Kubernetes
This guide explains how to install Nected on a Kubernetes cluster using official Helm charts. This method is suitable for staging and production environments that require high availability, scalability, and better operational control.
Pre-requisites:
These requirements are specific to deploying Nected on a Kubernetes cluster using Helm.
Kubernetes Cluster
Ensure you have a functional Kubernetes cluster set up. You can use:
Cluster access should be available via the kubectl
CLI.
Required Packages
Install and configure the following packages:
kubectl – matches your Kubernetes cluster version.
Helm – version v3.x or later.
Domain Setup and Ingress Configuration
Configure four fully qualified domain names (FQDNs) pointing to your ingress controller:
UI (Konark)
<<ui-domain>>
app.example.com
Editor
<<editor-domain>>
editor.example.com
Backend API (Nalanda)
<<backend-domain>>
api.example.com
Router (Vidhaan)
<<router-domain>>
router.example.com
Update your DNS provider (e.g., Cloudflare, Route53) to point these domains to your ingress controller’s external IP.
System Specifications
CPU
4 cores
8+ cores
RAM
8 GB
16+ GB
Storage
30 GB
100 GB (SSD/NVMe)
Databases and Caching Services
Proper configuration of these services is required for Nected functionality:
PostgreSQL
✔️
Stores rules, workflows, metadata
Configure user, password, host, port, database name, connection pooling
Redis
✔️
Caching and internal state management
Configure host, port, TLS if needed; additional Redis clusters if required
Elasticsearch / OpenSearch
Optional
Stores audit and execution logs
Configure ELASTIC_PROVIDER
as managed
or opensearch
in nected-values.yaml
For Dev Environments: Use Nected’s datastore chart if you don’t have PostgreSQL, Redis, or Elasticsearch installed:
Install chart:
helm upgrade -i datastore nected/datastore -f datastore-values.yaml
🛠️ Installation Steps
Follow these installation steps to deploy Nected over Kubernetes Cluster:
📦 Add Helm Repo
helm repo add nected <https://nected.github.io/helm-charts>
📄 Download Sample Values Files
🌐 Configure Scheme and Domains
In nected-values.yaml
, replace the following placeholders:
<<scheme>>
http
or https
<<ui-domain>>
app.xyz.com
<<editor-domain>>
editor.xyz.com
<<backend-domain>>
api.xyz.com
<<router-domain>>
router.xyz.com
🗄️ Configure PostgreSQL
In
temporal-values.yaml
:
NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort 5432
NECTED_PG_TLS_ENABLED: &pgTlsEnabled false
NECTED_PG_HOST_VERIFICATIO: &pgHostVerification false
In
nected-values.yaml
:
NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_DATABASE: &pgDatabase nected
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort "5432"
NECTED_PG_SSL_MODE: &pgSslMode disable
Notes: No changes required if using the Nected-provided datastore.
🧠 Configure Redis
In nected-values.yaml
:
NECTED_REDIS_TLS_ENABLED: &redisTlsEnabled "false"
NECTED_REDIS_INSECURE_TLS: &redisInsecureTls "true"
NECTED_REDIS_HOST_PORT: &redisHostPort datastore-redis-master:6379
NECTED_REDIS_HOST: &redisHost datastore-redis-master
NECTED_REDIS_PORT: &redisPort "6379"
NECTED_REDIS_USERNAME: &redisUser ""
NECTED_REDIS_PASSWORD: &redisPassword ""
Notes: No changes required if using the Nected-provided datastore.
🔍 Configure Elasticsearch / OpenSearch
In nected-values.yaml
:
NECTED_ELASTIC_ENABLED: &elasticEnabled "true"
# possible values: managed / opensearch
NECTED_ELASTIC_PROVIDER: &elasticProvider managed
NECTED_ELASTIC_HOSTS: &elasticHost <http://elasticsearch-master:9200>
NECTED_ELASTIC_INSECURE_TLS: &elasticInsecureTls "true"
NECTED_ELASTIC_API_KEY: &elasticAPiKey ""
NECTED_ELASTIC_USER: &elasticUser elastic
NECTED_ELASTIC_PASSWORD: &elasticPassword esPass123
Optional: To disable audit logging:
NECTED_ELASTIC_ENABLED: &elasticEnabled "false"
Notes: No changes required if using the Nected-provided datastore.
🔐 Enable Credential Encryption at Rest
Generate a private key and create a Kubernetes secret:
openssl genrsa -f4 -out encryption-at-rest 4096
kubectl create secret generic encryption-at-rest-secret --from-file encryption-at-rest
In
nected-values.yaml
, uncomment theexistingSecretMap
block to use the secret.
Install Nected Services
Install Temporal:
helm upgrade -i temporal nected/temporal -f values/temporal-values.yaml
Install Nected:
helm upgrade -i nected nected/nected -f values/nected-values.yaml
Access the Application
Visit the application via your configured <<ui-domain>>
. Log in using the default credentials defined in nected-values.yaml
:
NECTED_USER_EMAIL: [email protected]
NECTED_USER_PASSWORD: devPass123
Post-installation configuration
Once you have completed the installation process, consider performing the tasks below to configure and manage your Nected instance, enhancing its security and performance, specifically if it's intended for production use.
Last updated