Skip to main content

8 docs tagged with "Helm configuration"

View All Tags

Configure External Access through a NodePort Service

By default, Redpanda clusters are exposed through a NodePort Service. When the external.type field is set to NodePort, the Helm chart creates a NodePort Service that routes external traffic to the following listeners on the Redpanda brokers:

Configure Redpanda SASL in Kubernetes

Simple Authentication and Security Layer (SASL) is a method for adding authentication support to connection-based protocols. When using the Redpanda Helm chart, SASL provides authentication between the server and client. To encrypt communication, use TLS encryption. You must use TLS encryption to have secure authentication using SASL.

Configure TLS in Kubernetes

Redpanda supports Transport Layer Security (TLS) encryption in Kubernetes. For certificate management, the Redpanda Helm chart uses cert-manager with either a self-signed Issuer or your own custom Issuer.

Enable Rack Awareness in Kubernetes

When you enable rack awareness in the Redpanda Helm chart, Kubernetes failure zones are treated as racks. Redpanda maps each rack to a failure zone and places partition replicas across them. For more details about Kubernetes failure zones, see the Kubernetes documentation.

Networking and Connectivity in Kubernetes

Clients must be able to connect directly to each Pod that runs a Redpanda broker. For example, to write to or read from a given partition, clients connect directly to the leader broker that hosts that partition.