You can easily deploy octelium clients in any remote Kubernetes cluster to access and serve the Cluster Services (read more here). An easier and more automated alternative solution is to use the official OCtelium Helm charts to deploy the octelium clients in any remote Kubernetes clusters.
A minimal example should look as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authToken=<AUTHENTICATION_TOKEN>
You can also use an authentication token stored in an existing Kubernetes secret as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authTokenSecret=<K8S_SECRET_NAME>
By default, the Kubernetes secret key is assumed to be data. You can choose a custom secret key as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authTokenSecret=<K8S_SECRET_NAME> authTokenSecretKey=<KEY_NAME>
You can serve one or more Services from your remote Kubernetes cluster via the --set octelium.serve flag. Here is an example:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authToken=<AUTHENTICATION_TOKEN> --set "octelium.serve={svc1}"
You can also serve multiple Services as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authToken=<AUTHENTICATION_TOKEN> --set "octelium.serve={svc1,svc2,svc3}"
Let us discuss a detailed example. Let us imagine that you have an nginx Kubernetes service in the default Kubernetes namespace of your remote Kubernetes cluster that you want to serve and expose to the Octelium Cluster. You will need to create an Octelium Service as follows:
1kind: Service2metadata:3name: remote-nginx4spec:5mode: WEB6isPublic: true7config:8upstream:9url: http://nginx.default.svc10user: k8s-cluster-01
Note that the upstream of the remote-nginx Service above is the URL of the nginx Kubernetes service http://nginx.default.svc, as if we're trying to access it from that remote Kubernetes cluster. Also note that we added the user field which means that the Service's upstream is served by the connect User k8s-cluster-01. You can actually create that Octelium User, before creating the Service, as follows:
1kind: User2metadata:3name: k8s-cluster-014spec:5type: WORKLOAD
And then you can create an authentication token for the k8s-cluster-01 User as follows (read more here):
octeliumctl create cred --user k8s-cluster-01 my-cred
And then you now deploy the octelium client in your remote Kubernetes cluster and instruct it to serve the remote-nginx Service as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authToken=<AUTHENTICATION_TOKEN> --set "octelium.serve={remote-nginx}"
You can also deploy multiple replicas of the octelium client and impose random load balancing among the different octelium serving the upstream of remote-nginx via the --set replicaCount flag as follows:
helm install my-octelium-chart oci://ghcr.io/octelium/helm-charts/octelium --set octelium.domain=<DOMAIN> --set octelium.authToken=<AUTHENTICATION_TOKEN> --set "octelium.serve={remote-nginx}" --set replicaCount=3
Note that you are not restricted to remotely serving HTTP-based Services from any remote Kubernetes cluster. You can actually serve arbitrary