Activation steps
Follow the steps below to activate Otomi after initial installation.
Step 1: Get the log output of the installer job
When the installer job (in the default namespace) has finished, copy the URL and the generated password from the bottom of the logs, sign in to the console with the provided URL, username and password.
Use the following command to get the logs of the installer job:
kubectl logs jobs/otomi -n default -f
Step 2: Create an License Key for using Otomi Console and Otomi API
A Community Edition License Key is required per 17-05-2023
If you would like to use the Otomi Console (Web UI) and Otomi API (for code validation and creation), then you will first need to create a Community Edition License key in Otomi Cloud. Follow these instructions to create a License Key:
- Go to Otomi Cloud
- Create an account
- Click on
Register Cluster
- Agree with the EULA
- Copy the License Key and click
Continue
- Log in to Otomi Console. You can find the link in the logs of the installer (see step 1)
- Add the License key to Otomi Console
- Click
Activate
Step 3 (optional): Add the auto generated CA to your keychain
Otomi by default automatically generates a CA. The generated CA is of course not trusted on your local machine. Here are some options to prevent you from clicking away lots of security warning in your browser:
- In the left menu of the console, click on "Download CA"
- Double click the downloaded CA.crt or add the CA to your keychain on Mac using the following command:
sudo security add-trusted-cert -d -r trustRoot -k /Library/Keychains/System.keychain ~/Downloads/ca.crt
On Windows, use PowerShell (running as Administrator) with the Certutil:
certutil.exe -addstore root <downloaded cert path>
Or:
Import-Certificate -FilePath "<downloaded cert path>" -CertStoreLocation Cert:\LocalMachine\Root
# Restart the browser
But you could also run Chrome in insecure mode:
alias chrome-insecure='/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --ignore-certificate-errors --ignore-urlfetcher-cert-requests &> /dev/null'
- Optional: Restart Docker (to support pushing images to Harbor)
Step 4 (Optional): Create a new admin user
We strongly advise to not use the default otomi-admin
account after activation and to not change the password. Store it somewhere safe and only use it in case absolutely required.
Create a new user account in Keycloak and add the new user to the otomi-admin
and team-admin
group.
Step 5 (Optional): Add the URL of the Kubernetes API
Adding the URL of the K8s cluster API is required by teams to be able to download the KUBECONFIG
- Under
Platform
in Otomi Console, click onSettings
- Click on
Cluster
- Add the full URL of the API server
- Click on
Submit
- Click on
Deploy Changes