One Web Console
to rule all tools & platform configuration
Using Otomi, developers can be fully self-serving. They can spin up new namespaces, get access to all the tools they need, create secrets, deploy workloads, create jobs, configure public exposure, add service monitors, and much more. And all of these features are accessible through just one web UI.
Use Otomi Console to compose your own preferred suite of Kubernetes applications using the drag and drop functionality
Provide all the tools in a standardized way and make devs self-serving
Platform admins can use the self-service flags to delegate permissions to a team
A service in Otomi is a feature to configuring ingress for pre-deployed Kubernetes or to create new Knative services.
Use Otomi Jobs to create and run Kubernetes jobs and CronJobs
Secrets created and managed using HashiCorp Vault can be ‘mapped’ onto the Otomi configuration and used by Otomi Services
Installed apps are accessible for each team to deploy from the Otomi Kubernetes Platform
Use Otomi Console to compose your own preferred suite of Kubernetes applications. Just Drag and Drop the apps you’d like to use. You can activate apps for:
- GitOps (ArgoCD)
- Security (Kubeclarity, OPA/Gatekeeper, Vault, Falco, Trivy, WAF)
- Backup (Velero)
- Single Sign On (Keycloak, Oauth2)
- Networking (Istio, Calico, Nginx)
- Observability (Prometheus, Grafana, Loki, Alertmanager, Thanos)
- Container Registry (Harbor)
- Serverless (Knative)
- Object Storage (Minio)
When apps are enabled, they will work out-of-the-box in an integrated and automated way based on sane defaults and best practices.
In the Policies section, a platform admin can see and configure all the available security policies. By default, policies are enforced, but non-blocking. Click on a policy to configure parameters and to turn a policy on or off.
Teams are isolated spaces on Kubernetes and can be used for Projects, DevOps teams, or even DTAP. Platform admins can use the self-service flags to delegate permissions to a team. When a flag is set, members of the team can configure ingress for public exposure, change alerting receivers, change the OIDC group id or even change team resource quotas. By default all internal network traffic between Teams is disabled
A service in Otomi is a feature to configuring ingressfor pre-deployed Kubernetes or to create new Knative services. Otomi will automatically create all ingress resources and configuration needed, including certificates, Istio virtual services, DNS records, or even an Oauth2 proxy for Single Sign-On.
Next to configuring exposure for a pre-deployed service, Otomi Console can also be used to create new Knative services without writing any YAML manifests. Just fill in the container image you would like to deploy and optionally configure environment variables, annotations, secrets, secret mounts, and/or files.
With the workloads feature it becomes easier for developers to deploy applications according to security and compliance standards which, in turn, makes the software delivery process more efficient and secure. This feature brings us one step closer to our vision of giving time back to developers and to help save businesses time, money and resources.
Secrets created and managed using HashiCorp Vault can be ‘mapped’ onto the Otomi configuration and then be used by Otomi Services (for public and private expose and to mount into the pod as an environment variable when creating a Knative service) and by any other pod within the team namespace.
Otomi supports three kinds of secrets:
- Docker Registry
When the app is enabled, each team will get access to:
- Argo CD
- A GitOps repo in Gitea
- A project in Harbor to store images and charts
- A space in Vault to manage secrets
- Loki to see logs of apps deployed by the team
- Grafana to see metrics of apps deployed by the team
- Kubeapps to install applications from a catalog
- A dedicated Alertmanager and Prometheus instance
Become an early adaptor of Kubernetes innovations?
Interested in Kubernetes, cloud-native and platforms to scale up your business? Get exclusive tech insights delivered straight to your inbox.