Kubernetes

This guide explains how to install Nected on a Kubernetes cluster using official Helm charts. This method is suitable for staging and production environments that require high availability, scalability, and better operational control.

Pre-requisites:

These requirements are specific to deploying Nected on a Kubernetes cluster using Helm.

Kubernetes Cluster

Ensure you have a functional Kubernetes cluster set up. You can use:

AWS EKS
Azure AKS
GKE
Minikube (dev/test only)
Kind (dev/test only)

Cluster access should be available via the kubectl CLI.

Required Packages

Install and configure the following packages:

kubectl – matches your Kubernetes cluster version.
Helm – version v3.x or later.

Domain Setup and Ingress Configuration

Configure three fully qualified domain names (FQDNs) pointing to your ingress controller:

Service

Values Placeholder

Example Domain

UI (Konark)

<<ui-domain>>

app.example.com

Backend API (Nalanda)

<<backend-domain>>

api.example.com

Router (Vidhaan)

<<router-domain>>

router.example.com

Update your DNS provider (e.g., Cloudflare, Route53) to point these domains to your ingress controller’s external IP.

System Specifications

Resource

Minimum (Dev/Test)

Recommended (Prod)

CPU

4 cores

8+ cores

RAM

8 GB

16+ GB

Storage

30 GB

100 GB (SSD/NVMe)

Databases and Caching Services

Proper configuration of these services is required for Nected functionality:

Service

Mandatory

Purpose

Configuration

PostgreSQL

✔️

Stores rules, workflows, metadata

Configure user, password, host, port, database name, connection pooling

Redis

✔️

Caching and internal state management

Configure host, port, TLS if needed; additional Redis clusters if required

Elasticsearch / OpenSearch

Optional

Stores audit and execution logs

Configure ELASTIC_PROVIDER as managed or opensearch in nected-values.yaml

For Dev Environments: Use Nected’s datastore chart if you don’t have PostgreSQL, Redis, or Elasticsearch installed:

Datastore values
Install chart: helm upgrade -i datastore nected/datastore -f datastore-values.yaml

🛠️ Installation Steps

Follow these installation steps to deploy Nected over Kubernetes Cluster:

📦 Add Helm Repo

helm repo add nected <https://nected.github.io/helm-charts>

📄 Download Sample Values Files

🌐 Configure Scheme and Domains

In nected-values.yaml, replace the following placeholders:

Values Placeholder

Replace With

<<scheme>>

http or https

<<ui-domain>>

app.xyz.com

<<backend-domain>>

api.xyz.com

<<router-domain>>

router.xyz.com

🔐 Configure default user credentials

In nected-values.yaml:

NECTED_UI_USER_NAME: &uiUserName [email protected]
NECTED_UI_USER_PASSWORD: &uiUserPassword devPass123

🗄️ Configure PostgreSQL

In temporal-values.yaml:

NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort 5432
NECTED_PG_TLS_ENABLED: &pgTlsEnabled false
NECTED_PG_HOST_VERIFICATIO: &pgHostVerification false

In nected-values.yaml:

NECTED_PG_HOST: &pgHost datastore-postgresql
NECTED_PG_DATABASE: &pgDatabase nected
NECTED_PG_USER: &pgUser nected
NECTED_PG_PASSWORD: &pgPassword psqlPass123
NECTED_PG_PORT: &pgPort "5432"
NECTED_PG_SSL_MODE: &pgSslMode disable

Azure PostgreSQL Flexible Server

Go to the Azure Portal, Navigate to your PostgreSQL Flexible Server instance.
Open “Server Parameters”, In the left-side menu under Settings, click “Server Parameters”.
Find the azure.extensions parameter, Search for azure.extensions using the search bar.
Add btree_gin to the list, If btree_gin is not already listed, append it to the existing list. Example: hstore,pg_trgm,btree_gin
Click Save, This change will not restart the server—it takes effect immediately. Create the Extension in Your Database.

After enabling it in parameters:

CREATE EXTENSION IF NOT EXISTS btree_gin;

Notes: No changes required if using the Nected-provided datastore.

🧠 Configure Redis

In nected-values.yaml:

NECTED_REDIS_TLS_ENABLED: &redisTlsEnabled "false"
NECTED_REDIS_INSECURE_TLS: &redisInsecureTls "true"
NECTED_REDIS_HOST_PORT: &redisHostPort datastore-redis-master:6379
NECTED_REDIS_HOST: &redisHost datastore-redis-master
NECTED_REDIS_PORT: &redisPort "6379"
NECTED_REDIS_USERNAME: &redisUser ""
NECTED_REDIS_PASSWORD: &redisPassword ""

Notes: No changes required if using the Nected-provided datastore.

🔍 Configure Elasticsearch / OpenSearch

In nected-values.yaml:

NECTED_ELASTIC_ENABLED: &elasticEnabled "true"
# possible values: managed / opensearch
NECTED_ELASTIC_PROVIDER: &elasticProvider managed
NECTED_ELASTIC_HOSTS: &elasticHost <http://elasticsearch-master:9200>
NECTED_ELASTIC_INSECURE_TLS: &elasticInsecureTls "true"
NECTED_ELASTIC_API_KEY: &elasticAPiKey ""
NECTED_ELASTIC_USER: &elasticUser elastic
NECTED_ELASTIC_PASSWORD: &elasticPassword esPass123

Optional: To disable audit logging:

NECTED_ELASTIC_ENABLED: &elasticEnabled "false"

Notes: No changes required if using the Nected-provided datastore.

The step below, "Enable Credential Encryption at Rest", is now deprecated. And users don't have to perform this step. As the helm-chart will auto-create the encryption-at-rest-secret secret, which will be used to encrypt sensitive data in the database.

Enable Credential Encryption at Rest (Deprecated)

Generate a private key and create a Kubernetes secret:

openssl genrsa -f4 -out encryption-at-rest 4096
kubectl create secret generic encryption-at-rest-secret --from-file encryption-at-rest

In nected-values.yaml, uncomment the existingSecretMap block to use the secret.

Install Nected Services

Install Temporal:

helm upgrade -i temporal nected/temporal -f values/temporal-values.yaml

Install Nected:

helm upgrade -i nected nected/nected -f values/nected-values.yaml

Access the Application

Visit the application via your configured <<ui-domain>>. Log in using the default credentials defined in nected-values.yaml:

NECTED_USER_EMAIL: [email protected]
NECTED_USER_PASSWORD: devPass123

Post-installation configuration

Once you have completed the installation process, consider performing the tasks below to configure and manage your Nected instance, enhancing its security and performance, specifically if it's intended for production use.

Additional Configurations

Configure database, environment variables, monitoring, logging, and scaling recommendations.

PreviousAzure NextSet Up Kubernetes Cluster on AWS EKS

Last updated 2 months ago

hashtagPre-requisites:

hashtagKubernetes Cluster

hashtagRequired Packages

hashtagDomain Setup and Ingress Configuration

hashtagSystem Specifications

hashtagDatabases and Caching Services

hashtag🛠️ Installation Steps

hashtag📦 Add Helm Repo

hashtag📄 Download Sample Values Files

hashtag🌐 Configure Scheme and Domains

hashtag🔐 Configure default user credentials

hashtag🗄️ Configure PostgreSQL

hashtag🧠 Configure Redis

hashtag🔍 Configure Elasticsearch / OpenSearch

hashtagInstall Nected Services

hashtagAccess the Application

hashtagPost-installation configuration

Pre-requisites:

Kubernetes Cluster

Required Packages

Domain Setup and Ingress Configuration

System Specifications

Databases and Caching Services

🛠️ Installation Steps

📦 Add Helm Repo

📄 Download Sample Values Files

🌐 Configure Scheme and Domains

🔐 Configure default user credentials

🗄️ Configure PostgreSQL

🧠 Configure Redis

🔍 Configure Elasticsearch / OpenSearch

Install Nected Services

Access the Application

Post-installation configuration