We are bringing the best of Tectonic to Red Hat OpenShift to build the most secure, hybrid Kubernetes application platform.
Open Cloud Services automate common administrative tasks, such as installation and upgrading, allowing admins to focus on deployments and permissions.
Use Tectonic Console to enable Open Cloud Services for a selected namespace, then initialize and configure the service for use within that namespace.
Tectonic admins enable Open Cloud Services on selected namespaces, granting users with access to those namespaces permission to initialize and deploy the service. For more granular control, create custom RBAC roles and permissions to control access to these services within defined namespaces.
Cluster admins may select the teams and namespaces for whom Open Cloud Services will be enabled. For example, admins may allow only certain teams access to Vault, a powerful and secure secret store. Prometheus access may be broader across teams, but limited to namespaces requiring its reporting capacity.
Once enabled in a namespace, normal Kube roles and bindings can be used to further control access to edit or delete these resources.
Use Tectonic Console to enable Open Cloud Services for your Tectonic cluster.
Once enabled, the Open Cloud Services page will list the version deployed, and the namespaces for which each app is enabled.
To enable Open Cloud Services using kubectl, create a Subscription-v1
resource in the desired namespace.
For example:
apiVersion: app.coreos.com/v1alpha1
kind: Subscription-v1
metadata:
name: etcd
spec:
channel: alpha
name: etcd
source: tectonic-ocs
Valid values for spec.name
are:
etc
prometheus
vault
The Vault OCS will automatically grant the namespace access to its private image repository.
Open Cloud Service instances may be deployed into any namespace for which they are enabled.
A new instance will be deployed into the selected namespace. Once created, Console displays the following information for each instance:
Tectonic Open Cloud Services deploy apps using best practices configuration options to ensure highly available, secure, and fully managed Kubernetes Services. While not recommended, these services may be customized using the configuration options available to individual Operators.
Use Tectonic Console or kubectl to edit the YAML manifest for individual services.
For more information on specific configuration options, see the documentation for the respective operators:
Trigger a rolling update for Open Cloud Services by clicking down into an instance’s Details page, and editing its YAML manifest.