Okteto is a development platform for Kubernetes applications. Build better applications by developing and testing your code directly in your own Kubernetes infrastructure. Give your team the power of Okteto Cloud, with the control and flexibility of running in your very own Digital Ocean Kubernetes cluster.

After installing Okteto you and your team will be able to:

• Get self-service access to your Kubernetes infrastructure. Forget about dealing with IAMs and account mappings and just login with your email account to get your kubeconfig.
• Visualize your workloads in a Developer-focused Kubernetes dashboard.
• Automatically apply security policies, quotas and access control to every user and deployment.
• Create secure Kubernetes namespaces with one click.
• Get automatic HTTPs endpoints for all your services.
• Configure secrets and prevent secure credentials from being stored in version control.
• Deploy your applications with one click, directly from a fully customizable Application Catalog, powered by Helm 3.
• Build on remote your container images, powered by BuildKit.
• Push your images to the Okteto Registry.
• Fully integrate with the Okteto CLI to develop directly in your Kubernetes cluster.

After you have downloaded your kubeconfig file, and are able to successfully connect to your DigitalOcean Kubernetes cluster (see https://cloud.digitalocean.com/kubernetes/clusters/ if you haven’t connected to your cluster) follow the instructions below to start using Okteto.

Initial Configuration

The first step is to get your admin token. Run the following command in a terminal shell to retrieve it:

kubectl get sa -n=okteto do-okteto-enterprise -ojsonpath='{.metadata.labels.dev\.okteto\.com/token}'

Second, start a port-forward to the ingress service by running the command below:

kubectl port-forward service/do-nginx-ingress-controller 8443:443 --namespace okteto

Third, open your browser and go to https://localhost:8443/#admin to load the admin screen.

Use the admin token you retrieved on the first step to login to the admin screen.

Once you log in to the admin page, you'll need to provide the following values to complete Okteto's initial configuration.

1. The email of the owner of the application.
2. A dedicated subdomain for your Okteto instance.
3. Your Kubernetes cluster's public endpoint.
4. Your Okteto Enterprise license (optional).
5. The Client ID and Client Secret of a Github OAuth app.
6. A list of the Github IDs that are allowed to login (optional, leave it empty to allow everyone).
7. A Digital Ocean personal access token.

Press Save once you're ready to apply the new configuration. It'll take about 30 seconds for the configuration to be applied.

Your Okteto instance is now fully configured. It will be available via https://okteto.$SUBDOMAIN (e.g. https://okteto.dev.example.com). The next section explains how to configure the DNS for this.

DNS configuration

Run the following command in a terminal shell to get the External IP address of the Load Balancer.

kubectl get svc -n=okteto -l="app=nginx-ingress,component=controller"

Create a wildcard A record for the entire subdomain and point it to the external IP of the load balancer.

More information

Subdomain

Okteto can automatically create HTTPS endpoints for the applications you deploy in your cluster. We recommend that you give Okteto a dedicated subdomain to prevent endpoint clashes with other applications.

The Okteto web UI will always be available at https://okteto.$SUBDOMAIN.

The subdomain must be registered with Digital Ocean.

Cluster Public Endpoint

This is the fully qualified url of your Kubernetes cluster's apiserver. You can get it from the kubeconfig file you downloaded from Digital Ocean:

apiVersion: v1
clusters:
- cluster:
    certificate-authority-data: DATA+OMITTED
    server: https://0b84ec60-fe41-4994-8e76-b53e00859ef9.k8s.ondigitalocean.com
  name: do-sfo2-ramiro
  ...

License

Okteto Enterprise is free to try. You get all the features of Okteto Enterprise for up to 3 users with 3 namespaces each. Need more? Let's talk.

Authentication

Okteto Enterprise uses Github OAuth as the authentication provider. You'll need to create a Github OAuth app with the following values:

Homepage URL:

https://okteto.$SUBDOMAIN

Authorization callback URL:

https://okteto.$SUBDOMAIN/auth/callback

Personal Access Token

Okteto Enterprise requires a Digital Ocean personal access token with read/write permissions to be able to create DNS entries when responding to ACME DNS-01 challenges. The entries will be created in the subdomain you provided in the configuration. You can create your personal access token by going here.

Support

If you get stuck, or have any questions, feel free to reach out to us at hello@okteto.com, Twitter or our Slack channel.