LogoLogo
Contact Uscybus.io
Connectware 1.11.0
Connectware 1.11.0
  • Getting Started
    • Introduction
    • System Requirements
    • Connectware Admin UI
    • Basic Components of Connectware
    • Connecting your First Machine
      • Your First Service Commissioning File
  • Documentation
    • Installation and Upgrades
      • Installing Connectware
        • Installing Connectware (Kubernetes)
        • Installing Connectware (Docker)
      • Upgrading Connectware
        • Upgrading Connectware (Kubernetes)
          • Version-Specific Upgrades (Kubernetes)
        • Upgrading Connectware (Docker)
          • Version-Specific Upgrades (Docker)
      • Uninstalling Connectware
        • Uninstalling Connectware (Kubernetes)
        • Uninstalling Connectware (Docker)
      • Licensing
      • Restarting Connectware
    • User Management
      • Users and Roles View
      • Users
      • Roles
      • Permissions
      • Password Policy Rules
      • Default Admin User
      • MQTT Users
      • Adding a MQTT Publish Prefix for Users
      • Multi-Factor Authentication
      • Single Sign-On (SS0)
        • Single Sign-On with Microsoft Entra ID
        • Single Sign-On with LDAP
      • JSON Web Tokens
      • Access Permissions for Admin-UI
        • UI Access
        • Minimum Access Role Pages
    • Services
      • Service Overview
      • Service Resources View
        • Service Links View
        • Servers View
        • Containers View
        • Volumes View
        • Connections View
        • Endpoints View
        • Mappings View
      • Service Details View
      • Service Commissioning Files
        • Version
        • Description
        • Metadata
        • Parameters
        • Definitions
        • Resources
          • Cybus::Connection
          • Cybus::Container
            • Docker Problem with Network Changes
          • Cybus::Endpoint
          • Cybus::File
          • Cybus::IngressRoute
          • Cybus::Link
          • Cybus:Mapping
          • Cybus::Node
          • Cybus::Role
          • Cybus::Server
          • Cybus::User
          • Cybus::Volume
      • Setting Up and Configuring Services
        • Installing Services
        • Enabling Services
        • Updating Services
        • Disabling Services
        • Deleting Services
      • FlowSync
        • Example 1 - Node with Transaction Mode (HTTP)
        • Example 2 - Node Responds (HTTP)
        • Example 3 - Node with Error (HTTP)
        • Example 4 - Node with Timeout Error Code and Error Message (HTTP)
        • Example 5 - Full Transactional Data Flow (HTTP)
        • Example 6 - Full Transactional Data Flow (OPC UA)
      • ServiceID
      • Inter-Service Referencing
      • Deviations
      • Service Logs
        • Logs of Individual Services
        • Logs of All Services
      • Rule Engine
        • Data Processing Rules
        • Rule Sandbox
      • Shared Subscriptions
        • Setting Up Shared Subscriptions
    • Agents
      • Agents View
      • Installing Agents
        • Installing Agents via Docker
        • Installing Agents via Docker Compose
        • Installing Agents via Kubernetes
        • Using Mutual TLS for Agents
      • Registering Agents in Connectware
      • Using Agents
      • Monitoring Agents
      • Agents in Kubernetes
        • Adding Agents Inside your Connectware Installation
        • Remote Agents with the connectware-agent Helm Chart
        • Kubernetes Cluster Requirements for the connectware-agent Helm Chart
        • Installing Connectware Agents using the connectware-agent Helm Chart
        • Installing Connectware Agents without a License Key Using the connectware-agent Helm Chart
        • Upgrading the connectware-agent Helm Chart
        • Uninstalling Connectware agents with the connectware-agent Helm chart
        • Configuration Principles for the connectware-agent Helm Chart
        • Configuring Agents with the connectware-agent Helm Chart
          • Configuring Target Connectware for the connectware-agent Helm Chart
          • Configuring Agent Persistence for the connectware-agent Helm Chart
          • Configuring Compute Resources for the connectware-agent Helm Chart
          • Using a Custom Image Registry for the connectware-agent Helm Chart
          • Configuring Image Pull Policy for the connectware-agent Helm Chart
          • Using Mutual Transport Layer Security (mTLS) for agents with the connectware-agent Helm chart
          • Configuring image name and version for the connectware-agent Helm chart
          • Configuring Environment Variables for the connectware-agent Helm Chart
          • Configuring Labels and Annotations for the connectware-agent Helm Chart
          • Configuring podAntiAffinity for the connectware-agent Helm Chart
          • Assigning Agents to Kubernetes Nodes for the connectware-agent Helm Chart
          • Configuring Security Context for the connectware-agent Helm Chart
          • Controlling the Name of Kubernetes Objects for the connectware-agent Helm Chart
      • Troubleshooting Agents
    • Client Registry
      • Implicit Flow
      • Explicit Flow
      • Granting Access
    • Certificates
      • Certificates View
      • Adding Certificates
      • Removing Certificates
    • Monitoring
      • Data Explorer
      • Live Data
    • Node-RED Workbench
    • System Status
      • System Container Status
      • Internet Connectivity Status
      • Metrics (Data Points and Messages)
      • Agents Status
      • License Information
      • System Information
    • Backup and Restore
      • Volumes
      • User Database
    • CybusMQ
      • Configuring CybusMQ
    • Connectware on Kubernetes
      • Connectware Helm Chart
      • Resizing Broker Volumes in Kubernetes
      • Configuring Core Services
      • LDAP Authentication
        • Configuring LDAP Authentication
        • Enabling TLS for LDAP Authentication
        • Manual Kubernetes Secret for LDAP Authentication Bind User
        • Customizing the Search Filter for LDAP Authentication
        • Customizing the User RDN for LDAP Authentication
      • Troubleshooting Connectware on Kubernetes
    • Environment Variables
    • Industry Protocol Details
      • ADS
        • ADS Connection Properties
        • ADS Endpoint Properties
      • BACnet
        • BACnet Connection Properties
        • BACnet Endpoint Properties
      • Custom Connectors
        • Developing Custom Connectors
        • Deploying Custom Connectors
        • Using Custom Connectors
      • EtherNet/IP
        • EtherNet/Ip Connection Properties
        • EtherNet/Ip Endpoint Properties
      • FOCAS
        • FOCAS Connection Properties
        • FOCAS Endpoint Properties
      • Hottinger Baldwin Messtechnik (HBM)
        • HBM Connection Properties
        • HBM Endpoint Properties
      • Heidenhain DNC
        • Heidenhain DNC Connection Properties
        • Heidenhain DNC Endpoint Properties
      • HTTP/REST
        • HTTP/REST Connection Properties
        • HTTP/REST Endpoint Properties
      • HTTP Server/Node
        • HTTP Server Properties
        • HTTP Node Properties
      • InfluxDB
        • InfluxDB Connection Properties
        • InfluxDB Endpoint Properties
      • Kafka
        • Kafka Connection Properties
        • Kafka Endpoint Properties
      • Modbus/TCP
        • Modbus/TCP Connection Properties
        • Modbus/TCP Endpoint Properties
      • MQTT
        • MQTT Connection Properties
        • MQTT Endpoint Properties
      • MSSQL
        • Mssql Connection Properties
        • Mssql Endpoint Properties
      • OPC DA
        • OPC DA Connection Properties
        • OPC DA Endpoint Properties
      • OPC UA
        • OPC UA Client
          • OPC UA Client Connection Properties
          • OPC UA Client Endpoint Properties
        • OPC UA Server
          • OPC UA Server Properties
          • OPC UA Node Properties
        • OPC UA Object Types
        • OPC UA Server References
          • OPC UA Reference Node
          • OPC UA Object Node
      • Siemens SIMATIC S7
        • Siemens S7 Connection Properties
        • Siemens S7 Endpoint Properties
      • Shdr
        • Shdr Connection Properties
        • Shdr Endpoint Properties
      • SINUMERIK
        • SINUMERIK Connection Properties
        • SINUMERIK Endpoint Properties
      • SOPAS
        • SOPAS Connection Properties
        • SOPAS Endpoint Properties
      • SQL
        • SQL Connection Properties
        • SQL Endpoint Properties
      • Werma WIN Ethernet
        • Werma WIN Ethernet Connection Properties
        • Werma WIN Ethernet Endpoint Properties
      • Systemstate
        • Systemstate Endpoint Properties
    • API Reference
      • User Management (API)
      • Client Registry (API)
      • Services (API)
      • Resources (API)
      • System Status (API)
      • Resource Status Tracking (HTTP API)
      • Industry Protocol Details (API)
    • Changelog
Powered by GitBook
LogoLogo

Cybus

  • Terms and Condition
  • Imprint
  • Data Privacy

© Copyright 2025, Cybus GmbH

On this page
  • Prerequisites
  • Adding the Helm Chart Repository
  • Configuring the values.yaml File
  • Creating a Copy of the Default values.yaml File
  • Creating a values.yaml File
  • Specifying the License Key
  • Specifying the Broker Cluster Secret
  • Allowing Immutable Labels
  • Configuring DNS Names in Helm Values
  • Specifying the Broker Cluster Replica Count (Optional)
  • Activating a Separate control-plane Broker (Optional)
  • Specifying Which StorageClass Connectware Should Use (Optional)
  • Specifying CPU and Memory Resources (Optional)
  • Starting the Connectware installation
  • Verifying the Connectware installation
  • Monitoring the Connectware installation progress
  • Pod stages during the Connectware installation
  • Troubleshooting pod stages
  • Logging into Connectware for the First Time

Was this helpful?

  1. Documentation
  2. Installation and Upgrades
  3. Installing Connectware

Installing Connectware (Kubernetes)

PreviousInstalling ConnectwareNextInstalling Connectware (Docker)

Last updated 14 days ago

Was this helpful?

To install Connectware on Kubernetes, you must complete the following tasks:

  1. Add the Helm chart repository.

  2. Create a values.yaml file.

  3. Install Connectware.

  4. Verify the installation.

  5. Log in for the first time.

Prerequisites

Before you start with the Connectware installation, make sure that you meet the following prerequisites:

  • You have a valid .

  • Helm version 3 is installed on your system.

  • The Kubernetes command line tool kubectl is configured and has access to the target installation.

  • Your Kubernetes cluster fulfills the cluster requirements.

  • You have chosen a Kubernetes namespace as target for your installation (e.g. cybus).

  • You have chosen a name for your installation (e.g. connectware).

Adding the Helm Chart Repository

To use the Connectware Helm chart, add the Connectware Helm chart repository.

Example

helm repo add <local-repo> https://repository.cybus.io/repository/connectware-helm

Configuring the values.yaml File

The values.yaml file is the configuration file for an application that is deployed through Helm. The values.yaml file allows you to configure your Connectware installation. For example, edit deployment parameters, manage resources, and update your Connectware to a new version.

In this documentation, we will focus on a basic Kubernetes configuration and commonly used parameters.

We recommend that you store the values.yaml file in a version control system.

Creating a Copy of the Default values.yaml File

A Helm chart contains a default configuration. It is likely that you only need to customize some of the configuration parameters. We recommend that you create a copy of the default values.yaml file named default-values.yaml and a new, empty values.yaml file to customize specific parameters.

  • Enter the following code to extract the default values and store them in a file named default-values.yaml.

Example

helm show values cybus/connectware > default-values.yaml

Creating a values.yaml File

When you have created the default-values.yaml file, you can create the values.yaml file to add your custom configuration parameters.

  • Enter the following code. Substitute the editor vi with your preferred editor.

Example

vi values.yaml

Specifying the License Key

To install Connectware, you need a valid license key.

  • In the values.yaml file, specify the license key in the Helm value global.licenseKey.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value

Specifying the Broker Cluster Secret

You must specify a secret for the broker cluster. The cluster secret value is used to secure your broker cluster, just like a password.

Treat the broker cluster secret with the same level of care as a password.

  • In the values.yaml file, specify the broker cluster secret in the Helm value global.broker.clusterSecret.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
    broker:
        clusterSecret: Uhoo:RahShie6goh # example value

Allowing Immutable Labels

For a fresh Connectware installation, we recommend that you set best-practice labels on immutable workload objects like StatefulSet volumes.

  • In the values.yaml file, set the Helm value global.setImmutableLabels to true.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
    broker:
        clusterSecret: Uhoo:RahShie6goh # example value
    setImmutableLabels: true

Configuring DNS Names in Helm Values

To enable external agents to connect to the Connectware Control Plane, you must configure the global.ingressDnsNames through Helm values. This setting defines the hostnames that will be included in the NATS server certificate's Subject Alternative Names (SAN) section.

This certificate configuration only affects the cybus_nats_server.crt file. Any hostnames that you specify in the global.ingressDnsNames list will not be included in the cybus_server.crt certificate that is used by other services such as the Admin UI.

  • Set the global.ingressDnsNames list in your Helm values to include all hostnames used for Connectware access.

Example

If the hostname on which Connectware is running is named company.io, set the Helm value to:

global:
    ingressDnsNames:
        - company.io

Hostname Formats

You can include multiple hostnames in the list. The certificate will include all specified names in its SAN section.

The configuration accepts various hostname formats:

  • Wildcards (e.g., *.company.io)

  • Subdomains (e.g., connectware.company.io)

  • Custom hostnames (e.g., localhost)

Example

global:
  ingressDnsNames:
    - company.io
    - localhost
    - *.company.io
    - connectware.company.io
    - 192.168.100.42

Specifying the Broker Cluster Replica Count (Optional)

By default, Connectware uses three nodes for the broker cluster that moves data. You can specify a custom number of broker nodes. For example, increase the broker nodes to handle higher data loads or decrease the broker nodes for a testing environment.

  • In the values.yaml file, specify the number of broker nodes in the Helm value global.broker.replicaCount.

Example

global:
  licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
  broker:
    clusterSecret: Uhoo:RahShie6goh # example value
    replicaCount: 5
  setImmutableLabels: true
    clusterSecret: ahciaruighai_t2G # example value

Activating a Separate control-plane Broker (Optional)

By default, Connectware uses the same broker for data payload processing and control-plane communication. You can use a separate control-plane broker. This might be useful for production environments, as it provides higher resilience and better manageability in cases of the data broker becomes slow to respond due to high load.

  1. In the values.yaml file, set the Helm valueglobal.controlPlaneBroker.enabledtotrue.

  2. Specify a broker cluster secret in the Helm value global.controlPlaneBroker.clusterSecret.

Important: Treat the broker cluster secret with the same level of care as a password.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
    broker:
        clusterSecret: Uhoo:RahShie6goh # example value
    setImmutableLabels: true
    controlPlaneBroker:
        enabled: true
        clusterSecret: ahciaruighai_t2G # example value

You can activate/deactivate this option within a scheduled maintenance window.

Specifying Which StorageClass Connectware Should Use (Optional)

A broker cluster can contain several Kubernetes StorageClasses. You can specify which StorageClass Connectware should use.

  • In the values.yaml file, specify the StorageClass in the Helm value global.storage.storageClassName.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
    broker:
        clusterSecret: Uhoo:RahShie6goh # example value
    setImmutableLabels: true
    storage:
        storageClassName: gp2 # example value

There are several configuration parameters to control the StorageClass of each volume that Connectware uses.

Specifying CPU and Memory Resources (Optional)

By default, Connectware is configured for high-performance systems and according to the guaranteed Quality of Service (QoS) class. However, you can use the Kubernetes resource management values requests and limits to specify the CPU and memory resources that Connectware is allowed to use.

Adjusting CPU and memory resources can impact the performance and availability of Connectware. When you customize the settings for CPU and memory resources, make sure that you monitor the performance and make adjustments if necessary.

  • In the values.yaml file, specify the CPU and memory limits and requests in the Helm value global.podResources. Specify the limits and requests as Kubernetes quantities.

  • You can use the default values shipped with Connectware as a starting point. You can find these in your default-values.yaml file you created earlier.

Example

global:
    licensekey: cY9HiVZJs8aJHG1NVOiAcrqC_ # example value
    broker:
        clusterSecret: Uhoo:RahShie6goh # example value
    setImmutableLabels: true
    podResources:
        distributedProtocolMapper:
            limits:
                cpu: 2000m
                memory: 3000Mi
            requests:
                cpu: 1500m
                memory: 1500Mi

Related Links

Starting the Connectware installation

When you are done customizing your installation through your Helm values, you can deploy Connectware onto your Kubernetes cluster.

  1. Enter the following command: helm install

  2. Specify the installation name. For example, connectware.

  3. Specify the target namespace. For example, cybus.

Example

helm install <installation-name> cybus/connectware -f ./values.yaml -n <namespace> --create-namespace

This deploys Connectware according to your kubectl configuration.

Verifying the Connectware installation

You can monitor the Connectware installation progress to verify that everything runs smoothly, to know when the installation is successful, or to investigate potential issues.

Monitoring the Connectware installation progress

The Connectware installation can take a few minutes. To monitor the installation process, do one of the following:

  • To monitor the current status of the installation process, enter the following command:

kubectl get pods -n <namespace>
  • To monitor the continuous progress of the installation process, enter the following command:

while [ True ]; do clear; kubectl get pod -n <namespace>; sleep 5; done
  • To stop monitoring the continuous progress of the installation process , press Ctrl+C.

Pod stages during the Connectware installation

During the Connectware installation, the pods go through the following stages:

  • Pending

  • PodInitializing

  • ContainerCreating

  • Init:x/x

  • Running

When pods reach the STATUS Running, they go through their individual startup before reporting as Ready. To be fully functional, all pods must reach the STATUS Running and report all their containers as ready. This is indicated by them showing the same number on both sides of the / in the column READY.

Example

$ kubectl get pod -n <namespace>
NAME
READY
STATUS
RESTARTS
AGE

admin-web-app-7cd8ccfbc5-bvnzx

1/1

Running

0

3h44m

auth-server-5b8c899958-f9nl4

1/1

Running

0

3m3s

broker-0

1/1

Running

0

3h44m

broker-1

1/1

Running

0

2m1s

connectware-7784b5f4c5-g8krn

1/1

Running

0

21s

container-manager-558d9c4cbf-m82bz

1/1

Running

0

3h44m

ingress-controller-6bcf66495c-l5dpk

1/1

Running

0

18s

postgresql-0

1/1

Running

0

3h44m

protocol-mapper-67cfc6c848-qqtx9

1/1

Running

0

3h44m

service-manager-f68ccb767-cftps

1/1

Running

0

3h44m

system-control-server-58f47c69bf-plzt5

1/1

Running

0

3h44m

workbench-5c69654659-qwhgc

1/1

Running

0

15s

Troubleshooting pod stages

If a pod is in another state than expected or if it is stuck at a certain stage for more than three minutes, there might be an issue.

  • To investigate the pod status, enter the following command:

kubectl describe pod <podname>

Logging into Connectware for the First Time

You can access the Connectware Admin UI through the Kubernetes LoadBalancer Service. In your new Connectware installation, the LoadBalancer is named connectware. How to access the LoadBalancer depends on which LoadBalancer provider your cluster offers.

  1. To check if your load balancer provider has connected to the connectware service, enter the following command:

Kubectl -n <namespace> get svc/connectware
  1. Depending on the result, do one of the following:

    1. If your IP address or hostname is displayed in the EXTERNAL-IP column, you can access the Connectware Admin UI through it.

    2. If no load balancer provider is available in your cluster, you can add an external load balancer.

  2. To verify that the installation was successful, enter the following command to forward the service to your local machine through kubectl:

Kubectl -n <namespace> port-forward svc/connectware 10443:443
  1. Enter https://localhost:10443 to access the Connectware Admin UI. By default, Connectware rolls out its own PKI infrastructure.

  2. Confirm the certificate warning in your browser.

  3. Login with the following default credentials:

    • Username: admin

    • Password: admin

Important: After you log in for the first time, immediately change the username and password.

  1. Click Change Password and change the default credentials.

  2. Select System > Status and verify that all components have the status Running.

Result: Your Connectware on Kubernetes installation is now ready.

Related Links

At this point Connectware is installed and started. You can now make additional configurations or verify the installation status in the .

For help on solving issues, see .

license key
Quality of service for pods (Kubernetes documentation)
Kubernetes resource management (Kubernetes documentation)
Quantities (Kubernetes documentation)
Connectware Admin UI
Troubleshooting Connectware on Kubernetes
LoadBalancer (Kubernetes documentation)