Best Practices for Redpanda in Kubernetes
This topic explains Redpanda's tips and recommendations for Kubernetes deployments.
This topic explains Redpanda's tips and recommendations for Kubernetes deployments.
By default, Redpanda clusters are exposed through a NodePort Service. When the external.type field is set to NodePort, the Helm chart creates a NodePort Service that routes external traffic to the following listeners on the Redpanda brokers:
To expose your Redpanda cluster externally though load balancers, you must do the following:
You can customize the advertised ports for each listener on all Redpanda brokers, or disable listeners altogether.
Simple Authentication and Security Layer (SASL) is a method for adding authentication support to connection-based protocols. When using the Redpanda Helm chart, SASL provides authentication between the server and client. To encrypt communication, use TLS encryption. You must use TLS encryption to have secure authentication using SASL.
Redpanda brokers must store their data on disk. You can customize the Helm chart to use the following storage types:
Redpanda supports Transport Layer Security (TLS) encryption in Kubernetes. For certificate management, the Redpanda Helm chart uses cert-manager with either a self-signed Issuer or your own custom Issuer.
This topic describes how to use the Redpanda Helm chart to deploy a Redpanda cluster on Kubernetes.
When you enable rack awareness in the Redpanda Helm chart, Kubernetes failure zones are treated as racks. Redpanda maps each rack to a failure zone and places partition replicas across them. For more details about Kubernetes failure zones, see the Kubernetes documentation.
This topic is a checklist with the prerequisites and system requirements for installing production Redpanda in a Kubernetes cluster using the Helm chart.
Clients must be able to connect directly to each Pod that runs a Redpanda broker. For example, to write to or read from a given partition, clients connect directly to the leader broker that hosts that partition.
Kubernetes is a container orchestration tool that helps you to manage Redpanda cluster deployments using declarative configuration files called manifests.
To get the best performance from your hardware, set Redpanda to production mode on each worker node and run the auto-tuning tool. The auto-tuning tool identifies the hardware configuration on your worker node and optimizes the Linux kernel to give you the best performance.