otomi-core
cert-manager
Our great sponsors
otomi-core | cert-manager | |
---|---|---|
75 | 99 | |
2,129 | 11,362 | |
2.3% | 2.2% | |
9.6 | 9.6 | |
2 days ago | 1 day ago | |
Mustache | Go | |
Apache License 2.0 | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
otomi-core
-
Selfhosted PaaS? (No dokku pls)
Otomi
-
Get started with Otomi: Self-hosted PaaS for Kubernetes
In this blog we are going to see Otomi: self-hosted PaaS for Kubernetes. Otomi is an open source self-hosted PaaS to run on top of Kubernetes and offers wide range of pre-configured Cloud Native applications such as Prometheus, Grafana, Loki,Argo CD, Istio, Jaeger, Keycloak, Knative, Harbor, and much more. Otomi is optimized for running on managed Kubernetes services like AS, EKS, GKE, DigitalOcean Kubernetes and LKE(Linode) then on any K8s cluster on on-prem or even on Minikube. In the container world Kubernetes becoming an operating system of cloud native applications where Otomi helps developers to launch cloud native application in few clicks away.
-
Delegating control with an advanced multi-tenant setup in Kubernetes using Otomi
● redkubes/otomi-core (Do star us and show your support) ● redkubes/workshops ● redkubes/quickstart ● Docs
- A simple user management solution?
-
Otomi: Self-hosted PaaS for Kubernetes on Windows (minikube)
Otomi is a self-hosted PaaS for Kubernetes and offers a complete suite of integrated, pre-configured applications combined with automation. Otomi is optimized for running on managed Kubernetes services like AKS, EKS, and GCP, but now it can be installed on any K8s cluster, even on Minikube.
-
How we leveraged nip.io and custom CA for Otomi
Otomi consists of a complete suite of applications that can be installed in one run on a Kubernetes cluster. It contains several open-source projects like Prometheus, Loki, Istio, cert-manager, external DNS, and much more. All of these applications are configured with sane defaults, making everything work out-of-the-box.
-
New DevOps Engineer looking for advice for monitoring and alerting
Take a look at https://github.com/redkubes/otomi-core. It contains everything for monitoring and alerting and offers devs an easy ui to get access to all the monitoring tools they need.
-
An open source app stack for Kubernetes with sane defaults combined with developer self-service and GitOps patterns
Sorry to hear. Did you install on a machine with at least 12 CPU and 32GB Ram? Please create an issue here: https://github.com/redkubes/otomi-core/issues We will soon add more instructions and clear hardware dependencies for using the onprem provider. For a smooth install, we advise to use an EKS, AKS or GKE (not auto pilot) cluster.
The links you're pointing to are the chart default values. The default values are overridden by the Otomi values: https://github.com/redkubes/otomi-core/tree/master/values
cert-manager
-
Run WebAssembly on DigitalOcean Kubernetes with SpinKube - In 4 Easy Steps
# Install cert-manager CRDs kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.14.4/cert-manager.crds.yaml # Add Helm repositories jetstack and KWasm helm repo add jetstack https://charts.jetstack.io helm repo add kwasm http://kwasm.sh/kwasm-operator # Update Helm repositories helm repo update # Install cert-manager using Helm helm install \ cert-manager jetstack/cert-manager \ --namespace cert-manager \ --create-namespace \ --version v1.14.4 # Install KWasm operator helm install \ kwasm-operator kwasm/kwasm-operator \ --namespace kwasm \ --create-namespace \ --set kwasmOperator.installerImage=ghcr.io/spinkube/containerd-shim-spin/node-installer:v0.13.1
On top of its core components, SpinKube depends on cert-manager. cert-Manager is responsible for provisioning and managing TLS certificates that are used by the admission webhook system of the Spin Operator. Let’s install cert-manager and KWasm using the commands shown here:
-
An opinionated template for deploying a single k3s cluster with Ansible backed by Flux, SOPS, GitHub Actions, Renovate, Cilium, Cloudflare and more!
SSL certificates thanks to Cloudflare and cert-manager
-
Deploy Rancher on AWS EKS using Terraform & Helm Charts
kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/${CERT_MANAGER_VERSION}/cert-manager.crds.yaml
-
Task vs Make - Final Thoughts
install-cert-manager: desc: Install cert-manager deps: - init-cluster cmds: - kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/{{.CERT_MANAGER_VERSION}}/cert-manager.yaml - echo "Waiting for cert-manager to be ready" && sleep 25 status: - kubectl -n cert-manager get pods | grep Running | wc -l | grep -q 3
-
Easy HTTPS for your private networks
I've been pretty frustrated with how private CAs are supported. Your private root CA can be maliciously used to MITM every domain on the Internet, even though you intend to use it for only a couple domain names. Most people forget to set Name Constraints when they create these and many helper tools lack support [1][2]. Worse, browser support for Name Constraints has been slow [3] and support isn't well tracked [4]. Public CAs give you certificate transparency and you can subscribe to events to detect mis-issuance. Some hosted private CAs like AWS's offer logs [5], but DIY setups don't.
Even still, there are a lot of folks happily using private CAs, they aren't the target audience for this initial release.
[1] https://github.com/FiloSottile/mkcert/issues/302
[2] https://github.com/cert-manager/cert-manager/issues/3655
[3] https://alexsci.com/blog/name-non-constraint/
[4] https://github.com/Netflix/bettertls/issues/19
[5] https://docs.aws.amazon.com/privateca/latest/userguide/secur...
-
☸️ Managed Kubernetes : Our dev is on AWS, our prod is on OVH
the Cert Manager
- Renewing tls certificate on a sops secret deployment.
-
cert-manager on k3s on arm with lets encrypt
``` curl -sL \ https://github.com/cert-manager/cert-manager/releases/download/v1.12.1/cert-manager.yaml |\ sed -r 's/(image:.):(v.)$/\1-arm:\2/g' > cert-manager-arm.yaml
-
🌍🚀🎯 From Localhost to Cloud ☁️: Next.js, Django, SSL 🔒, GitHub Actions 🚀, DNS| Ultimate Website Deployment Tutorial🌟🔥✨
helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx helm upgrade --install ingress-nginx-chart ingress-nginx/ingress-nginx --set controller.service.loadBalancerIP=31.91.11.253 --set controller.service.externalTrafficPolicy=Local helm repo add jetstack https://charts.jetstack.io helm repo update kubectl apply -f https://github.com/cert-manager/cert-manager/releases/download/v1.8.0/cert-manager.crds.yaml helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.8.0
What are some alternatives?
metallb - A network load-balancer implementation for Kubernetes using standard routing protocols
aws-load-balancer-controller - A Kubernetes controller for Elastic Load Balancers
Portainer - Making Docker and Kubernetes management easy.
awx-operator - An Ansible AWX operator for Kubernetes built with Operator SDK and Ansible. 🤖
k3s - Lightweight Kubernetes
oauth2-proxy - A reverse proxy that provides authentication with Google, Azure, OpenID Connect and many more identity providers.
external-dns - Configure external DNS servers (AWS Route53, Google CloudDNS and others) for Kubernetes Ingresses and Services
lens - Lens - The way the world runs Kubernetes
rbac-manager - A Kubernetes operator that simplifies the management of Role Bindings and Service Accounts.
k3os - Purpose-built OS for Kubernetes, fully managed by Kubernetes.
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
kubevirt - Kubernetes Virtualization API and runtime in order to define and manage virtual machines.