This repository contains a Juju Charm for deploying NATS on virtual machines (LXD). This charm provides a way to deploy a NATS core cluster.
Current features:
- installation of nats-server via a snap (either from the store or a resource);
- clustering with route URLs automatically added to the config of each unit;
- debug options.
- TLS support
- NATS core does not have message persistence so leadership is not used for ordering of addition of units to the cluster - they come up as they are added and for a full mesh;
- Route URLs are added to all other peers on each unit so that there is no dependency on a particular unit for discovering others;
- Official NATS clients are multi-endpoint aware and will attempt to connect to a random NATS server and find the one that is alive so there is no need for a cluster virtual IP. Therefore, different NATS units can be in different subnets and are not tied to a shared L2 domain.
To deploy a single unit of NATS using its default configuration
juju deploy <nats-charm-dir>
To deploy a cluster with multiple members
juju deploy <nats-charm-dir> -n 3
juju config nats debug=true trace=true
juju ssh --unit nats/0
journalctl -f -u snap.nats.server.service
Supported relations:
The Charmed NATS Operator supports a nats
interface to allow clients to connect
to the NATS cluster.
provides:
client:
interface: nats
juju v2.x:
juju relate nats application
juju v3.x
juju integrate nats application
To remove a relation:
juju remove-relation nats application
The Charmed NATS Operator also supports TLS encryption on connections.
requires:
ca-client:
interface: tls-certificates
To enable TLS:
# Deploy the TLS Certificates Operator.
# The Vault charm implements the same interface.
juju deploy cs:~containers/easyrsa
juju relate nats easyrsa
Note: The CA certificate obtained via a relation to the CA charm will also be exposed for NATS charm clients.
The NATS charm has a peer relation to enable clustring for the NATS operator
peers:
cluster:
interface: nats-cluster
This charm can integrate with the LMA stack and can expose metrics for observability through this relation.
provides:
nrpe-external-master:
interface: nrpe-external-master
scope: container
Security issues in the NATS Operator can be reported through LaunchPad on the Anbox Cloud project. Please do not file GitHub issues about security issues.
Please see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.
The Charmed NATS Operator is distributed under the Apache Software License, version 2.0. It installs/operates/depends on NATS, which is licensed under Apache Software License, version 2.0 as well.