Kubernetes

This guide explains how to install Nected on a Kubernetes cluster using official Helm charts. This method is suitable for staging and production environments that require high availability, scalability, and better operational control.

Pre-requisites:

These requirements are specific to deploying Nected on a Kubernetes cluster using Helm.

Kubernetes Cluster

Ensure you have a functional Kubernetes cluster set up. You can use:

Cluster access should be available via the kubectl CLI.

Required Packages

Install and configure the following packages:

  • kubectl – matches your Kubernetes cluster version.

  • Helm – version v3.x or later.

Domain Setup and Ingress Configuration

Configure four fully qualified domain names (FQDNs) pointing to your ingress controller:

Service
Values Placeholder
Example Domain

UI (Konark)

<<ui-domain>>

app.example.com

Editor

<<editor-domain>>

editor.example.com

Backend API (Nalanda)

<<backend-domain>>

api.example.com

Router (Vidhaan)

<<router-domain>>

router.example.com

Update your DNS provider (e.g., Cloudflare, Route53) to point these domains to your ingress controller’s external IP.

System Specifications

Resource
Minimum (Dev/Test)
Recommended (Prod)

CPU

4 cores

8+ cores

RAM

8 GB

16+ GB

Storage

30 GB

100 GB (SSD/NVMe)

Databases and Caching Services

Proper configuration of these services is required for Nected functionality:

Service
Mandatory
Purpose
Configuration

PostgreSQL

✔️

Stores rules, workflows, metadata

Configure user, password, host, port, database name, connection pooling

Redis

✔️

Caching and internal state management

Configure host, port, TLS if needed; additional Redis clusters if required

Elasticsearch / OpenSearch

Optional

Stores audit and execution logs

Configure ELASTIC_PROVIDER as managed or opensearch in nected-values.yaml

🛠️ Installation Steps

Follow these installation steps to deploy Nected over Kubernetes Cluster:

📦 Add Helm Repo

helm repo add nected <https://nected.github.io/helm-charts>

📄 Download Sample Values Files

🌐 Configure Scheme and Domains

In nected-values.yaml, replace the following placeholders:

Values Placeholder
Replace With

<<scheme>>

http or https

<<ui-domain>>

app.xyz.com

<<editor-domain>>

editor.xyz.com

<<backend-domain>>

api.xyz.com

<<router-domain>>

router.xyz.com

🗄️ Configure PostgreSQL

  1. In temporal-values.yaml:

NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort 5432
NECTED_PG_TLS_ENABLED: &pgTlsEnabled false
NECTED_PG_HOST_VERIFICATIO: &pgHostVerification false
  1. In nected-values.yaml:

NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_DATABASE: &pgDatabase nected
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort "5432"
NECTED_PG_SSL_MODE: &pgSslMode disable

Notes: No changes required if using the Nected-provided datastore.

🧠 Configure Redis

In nected-values.yaml:

NECTED_REDIS_TLS_ENABLED: &redisTlsEnabled "false"
NECTED_REDIS_INSECURE_TLS: &redisInsecureTls "true"
NECTED_REDIS_HOST_PORT: &redisHostPort datastore-redis-master:6379
NECTED_REDIS_HOST: &redisHost datastore-redis-master
NECTED_REDIS_PORT: &redisPort "6379"
NECTED_REDIS_USERNAME: &redisUser ""
NECTED_REDIS_PASSWORD: &redisPassword ""

Notes: No changes required if using the Nected-provided datastore.

🔍 Configure Elasticsearch / OpenSearch

In nected-values.yaml:

NECTED_ELASTIC_ENABLED: &elasticEnabled "true"
# possible values: managed / opensearch
NECTED_ELASTIC_PROVIDER: &elasticProvider managed
NECTED_ELASTIC_HOSTS: &elasticHost <http://elasticsearch-master:9200>
NECTED_ELASTIC_INSECURE_TLS: &elasticInsecureTls "true"
NECTED_ELASTIC_API_KEY: &elasticAPiKey ""
NECTED_ELASTIC_USER: &elasticUser elastic
NECTED_ELASTIC_PASSWORD: &elasticPassword esPass123

Optional: To disable audit logging:

NECTED_ELASTIC_ENABLED: &elasticEnabled "false"

Notes: No changes required if using the Nected-provided datastore.

🔐 Enable Credential Encryption at Rest

  1. Generate a private key and create a Kubernetes secret:

openssl genrsa -f4 -out encryption-at-rest 4096
kubectl create secret generic encryption-at-rest-secret --from-file encryption-at-rest
  1. In nected-values.yaml, uncomment the existingSecretMap block to use the secret.

Install Nected Services

  1. Install Temporal:

    helm upgrade -i temporal nected/temporal -f values/temporal-values.yaml
    
  2. Install Nected:

    helm upgrade -i nected nected/nected -f values/nected-values.yaml
    

Access the Application

Visit the application via your configured <<ui-domain>>. Log in using the default credentials defined in nected-values.yaml:

NECTED_USER_EMAIL: dev@nected.ai
NECTED_USER_PASSWORD: devPass123

Post-installation configuration

Once you have completed the installation process, consider performing the tasks below to configure and manage your Nected instance, enhancing its security and performance, specifically if it's intended for production use.

Last updated