🐳 OrcaMonitor MSP

Add a new tenant

Provisioning flow

  1. A DNS CNAME + verification TXT record is created on Cloudflare.
  2. A dedicated Kubernetes namespace (tnt-<slug>) is spun up with the full NetBird stack.
  3. A Zitadel project + OIDC app is created for SSO isolation.
  4. The tenant starts in trial mode (14 days).

Used to derive the slug (acme-corp).

The on-prem domain the customer will connect from. Ownership is verified via TXT lookup.