- The primary method of interacting with the Camunda 7 engine is with the REST Api.
- Integration with other systems is done using the External Task Client.
- Integration with user tasks is through the Task Api and using the C7 Client as a abstraction
- Authorization and Authentication is done through Keycloak securing the Camunda7 Webapps and the REST api.
- Camunda 7 Engine
- DMN Engine
- Spring-Boot (Camunda-Run)
- Camunda 7 Web Apps (Cockpit, Tasklist, Admin)
- External Task Client (Java SpringBoot)
- Prometheus
- Graphana
- Keycloak
- LDAP (Apacheds)
- Nginx
- Demo Apps (ReactJS, SpringBoot Data, Camunda C7 client)
- Kubernetes (container orchestration)
- Docker
- Camunda 7 BPMN, DMN engine, and Webapps, RestAPI, Swagger
- Camunda Optimize
- Metrics (Prometheus, Graphana)
- Keycloak integration with Camunda to manage authentication and authorizations
- SSO
- Secure traffic with TLS, Kube Certmanger and Letsencrypt
- LDAP integration for user/group management
- Profile for AWS
- Profile for Azure
- Separate deployment of Webapps node and Headless REST api node
- Graphana dashboard for Camunda 7
- Graphana Ingress
- Demo UI, Demo Data and C7 Client
- CockroachDB
- Vault auto password rotation
- GRPC external task client support
-
Download or clone the forked version of camunda-7-community-helm. This is a temporary measure until the camunda-community-hub/camunda-7-community-helm is updated.
-
Point the Makefile to the chart where you placed it on your filesystem
chart ?= ../camunda-7-community-helm/charts/camunda-bpm-platform
- full-stack
- development
make certEmail=<<YOUR_EMAIL>> chart=<<YOUR_PROJECTS>>/camunda-7-community-helm/charts/camunda-bpm-platform
make kind-dev env=dev chart=...
make local env=dev chart=...
-
Access camunda at http://camunda.127.0.0.1.nip.io user/pass demo/demo
-
Access optimize at http://optimize.127.0.0.1.nip.io user/pass demo/demo
- Access keycloak at http://keycloak.127.0.0.1.nip.io user/pass admin/admin
NOTE: User are automatically added and configured using LDAP through the Keycloak user federation integration. User (demo/demo) has been added to the Keycloak Camunda Realm and in the camunda-admin group.
NOTE: if you change the Keycloak client secret in keycloak/production.yml you must update keycloak/realm.json
Users and Groups are stored in LDAP. Keycloak is configured to use LDAP provider and directly integrates to Camunda through the Keycloak Plugin.
NOTE: This allows us to create and configure Users and Groups in an automated fashion and eliminates the need to manually configure Users in Keycloak or Camunda.
IMPORTANT: for Cockpit users it's still necessary to create Authorizations in Camunda Admin Panel
kubectl get pods --all-namespaces
kubectl port-forward metrics-grafana-<<your-pod-id>> 3000:3000 -n default
- Access Graphana at http://localhost:3000/ user/pass camunda/camunda
kubectl get secret grafana-admin-password -o jsonpath='{.data.admin-user}' | base64 --decode
kubectl get secret grafana-admin-password -o jsonpath='{.data.admin-password}' | base64 --decode
More info