# Installing Connectware (Kubernetes)

To install Connectware on Kubernetes, you must complete the following tasks:

1. Add the Helm chart repository.
2. Create a `values.yaml` file.
3. Install Connectware.
4. Verify the installation.
5. Log in for the first time.

## Prerequisites

Before you start with the Connectware installation, make sure that you meet the following prerequisites:

* You have a valid [license key](https://docs.cybus.io/2-0-6/documentation/installation-and-upgrades/licensing).
* Helm version 3 is installed on your system.
* The Kubernetes command line tool kubectl is configured and has access to the target installation.
* Your Kubernetes cluster fulfills the [Kubernetes cluster requirements](https://docs.cybus.io/2-0-6/getting-started/system-requirements#kubernetes-cluster-requirements).
* You have chosen a Kubernetes namespace as target for your installation (e.g. `cybus`).
* You have chosen a name for your installation (e.g. `connectware`).

## Adding the Helm Chart Repository

To use the Connectware Helm chart, add the Connectware Helm chart repository. This guide will assume you use the repository name `cybus`.

**Example**

{% code lineNumbers="true" %}

```sh
helm repo add [repo-name] https://repository.cybus.io/repository/connectware-helm
```

{% endcode %}

## Configuring the values.yaml File

The `values.yaml` file is the configuration file for an application that is deployed through Helm. The `values.yaml` file allows you to configure your Connectware installation. For example, edit deployment parameters, manage resources, and update your Connectware to a new version.

In this documentation, we will focus on a basic Kubernetes configuration and commonly used parameters.

{% hint style="info" %}
We recommend that you store the `values.yaml` file in a version control system.
{% endhint %}

### Creating a Copy of the Default values.yaml File

A Helm chart contains a default configuration. It is likely that you only need to customize some of the configuration parameters. We recommend that you create a copy of the default `values.yaml` file named `default-values.yaml` and a new, empty `values.yaml` file to customize specific parameters.

* Enter the following code to extract the default values and store them in a file named `default-values.yaml`.

**Example**

{% code lineNumbers="true" %}

```yaml
helm show values cybus/connectware > default-values.yaml
```

{% endcode %}

### Creating a values.yaml File

When you have created the `default-values.yaml` file, you can create the `values.yaml` file to add your custom configuration parameters.

* Enter the following code. Substitute the editor vi with your preferred editor.

**Example**

{% code lineNumbers="true" %}

```yaml
vi values.yaml
```

{% endcode %}

### Specifying the License Key

To install Connectware, you need a valid license key.

* In the `values.yaml` file, specify the license key in the Helm value `global.licensekey`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
```

{% endcode %}

### Specifying the Broker Cluster Secret

You must specify a secret for the broker cluster. The cluster secret value is used to secure your broker cluster, just like a password.

{% hint style="warning" %}
Treat the broker cluster secret with the same level of care as a password.
{% endhint %}

* In the `values.yaml` file, specify the broker cluster secret in the Helm value `global.broker.clusterSecret`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
```

{% endcode %}

### Allowing Immutable Labels

For a fresh Connectware installation, we recommend that you set best-practice labels on immutable workload objects like StatefulSet volumes.

* In the `values.yaml` file, set the Helm value `global.setImmutableLabels` to `true`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
  setImmutableLabels: true
```

{% endcode %}

### Configuring DNS Names in Helm Values

{% hint style="info" %}
If you are replacing the external Connectware CA certificate chain and manage `cybus_server.crt` manually, ensure that any DNS name with which you address Connectware or individual components is included. You can skip adding them to `global.ingressDNSNames`.
{% endhint %}

To enable external agents to connect to the Connectware Control Plane, you must configure the `global.ingressDNSNames` through Helm values. This setting defines the hostnames that will be included in the Connectware server certificate's (`cybus_server.crt`) Subject Alternative Names (SAN) section.

* Set the `global.ingressDNSNames` list in your Helm values to include all hostnames used for Connectware access.

**Example**

If the hostname on which Connectware is running is named `company.io`, set the Helm value to:

{% code lineNumbers="true" %}

```yaml
global:
  ingressDNSNames:
    - company.io
```

{% endcode %}

#### Hostname Formats

You can include multiple hostnames in the list. The certificate will include all specified names in its SAN section.

The configuration accepts various hostname formats:

* Wildcards (e.g., `*.company.io`)
* Subdomains (e.g., `connectware.company.io`)
* Custom hostnames (e.g., `localhost`)

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  ingressDNSNames:
    - company.io
    - localhost
    - *.company.io
    - connectware.company.io
    - 192.168.100.42
```

{% endcode %}

### Specifying the NATS Streaming Server Cluster Replica Count (Optional)

By default, Connectware uses three nodes for the control connection NATS streaming server cluster that is used for inter-service communication.

You may configure an odd number of nodes to suit your environment:

* **Increase the replica count** (e.g., 5) to improve redundancy. With 5 nodes, the redundancy factor increases from N+1 to N+2.
* **Reduce the replica count** (e.g., 1) for lightweight test environments. Note that a single-node setup provides no redundancy.
* Typical production configurations are 3 (default) or 5 nodes.

{% hint style="warning" %}
The replicas value is essential for the cluster configuration of the stream server and is shared across many Connectware components.

This setting can only be defined during the initial installation of Connectware and cannot be modified afterward. Do not attempt to scale the `nats` StatefulSet.
{% endhint %}

* In the `values.yaml` file, specify the number of NATS nodes in the Helm value `global.nats.replicas`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  nats:
    replicas: 5
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
  setImmutableLabels: true
```

{% endcode %}

### Specifying the Broker Cluster Replica Count (Optional)

By default, Connectware uses three nodes for the broker cluster that moves data. You can specify a custom number of broker nodes. For example, increase the broker nodes to handle higher data loads or decrease the broker nodes for a testing environment.

* In the `values.yaml` file, specify the number of broker nodes in the Helm value `global.broker.replicaCount`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
    replicaCount: 5
  setImmutableLabels: true
```

{% endcode %}

### Specifying Which StorageClass Connectware Should Use (Optional)

A broker cluster can contain several Kubernetes StorageClasses. You can specify which StorageClass Connectware should use.

* In the `values.yaml` file, specify the StorageClass in the Helm value `global.storage.storageClassName`.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
  setImmutableLabels: true
  storage:
    storageClassName: gp2 # example value
```

{% endcode %}

There are several configuration parameters to control the StorageClass of each volume that Connectware uses.

### Specifying CPU and Memory Resources (Optional)

By default, Connectware is configured for high-performance systems and according to the guaranteed Quality of Service (QoS) class. However, you can use the Kubernetes resource management values requests and limits to specify the CPU and memory resources that Connectware is allowed to use.

{% hint style="warning" %}
Adjusting CPU and memory resources can impact the performance and availability of Connectware. When you customize the settings for CPU and memory resources, make sure that you monitor the performance and make adjustments if necessary.
{% endhint %}

* In the `values.yaml` file, specify the CPU and memory limits and requests in the Helm value global.podResources. Specify the limits and requests as Kubernetes quantities.
* You can use the default values shipped with Connectware as a starting point. You can find these in your `default-values.yaml` file you created earlier.

**Example**

{% code lineNumbers="true" %}

```yaml
global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
  setImmutableLabels: true
  podResources:
    distributedProtocolMapper:
      limits:
        cpu: 2000m
        memory: 3000Mi
      requests:
        cpu: 1500m
        memory: 1500Mi
```

{% endcode %}

**Related Links**

* [Quality of service for pods (Kubernetes documentation)](https://kubernetes.io/docs/tasks/configure-pod-container/quality-service-pod/#create-a-pod-that-gets-assigned-a-qos-class-of-guaranteed)
* [Kubernetes resource management (Kubernetes documentation)](https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/)
* [Quantities (Kubernetes documentation)](https://kubernetes.io/docs/reference/glossary/?all=true#term-quantity)

## Starting the Connectware installation

When you are done customizing your installation through your Helm values, you can deploy Connectware onto your Kubernetes cluster.

1. Enter the following command: `helm install`
2. Specify the installation name. For example, `connectware`.
3. Specify the target namespace. For example, `cybus`.

**Example**

{% code lineNumbers="true" %}

```yaml
helm install [installation-name] cybus/connectware -f ./values.yaml -n [namespace] --create-namespace
```

{% endcode %}

This deploys Connectware according to your kubectl configuration.

## Verifying the Connectware installation

You can monitor the Connectware installation progress to verify that everything runs smoothly, to know when the installation is successful, or to investigate potential issues.

### Monitoring the Connectware installation progress

The Connectware installation can take a few minutes. To monitor the installation process, do one of the following:

* To monitor the current status of the installation process, enter the following command:

{% code lineNumbers="true" %}

```yaml
kubectl get pods -n <namespace>
```

{% endcode %}

* To monitor the continuous progress of the installation process, enter the following command:

{% code lineNumbers="true" %}

```yaml
while [ True ]; do clear; kubectl get pod -n <namespace>; sleep 5; done
```

{% endcode %}

* To stop monitoring the continuous progress of the installation process , press <kbd>Ctrl</kbd>+<kbd>C</kbd>.

### Pod stages during the Connectware installation

During the Connectware installation, the pods go through the following stages:

* Pending
* PodInitializing
* ContainerCreating
* Init:x/x
* Running

When pods reach the STATUS Running, they go through their individual startup before reporting as Ready. To be fully functional, all pods must reach the STATUS Running and report all their containers as ready. This is indicated by them showing the same number on both sides of the / in the column READY.

**Example**

{% code lineNumbers="true" %}

```yaml
kubectl get pod -n <namespace>
```

{% endcode %}

| NAME                                   | READY | STATUS  | RESTARTS | AGE   |
| -------------------------------------- | ----- | ------- | -------- | ----- |
| admin-web-app-7cd8ccfbc5-bvnzx         | 1/1   | Running | 0        | 3h44m |
| auth-server-5b8c899958-f9nl4           | 1/1   | Running | 0        | 3m3s  |
| broker-0                               | 1/1   | Running | 0        | 3h44m |
| broker-1                               | 1/1   | Running | 0        | 2m1s  |
| connectware-7784b5f4c5-g8krn           | 1/1   | Running | 0        | 21s   |
| container-manager-558d9c4cbf-m82bz     | 1/1   | Running | 0        | 3h44m |
| ingress-controller-6bcf66495c-l5dpk    | 1/1   | Running | 0        | 18s   |
| postgresql-0                           | 1/1   | Running | 0        | 3h44m |
| protocol-mapper-67cfc6c848-qqtx9       | 1/1   | Running | 0        | 3h44m |
| service-manager-f68ccb767-cftps        | 1/1   | Running | 0        | 3h44m |
| system-control-server-58f47c69bf-plzt5 | 1/1   | Running | 0        | 3h44m |
| workbench-5c69654659-qwhgc             | 1/1   | Running | 0        | 15s   |

At this point Connectware is installed and started. You can now make additional configurations or verify the installation status in the [Admin UI](https://docs.cybus.io/2-0-6/getting-started/admin-ui).

### Troubleshooting pod stages

If a pod is in another state than expected or if it is stuck at a certain stage for more than three minutes, there might be an issue.

* To investigate the pod status, enter the following command:

{% code lineNumbers="true" %}

```yaml
kubectl describe pod <podname>
```

{% endcode %}

For help on solving issues, see [Troubleshooting Connectware on Kubernetes](https://docs.cybus.io/2-0-6/documentation/connectware-on-kubernetes/troubleshooting-connectware-on-kubernetes).

## Logging into Connectware for the First Time

You can access the [Admin UI](https://docs.cybus.io/2-0-6/getting-started/admin-ui) through the Kubernetes LoadBalancer Service. In your new Connectware installation, the LoadBalancer is named `connectware`. How to access the LoadBalancer depends on which LoadBalancer provider your cluster offers.

1. To check if your load balancer provider has connected to the connectware service, enter the following command:

{% code lineNumbers="true" %}

```yaml
Kubectl -n <namespace> get svc/connectware
```

{% endcode %}

2. Depending on the result, do one of the following:
   1. If your IP address or hostname is displayed in the EXTERNAL-IP column, you can access the Admin UI through it.
   2. If no load balancer provider is available in your cluster, you can add an external load balancer.
3. To verify that the installation was successful, enter the following command to forward the service to your local machine through kubectl:

{% code lineNumbers="true" %}

```yaml
Kubectl -n <namespace> port-forward svc/connectware 10443:443
```

{% endcode %}

4. Enter <https://localhost:10443> to access the Admin UI. By default, Connectware rolls out its own PKI infrastructure.
5. Confirm the certificate warning in your browser.
6. Login with the following default credentials:
   * Username: `admin`
   * Password: `admin`

Important: After you log in for the first time, immediately change the username and password.

7. Click **Change Password** and change the default credentials.
8. Select **System** > **Status** and verify that all components have the status **Running**.

Result: Your Connectware on Kubernetes installation is now ready.

**Related Links**

* [LoadBalancer (Kubernetes documentation)](https://kubernetes.io/docs/concepts/services-networking/service/#loadbalancer)