Home Original page

inlets-operator/chart/inlets-operator at master · inlets/inlets-operator

The easiest way to install the inlets-operator is with arkade, an open-source Kubernetes marketplace, however if you'd like to use Helm, read on for examples you can adapt.

See inlets-operator reference documentation

Pre-reqs

A Kubernetes cluster deployed with x86_64 or arm64 hosts, or a mixture of both.

  • Download Helm, i.e. arkade get helm or brew install helm

  • Add the chart repo

    helm repo add inlets https://inlets.github.io/inlets-operator/

  • Create a namespace for the inlets-operator

    kubectl create namespace inlets

  • Create a secret for the inlets license key:

    kubectl create secret generic -n inlets \
  inlets-license --from-file license=$HOME/.inlets/LICENSE

  • Create your access key secret, then apply one of the following configurations.

  • Create a secret with an API key generated by DigitalOcean

    kubectl create secret generic -n inlets \
inlets-access-key \
--from-file inlets-access-key=$HOME/Downloads/do-access-token

Deploy an example configuration

Examples for each cloud are found in the reference documentation

Deploy with DigitalOcean in London

helm repo update && \
  helm upgrade inlets-operator --install inlets/inlets-operator \
  --namespace inlets \
  --set region=lon1

Install a local version of the chart for development

Create a custom values.yaml file with a custom image etc values-ae.yaml

pullPolicy: Always
image: ttl.sh/openfaas/inlets-operator:0.16.3-13-g9ff7184

Then run:

helm repo update && \
  helm upgrade inlets-operator --install ./chart/inlets-operator \
  --namespace inlets \
  --set region=lon1 \
  -f ./chart/inlets-operator/values-ae.yaml

Chart parameters

The following table lists the configurable parameters of the inlets-operator chart and their default values, and can be overwritten via the helm --set flag.

Parameter Description Default value
annotatedOnly Only create tunnels for LoadBalancer with a operator.inlets.dev/manage=1 annotation false
inletsclient.Image Container image for the inlets client when deployed inside K8s See values.yaml
image Container image for the inlets-operator See values.yaml
inletsRelease Release version of inlets for tunnel server VMs run via systemd See values.yaml
secretKeyFile If we are using a provider that requires a secret key as well as an access key, set to /var/secrets/inlets/secret/inlets-secret-key ""
affinity Node affinity policy {}
nodeSelector Node labels for data pod assignment {}
tolerations Node tolerations []
resources Operator resources requests & limits {"requests":{"cpu": "100m", "memory": "128Mi"}}
accessKeyFile Read the access key for your infrastructure provider from a file (recommended) /var/secrets/inlets/inlets-access-key
subnetId The Subnet ID where the exit-server should be placed (EC2) ""
vpcId The VPC ID to create the exit-server in (EC2) ""
plan The plan or size for your cloud instance different defaults, depending of the infrastructure provider
projectID The project ID if using gce or equinix-metal as the provider ""
region The region to provision hosts into ""
zone The zone where the exit node is to be provisioned (Used when Google Compute Engine is used as provider) us-central1-a
provider Your infrastructure provider - 'digitalocean', 'ec2', 'scaleway', 'equinix-metal', or 'gce' ""