inlets/inlets-operator

Chart version: 0.10.2
Api version: v1
App version: 1.0
inlets-operator for Kubernetes
application
Chart Type
Active
Status
Unknown
License
6893
Downloads
https://inlets.github.io/inlets-operator
Set me up:
helm repo add center https://repo.chartcenter.io
Install Chart:
helm install inlets-operator center/inlets/inlets-operator
Versions (0)

inlets-operator chart

Install the inlets-operator with this chart or with arkade.

You can also install the inlets-operator with arkade install inlets-operator to any Kubernetes cluster. arkade provides strongly-typed flags and validation for parameters.

Pre-reqs

  • Configure helm 3 (Tiller is not required)

  • Add the chart repo

  helm repo add inlets https://inlets.github.io/inlets-operator/
  helm repo update
  • Create your access key secret, then apply one of the following configurations.

  • Create a secret with an API key generated by DigitalOcean

    kubectl create secret generic inlets-access-key \
    --from-literal inlets-access-key="$(cat ~/Downloads/do-access-token)"
    
    • Install the CRD: Requires Kubernetes 1.16+ sh kubectl apply -f ./artifacts/crds

Deploy an example configuration

DigitalOcean with inlets OSS (recommended)

helm upgrade inlets-operator --install inlets/inlets-operator

DigitalOcean with inlets-pro

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set inletsProLicense=JWT_GOES_HERE

AWS EC2 with inlets OSS

kubectl create secret generic inlets-secret-key \
--from-literal inlets-secret-key="$(cat ~/Downloads/aws-secret-access-key)"

kubectl create secret generic inlets-access-key \
--from-literal inlets-access-key="$(cat ~/Downloads/aws-access-key)"

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=ec2,region=us-east-1,accessKeyFile=/var/secrets/inlets/inlets-access-key,\
  secretKeyFile=/var/secrets/inlets/secret/inlets-secret-key

AWS EC2 with inlets-pro

kubectl create secret generic inlets-secret-key \
--from-literal inlets-secret-key="$(cat ~/Downloads/aws-secret-access-key)"

kubectl create secret generic inlets-access-key \
--from-literal inlets-access-key="$(cat ~/Downloads/aws-access-key)"

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=ec2,region=us-east-1,accessKeyFile=/var/secrets/inlets/inlets-access-key,\
  secretKeyFile=/var/secrets/inlets/secret/inlets-secret-key,inletsProLicense=JWT_GOES_HERE

Google Compute Engine with inlets OSS

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=gce,zone=us-central1-a,projectID=PROJECTID

Google Compute Engine with inlets-pro

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=gce,zone=us-central1-a,projectID=PROJECTID,inletsProLicense=JWT_GOES_HERE

Equinix-Metal with inlets OSS

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=equinix-metal,region=ams1,projectID=PROJECTID

Equinix-Metal with inlets-pro

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=equinix-metal,region=ams1,projectID=PROJECTID,inletsProLicense=JWT_GOES_HERE

Scaleway with inlets OSS

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=scaleway,region=ams1,organizationID=ORGANIZATIONID

Linode with inlets OSS

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=linode,region=us-east

Linode with inlets-pro

helm upgrade inlets-operator --install inlets/inlets-operator \
  --set provider=linode,region=us-east,inletsProLicense=JWT_GOES_HERE

Chart parameters

The following table lists the configurable parameters of the inlets-operator chart and their default values, and can be overwritten via the helm --set flag.

Parameter Description Default
image Docker image for the Inlets Operator inlets/inlets-operator:0.7.4
clientImage Docker image for the inlets client inlets/inlets:2.7.10
provider Your infrastructure provider - ‘digitalocean’, ‘ec2’, ‘scaleway’, ‘equinix-metal’, or ‘gce’ ""
region The region to provision hosts into ""
zone The zone where the exit node is to be provisioned (Used when Google Compute Engine is used as provider) us-central1-a
vpcId The VPC ID to create the exit-server in (EC2) ""
subnetId The Subnet ID where the exit-server should be placed (EC2) ""
accessKeyFile Read the access key for your infrastructure provider from a file (recommended) /var/secrets/inlets/inlets-access-key
projectId The project ID if using gce or equinix-metal as the provider ""
annotatedOnly Only create a tunnel for annotated services. false
inletsProLicense License for use with inlets-pro ""
resources Operator resources requests & limits {"requests":{"cpu": "100m", "memory": "128Mi"}}
nodeSelector Node labels for data pod assignment {}
tolerations Node tolerations []
affinity Node affinity policy {}
secretKeyFile If we are using a provider that requires a secret key as well as an access key, set to /var/secrets/inlets/secret/inlets-secret-key ""