expose them with just one click. All other integrated apps are now optional and can be activated by dragging them into the enabled apps section.
But can we install it locally on our machine?
Yes, you can! It is now possible to install Otomi on minikube running both on Mac and Windows. For Mac installation, check this blog.
In this post, I'll describe how to get started with Otomi on minikube running on Windows. If you ever have run Minikube, you'll probably have used the Docker driver. Unfortunately, you can't access the Minikube IP from your Windows PC when using the Docker driver. Only 127.0.0.1
can be used. This wouldn't be an issue in many cases, but Otomi requires an IP that is resolvable from your machine browser and from within the cluster itself.
Prerequisites
Make sure you have the following installed:
- Kubectl
- Helm
- Docker
- Minikube version 1.25.2 (tested)
Tip: If you are using PowerShell, make sure to run as Administrator. I used the chocolatey package manager to install the packages.
Configure Minikube
Open PowerShell as Administrator and run the following commands to configure minikube.
# Set the cpus and memory
minikube config set memory 8g
minikube config set cpus 8
# Enable calico if you want to check network policies
minikube start --driver=hyperv --kubernetes-version=v1.22.4 --cni calico
Enable metallb (network load balancer)
# Enable metallb
minikube addons enable metallb
# Get the IP
minikube ip
# Configure metallb with the IP as seen in the figure below
minikube addons configure metallb
Install Otomi using Helm
From the same PowerShell terminal run the following commands:
# Add the Otomi repo
helm repo add otomi https://otomi.io/otomi-core
helm repo update
# Otomi install with minimal chart values
helm install otomi otomi/otomi --set cluster.k8sVersion="1.22" --set cluster.name=minikube --set cluster.provider=custom --set apps.host-mods.enabled=false
The helm chart deploys an installer job responsible for installing the Otomi platform on the minikube cluster.
# Monitor the job status
kubectl get job otomi -w
# Installer job logs
kubectl logs jobs/otomi -n default -f
At the end of the logs of the installer job, you will find the URL and the credentials to log into the Otomi console (as seen below)
Otomi Console
Since we install Otomi without providing a custom CA or using LetsEncrypt, the installer generated a CA. This CA is of course not trusted on your local machine. To prevent you from clicking away lots of security warnings in your browser, you can add the generated CA to your keychain. In the left menu of the console, click on "Download CA".
Now we only need to activate Drone:
- In the side menu of Otomi Console under platform click on the Drone app
- Click on the play button in the top right. A new tab will open for Drone
- Sign in locally with as
otomi-admin
and thepassword
provided in the logs of the installer job - Click on
Authorize
Application - Click on
Submit
on the Complete your Drone Registration page. You don't need to fill in your Email, Full Name, or Company Name if you don't want to - Click on the otomi/values repository
- Click on + Activate Repository
Done! Now you can create a team, add services, expose them, configure network policies and explore Otomi.
Like what you see? Please support us by joining the stargazers: https://github.com/redkubes/otomi-core
Posted on April 13, 2022
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.