Install Otomi with DNS
Install Otomi with DNS using AWS Route53
Follow the following steps to install Otomi with DNS using AWS Route53.
- Register a domain and retrieve the Hosted zone ID
- Create a
dns-policy.jsonfile for the policy and add the Zone ID:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "route53:GetChange",
"Resource": "arn:aws:route53:::change/*"
},
{
"Effect": "Allow",
"Action": [
"route53:ChangeResourceRecordSets",
"route53:ListResourceRecordSets"
],
"Resource": [
"arn:aws:route53:::hostedzone/<your-zone-id>"
]
},
{
"Effect": "Allow",
"Action": [
"route53:ListHostedZonesByName",
"route53:ListHostedZones"
],
"Resource": [
"*"
]
}
]
}
- Create the policy:
aws iam create-policy --policy-name "d5otomiDNS" --policy-document file://dns-policy.json
- export the policy ARN:
export POLICY_ARN=$(aws iam list-policies --query 'Policies[?PolicyName==`<policy-name>`].Arn' --output text)
- Create a user:
USER=user-name
aws iam create-user --user-name $USER
- Attach the user to the policy:
aws iam attach-user-policy --user-name $USER --policy-arn $POLICY_ARN
- Create the
access-key:
SECRET_ACCESS_KEY=$(aws iam create-access-key --user-name $USER)
- Get the
secret-access-idandsecret-access-key:
cat <<-EOF > $USER
aws_access_key_id = $(echo $SECRET_ACCESS_KEY | jq -r '.AccessKey.AccessKeyId')
aws_secret_access_key = $(echo $SECRET_ACCESS_KEY | jq -r '.AccessKey.SecretAccessKey')
EOF
- Add the DNS configuration to the
values.yamlto install Otomi:
cluster:
name: my-cluster # choose a name for your cluster
provider: your-provider
domainSuffix: your-domain.com # your domain name
otomi:
hasExternalDNS: true # required
dns:
domainFilters:
- your-domain.com
provider:
aws:
credentials:
secretKey: aws_access_key_id
accessKey: aws_secret_access_key
region: eu-central-1 # your region
apps:
cert-manager:
issuer: letsencrypt
stage: production
email: admin@your-domain.com
- Install Otomi:
helm repo add otomi https://otomi.io/otomi-core
helm repo update
helm install -f values.yaml otomi otomi/otomi