mirrors/omni
1
0
Fork 0
mirror of https://github.com/siderolabs/omni.git synced 2026-01-21 10:51:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
omni/deploy/helm
History
Oguz Kilcan 49611b2f8d
release(v1.4.0-beta.1): prepare release 
This is the official v1.4.0-beta.1 release.

Signed-off-by: Oguz Kilcan <oguz.kilcan@siderolabs.com>
2025-12-12 15:51:12 +01:00
..
omni
release(v1.4.0-beta.1): prepare release
2025-12-12 15:51:12 +01:00
README.md
fix: typo in Helm chart readme service name for API Ingress example
2025-10-07 18:04:22 +02:00

README.md

Omni Helm chart

Prerequisites

To run Omni using this Helm chart the following additional components are required:

Example Walkthrough

This example assumes 3 separate DNS entries will be used:

Example URL Purpose
omni.example.com UI and API
kubernetes.omni.example.com Kubernetes proxy
siderolink.omni.example.com SideroLink

Assuming the above URLs and an Auth0 account the only values that need to be modified are:

domainName: omni.example.com 
accountUuid: <UUID> # This can be created using uuidgen
name: "MyOmniInstance"
auth:
  auth0:
    clientId: <AUTH0_CLIENT_ID>
    domain: <AUTH0_DOMAIN>
initialUsers:
  - <EMAIL>
service:
  siderolink:
    domainName: siderolink.omni.example.com
    wireguard:
      # The Helm chart currently assumes that Omni will be bound on a particular Node.
      address: <IP address of worker node>
  k8sProxy:
    domainName: kubernetes.omni.example.com

Ingresses

Example Ingresses are given below for ingress-nginx. N.B. They also require SSL certs to exist.

api

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: GRPC
    nginx.ingress.kubernetes.io/proxy-body-size: 32m
    nginx.ingress.kubernetes.io/service-upstream: "true"
  labels:
    app.kubernetes.io/name: omni
  name: api
  namespace: omni
spec:
  ingressClassName: nginx
  rules:
  - host: omni.example.com
    http:
      paths:
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /cosi.resource.State
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /management.ManagementService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /machine.MachineService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /cluster.ClusterService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /inspect.InspectService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /resource.ResourceService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /storage.StorageService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /time.TimeService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /auth.AuthService
        pathType: ImplementationSpecific
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8080
        path: /oicd.
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - omni.example.com
    secretName: omni.example.com-tls

kubernetes-proxy

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: kubernetes-proxy
  namespace: omni
spec:
  ingressClassName: nginx
  rules:
  - host: kubernetes.omni.example.com
    http:
      paths:
      - backend:
          service:
            name: internal
            port:
              number: 8095
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - kubernetes.omni.example.com
    secretName: kubernetes.omni.example.com-tls

siderolink

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  annotations:
    nginx.ingress.kubernetes.io/backend-protocol: GRPC
  name: siderolink
  namespace: omni
spec:
  ingressClassName: nginx
  rules:
  - host: siderolink.omni.example.com
    http:
      paths:
      - backend:
          service:
            name: internal-grpc
            port:
              number: 8090
        path: /
        pathType: ImplementationSpecific
  tls:
  - hosts:
    - siderolink.omni.example.com
    secretName: siderolink.omni.example.com-tls

ui

apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
  name: ui
  namespace: omni
spec:
  ingressClassName: nginx
  rules:
  - host: omni.example.com
    http:
      paths:
      - backend:
          service:
            name: internal
            port:
              number: 8080
        path: /
        pathType: Prefix
  tls:
  - hosts:
    - omni.example.com
    secretName: omni.example.com-tls