Skip to content

Installing Orb control plane

Orb consists of two major components:

  1. The Control Plane—comprised of microservices, communication systems, databases, etc.—deploys to a central location (usually a cloud environment on Kubernetes).
  2. The Orb Agent—a lightweight observability agent—deploys to all the infrastructure you wish to monitor.


The instructions below are for installing the Control Plane. If you just need to install the Orb Agent (orb-agent), see these instructions instead.

The Control Plane can be self-hosted, or you can use our free Orb SaaS service. Self-hosting gives you full privacy and control but is more complex. On the other hand, our SaaS gets you up and running quickly since you only need to create a free account on and then install the Orb Agent to your infrastructure.


To run your agent using the self-hosted control plane, disable TLS verification using the enviromental variable below in your provisioning command:


Check an example here.

The Orb SaaS platform ( is now in active development. This free service allows you to enjoy the benefits of the Orb platform without having to run your own control plane.

If you need to install the Orb Agent to be used with, see these instructions.


There are two main deployment methods for those wanting to self-host:

  • Docker Compose - This option is useful for developer or testing installations, allowing you to run both the Orb Control Plane and the Orb Agent on a single machine.
  • Helm Chart - This option is intended for production deployments, requiring access to a Kubernetes cluster.

Follow the instructions below after choosing a self-host option.


If you're just interested in trying out Orb quickly to see what it's all about, use the Docker Compose method.

Orb with Docker Compose

The Orb repo contains a full Docker Compose environment, useful both for developers wishing to contribute and casual users looking to try Orb for the first time.

Running Orb with Docker Compose requires you to have a copy of the Orb repo, although it is not necessary to build any software as the Compose file will download appropriate versions of the services from Docker Hub.

If you would like to build the software, or if you need to troubleshoot your environment, you can find more detailed instructions on setting up a development environment here.



git clone
cd orb
make run

This will pull Orb’s containers from Docker Hub and start all services. You may run docker ps to confirm all services started successfully.

If you are running on your local machine, upon success the Orb UI will be available at https://localhost/


Is the Docker Compose environment not starting correctly? Found a bug? Come talk to us live on Slack in the #orb channel, or file a GitHub issue here.

Orb Helm Chart

Helm is a package manager for Kubernetes. A Helm Chart is a package that allows you to customize your deployment on Kubernetes.

To configure and deploy an Orb Helm Chart, follow the instructions below.



This guide assumes installation into namespace orb. It requires a HOSTNAME over which you have DNS control. It uses Let's Encrypt for TLS certification management.

  • cd to working directory charts/orb

  • Add helm repos for dependencies.

    helm repo add jaegertracing
    helm repo add bitnami
    helm repo add ingress-nginx
    helm repo add jetstack
    helm repo update
    helm dependency update
  • Create orb namespace.

    kubectl create namespace orb
  • Create JWT signing key secret.

    kubectl create secret generic orb-auth-service --from-literal=jwtSecret=MY_SECRET -n orb
  • Create admin user secrets.

    kubectl create secret generic orb-user-service --from-literal=adminPassword=12345678 -n orb
  • Deploy ingres-nginx helm (to default namespace) with tcp config map configured from helm for 8883 (MQTTS). Note you need to reference both namespace and helm release name here.

    helm install --set tcp.8883=orb/my-orb-nginx-internal:8883 ingress-nginx ingress-nginx/ingress-nginx
  • Wait for an external IP to be available.

    kubectl --namespace default get services -o wide -w ingress-nginx-controller
  • Choose a HOSTNAME, then point an A record for this hostname to the external IP.

  • Deploy cert manager helm to secure nginx ingress.

    helm install cert-manager jetstack/cert-manager --namespace cert-manager --create-namespace --version v1.5.3 --set installCRDs=true
  • Create Issuer CRDs (in the orb namespace).

    • cp issuers/production-issuer-tpt.yaml issuers/production-issuer.yaml
    • Edit issuers/production-issuer.yaml and change to a real email address.
    • kubectl create -f issuers/production-issuer.yaml -n orb
  • Install Orb. Replace my-orb with your helm release name.

    helm install --set ingress.hostname=HOSTNAME -n orb my-orb .


Is the Helm deployment not working correctly? Found a bug? Come talk to us live on Slack in the #orb channel, or file a GitHub issue here.

Upon successful installation, visit our Getting Started section to keep moving forward with Orb.

Orb with Kind

Kind is a tool for running local k8s clusters using docker container as nodes. Follow those steps to setup a local k8s cluster and deploy Orb.



Windows WSL users: WSL is also supported, but for some reason the Orb stack mess up the WSL internal DNS. You can fix that by editing your /etc/wsl.conf and adding the following:

generateResolvConf = false
Restart WSL by executing the following on CMD:
wsl --shutdown
Open WSL terminal again and remove the symbolic link from /etc/resolv.conf:
sudo unlink /etc/resolv.conf
Create a new /etc/resolv.conf file and add the following:
save the file and you are done.

Deploy Orb on Kind

Add kubernetes.docker.internal host as address in your hosts file:

echo " kubernetes.docker.internal" | sudo tee -a /etc/hosts

Clone the Orb Helm charts

git clone
cd orb-helm

Setup Orb Charts dependencies repositories:

make prepare-helm


You just need to run those steps until here once, even if you delete the cluster afterwards.

Use the following command to create the cluster and deploy Orb:

make kind-create-all

Access the Orb UI by accessing: https://kubernetes.docker.internal/. The following users are created during the mainflux bootstrap:

E-mail Password Role pass123456 Admin

Have fun! 🎉 When you are done, you can delete the cluster by running:

make kind-delete-cluster