Live Workshop: Integrate Google SecOps with Bindplane - Join Us on January 29th at 11 AM ET!Sign Up Now

Event Bus

BindPlane Event Bus Helm Configuration

When operating BindPlane in a distributed architecture, an external event bus must be configured.

NATS

The NATS event bus is BindPlane's embedded event bus, suitable for high availability without the need for external infrastructure.

NATS is configured by setting eventbus.type to nats.

yaml
1eventbus:
2  type: nats

Resource Tuning

When using NATS, three dedicated StatefulSet pods are deployed. You can set their resource allocation by setting nats.resources.

yaml
1eventbus:
2  type: nats
3
4nats:
5  resources:
6    requests:
7      memory: 1000Mi
8      cpu: 1000m
9    limits:
10      memory: 1000Mi

Google Pub/Sub

Automatic Authentication

Google Pub/Sub can be configured without credentials when using Google Application Default Credentials.

When running on a Google Kubernetes Engine cluster, BindPlane can authenticate to Pub/Sub without the use of a service account as long as the GKE node pool has the Required Scopes enabled.

yaml
1eventbus:
2  type: 'pubsub'
3  pubsub:
4    projectid: 'my-project'
5    topic: 'bindplane'

Service Account Credentials

If operating outside of Google Cloud, a service account JSON credential can be used. This example creates a secret named bindplane-pubsub which contains the service account JSON key.

bash
1kubectl create secret generic bindplane-pubsub \
2  --from-file=credentials.json
yaml
1eventbus:
2  type: 'pubsub'
3  pubsub:
4    projectid: 'my-project'
5    topic: 'bindplane'
6    credentials:
7      secret: bindplane-pubsub
8      subPath: credentials.json