From 1d45f96b27207b4bd0f04cfda9274e3fba7df709 Mon Sep 17 00:00:00 2001 From: DDany Date: Tue, 3 Feb 2026 22:13:24 +0100 Subject: [PATCH 1/9] feat(connect-priorityClassName): add priorityClassName to deployment --- charts/connect/templates/deployment.yaml | 3 +++ charts/connect/tests/deployment_test.yaml | 18 ++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/charts/connect/templates/deployment.yaml b/charts/connect/templates/deployment.yaml index 4122cfaa69..b9f064555d 100644 --- a/charts/connect/templates/deployment.yaml +++ b/charts/connect/templates/deployment.yaml @@ -123,6 +123,9 @@ spec: mountPath: "/streams" readOnly: true {{- end }} + {{- with .Values.deployment.priorityClassName }} + priorityClassName: {{ . }} + {{- end }} {{- with .Values.nodeSelector }} nodeSelector: {{- toYaml . | nindent 8 }} diff --git a/charts/connect/tests/deployment_test.yaml b/charts/connect/tests/deployment_test.yaml index ee16788c01..e09c914cb6 100644 --- a/charts/connect/tests/deployment_test.yaml +++ b/charts/connect/tests/deployment_test.yaml @@ -240,6 +240,24 @@ tests: name: my-config-map name: streams + - it: should not set priorityClassName by default + set: + deployment: + rolloutConfigMap: false + asserts: + - isNull: + path: spec.template.spec.priorityClassName + + - it: should set priorityClassName when specified + set: + deployment: + rolloutConfigMap: false + priorityClassName: high-priority + asserts: + - equal: + path: spec.template.spec.priorityClassName + value: high-priority + - it: should allow custom volume mounts set: deployment: From 2bb4cd8f98d0428dcb91005a688e0277768c7e7b Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:00:42 +0100 Subject: [PATCH 2/9] chore(values): default value in `values.yaml` file --- charts/connect/values.yaml | 29 ++++++++++++++--------------- 1 file changed, 14 insertions(+), 15 deletions(-) diff --git a/charts/connect/values.yaml b/charts/connect/values.yaml index 2fde4d825c..943cf2687e 100644 --- a/charts/connect/values.yaml +++ b/charts/connect/values.yaml @@ -58,6 +58,12 @@ deployment: # -- Restart policy for containers in the Pod. restartPolicy: Always + # -- Kubernetes PriorityClass name to assign to Redpanda Connect Pods. + # The specified PriorityClass must already exist in the cluster before deployment. + # Leave empty (default) for standard scheduling priority. + # @default -- not set + priorityClassName: "" + # -- Additional labels to apply to all resources created by this chart. commonLabels: {} @@ -92,13 +98,11 @@ serviceAccount: name: "" # -- Security context to be applied at the Pod level. -podSecurityContext: - {} +podSecurityContext: {} # fsGroup: 2000 # -- Security context to be applied to containers in the Pod. -securityContext: - {} +securityContext: {} # capabilities: # drop: # - ALL @@ -136,8 +140,7 @@ ingress: # -- Ingress Class name for the Ingress resource. className: "" # -- Annotations for the Ingress resource. - annotations: - {} + annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" # -- List of host definitions for the Ingress resource. @@ -161,14 +164,12 @@ env: [] # key: KAFKA_USER # -- Names of Secrets or ConfigMaps that contain environment variables to pass to the Redpanda Connect container. -envFrom: - [] +envFrom: [] # - secretRef: # name: redpanda # -- Resource limits and requests for the container. -resources: - {} +resources: {} # By default, the chart does not specify default resources to increase the chances that it runs on environments with few # resources, such as Minikube. If you want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. @@ -237,8 +238,7 @@ updateStrategy: {} # maxUnavailable: 1 # -- Additional volumes to add to the Pod. -extraVolumes: - [] +extraVolumes: [] # - name: config-map # configMap: # name: cm-name @@ -247,15 +247,14 @@ extraVolumes: # secretName: s-name # -- Additional volume mounts for the container. -extraVolumeMounts: - [] +extraVolumeMounts: [] # - name: config-map # mountPath: /mnt/configmap # readOnly: true # - name: secret # mountPath: /mnt/secret # readOnly: true -# +# # -- Configuration settings for resources in Redpanda Connect. connectResources: # -- Enable resources. From c1757b7ae0d0226256f8f68e399a728df0bc882a Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:01:02 +0100 Subject: [PATCH 3/9] chore(README): update with priorityClassName related info --- charts/connect/README.md | 70 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) diff --git a/charts/connect/README.md b/charts/connect/README.md index 8551f3c092..2fe723bfe4 100644 --- a/charts/connect/README.md +++ b/charts/connect/README.md @@ -176,6 +176,76 @@ Labels to add to Redpanda Connect Pods. **Default:** `{}` +### [deployment.priorityClassName](https://artifacthub.io/packages/helm/redpanda-data/connect?modal=values&path=deployment.priorityClassName) + +Kubernetes PriorityClass name to assign to Redpanda Connect Pods. This setting controls pod scheduling priority and eviction order when cluster nodes are under resource pressure. + +**Prerequisites:** +- The specified PriorityClass must exist in the cluster before deployment +- Requires appropriate RBAC permissions to use the PriorityClass +- Coordinate with cluster administrators when using system-level priority classes + +**Common Use Cases:** + +1. **Critical Stream Processors**: Workloads that process high-throughput topics and cannot tolerate eviction +2. **Low-Latency Pipelines**: Real-time data pipelines requiring guaranteed scheduling +3. **CQRS Architectures**: Assign higher priority to command-side processors and lower priority to query-side processors for graceful degradation +4. **Multi-Tenant Environments**: Separate production (high priority) from development/testing workloads (normal priority) + +**Configuration Examples:** + +```yaml +# Basic usage with a custom priority class +deployment: + priorityClassName: high-priority + +# CQRS command-side deployment (write-heavy, high priority) +deployment: + priorityClassName: critical-commands + resources: + requests: + memory: "512Mi" + cpu: "500m" + +# CQRS query-side deployment (read-heavy, lower priority) +deployment: + priorityClassName: standard-queries + resources: + requests: + memory: "256Mi" + cpu: "250m" + +# Production critical workload +deployment: + priorityClassName: system-cluster-critical +``` + +**Operational Considerations:** + +- **Pod Preemption**: Pods with higher priority can preempt (evict) lower-priority pods when resources are constrained +- **Scheduling Behavior**: Priority affects scheduling order but does not guarantee resource availability +- **Resource Requests**: Use priorityClassName in combination with appropriate resource requests and limits +- **Consumer Lag Impact**: Lower-priority pods may experience increased consumer lag during cluster pressure +- **Monitoring**: Track pod eviction events and scheduling delays to tune priority settings + +**Troubleshooting:** + +If pods remain in `Pending` state after deployment: +1. Verify the PriorityClass exists: `kubectl get priorityclasses` +2. Check RBAC permissions for the ServiceAccount +3. Review pod events: `kubectl describe pod ` +4. Ensure cluster has available resources for the requested priority level + +**Best Practices:** + +- Reserve high priorities (`system-cluster-critical`, `system-node-critical`) for truly critical workloads +- Document priority class usage and rationale in your deployment documentation +- Test pod behavior under simulated node pressure before production deployment +- For CQRS patterns, establish a priority cascade: command processors > event processors > query updaters > query APIs +- Monitor consumer lag and eventual consistency windows when using priority-based scheduling + +**Default:** `""` + ### [deployment.readinessProbe](https://artifacthub.io/packages/helm/redpanda-data/connect?modal=values&path=deployment.readinessProbe) Configuration for the readiness probe that checks if the container is ready to accept traffic. From 390236f07156dc05021b7694c8452e892415589d Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:03:40 +0100 Subject: [PATCH 4/9] chore(README): cleanup --- charts/connect/README.md | 59 ---------------------------------------- 1 file changed, 59 deletions(-) diff --git a/charts/connect/README.md b/charts/connect/README.md index 2fe723bfe4..c5cc3f033b 100644 --- a/charts/connect/README.md +++ b/charts/connect/README.md @@ -185,65 +185,6 @@ Kubernetes PriorityClass name to assign to Redpanda Connect Pods. This setting c - Requires appropriate RBAC permissions to use the PriorityClass - Coordinate with cluster administrators when using system-level priority classes -**Common Use Cases:** - -1. **Critical Stream Processors**: Workloads that process high-throughput topics and cannot tolerate eviction -2. **Low-Latency Pipelines**: Real-time data pipelines requiring guaranteed scheduling -3. **CQRS Architectures**: Assign higher priority to command-side processors and lower priority to query-side processors for graceful degradation -4. **Multi-Tenant Environments**: Separate production (high priority) from development/testing workloads (normal priority) - -**Configuration Examples:** - -```yaml -# Basic usage with a custom priority class -deployment: - priorityClassName: high-priority - -# CQRS command-side deployment (write-heavy, high priority) -deployment: - priorityClassName: critical-commands - resources: - requests: - memory: "512Mi" - cpu: "500m" - -# CQRS query-side deployment (read-heavy, lower priority) -deployment: - priorityClassName: standard-queries - resources: - requests: - memory: "256Mi" - cpu: "250m" - -# Production critical workload -deployment: - priorityClassName: system-cluster-critical -``` - -**Operational Considerations:** - -- **Pod Preemption**: Pods with higher priority can preempt (evict) lower-priority pods when resources are constrained -- **Scheduling Behavior**: Priority affects scheduling order but does not guarantee resource availability -- **Resource Requests**: Use priorityClassName in combination with appropriate resource requests and limits -- **Consumer Lag Impact**: Lower-priority pods may experience increased consumer lag during cluster pressure -- **Monitoring**: Track pod eviction events and scheduling delays to tune priority settings - -**Troubleshooting:** - -If pods remain in `Pending` state after deployment: -1. Verify the PriorityClass exists: `kubectl get priorityclasses` -2. Check RBAC permissions for the ServiceAccount -3. Review pod events: `kubectl describe pod ` -4. Ensure cluster has available resources for the requested priority level - -**Best Practices:** - -- Reserve high priorities (`system-cluster-critical`, `system-node-critical`) for truly critical workloads -- Document priority class usage and rationale in your deployment documentation -- Test pod behavior under simulated node pressure before production deployment -- For CQRS patterns, establish a priority cascade: command processors > event processors > query updaters > query APIs -- Monitor consumer lag and eventual consistency windows when using priority-based scheduling - **Default:** `""` ### [deployment.readinessProbe](https://artifacthub.io/packages/helm/redpanda-data/connect?modal=values&path=deployment.readinessProbe) From 42a9ccfbb7b4b81307afa19ffba76b55a5db5484 Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:12:52 +0100 Subject: [PATCH 5/9] chore(fmt) --- charts/connect/values.yaml | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/charts/connect/values.yaml b/charts/connect/values.yaml index 943cf2687e..0c40c7390c 100644 --- a/charts/connect/values.yaml +++ b/charts/connect/values.yaml @@ -98,11 +98,13 @@ serviceAccount: name: "" # -- Security context to be applied at the Pod level. -podSecurityContext: {} +podSecurityContext: + {} # fsGroup: 2000 # -- Security context to be applied to containers in the Pod. -securityContext: {} +securityContext: + {} # capabilities: # drop: # - ALL @@ -131,7 +133,8 @@ service: # protocol: UDP # -- Set Annotations on the Redpanda Connect Service. - annotations: {} + annotations: + {} # -- Configuration for Kubernetes Ingress to expose Redpanda Connect externally. ingress: @@ -140,7 +143,8 @@ ingress: # -- Ingress Class name for the Ingress resource. className: "" # -- Annotations for the Ingress resource. - annotations: {} + annotations: + {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" # -- List of host definitions for the Ingress resource. @@ -164,12 +168,14 @@ env: [] # key: KAFKA_USER # -- Names of Secrets or ConfigMaps that contain environment variables to pass to the Redpanda Connect container. -envFrom: [] +envFrom: + [] # - secretRef: # name: redpanda # -- Resource limits and requests for the container. -resources: {} +resources: + {} # By default, the chart does not specify default resources to increase the chances that it runs on environments with few # resources, such as Minikube. If you want to specify resources, uncomment the following # lines, adjust them as necessary, and remove the curly braces after 'resources:'. @@ -238,7 +244,8 @@ updateStrategy: {} # maxUnavailable: 1 # -- Additional volumes to add to the Pod. -extraVolumes: [] +extraVolumes: + [] # - name: config-map # configMap: # name: cm-name From 5f4bf0332616fccb2abebd898dc0c51bba6c855e Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:15:04 +0100 Subject: [PATCH 6/9] chore(fmt) --- charts/connect/values.yaml | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/charts/connect/values.yaml b/charts/connect/values.yaml index 0c40c7390c..c5c7526627 100644 --- a/charts/connect/values.yaml +++ b/charts/connect/values.yaml @@ -98,12 +98,12 @@ serviceAccount: name: "" # -- Security context to be applied at the Pod level. -podSecurityContext: +podSecurityContext: {} # fsGroup: 2000 # -- Security context to be applied to containers in the Pod. -securityContext: +securityContext: {} # capabilities: # drop: @@ -133,8 +133,7 @@ service: # protocol: UDP # -- Set Annotations on the Redpanda Connect Service. - annotations: - {} + annotations: {} # -- Configuration for Kubernetes Ingress to expose Redpanda Connect externally. ingress: @@ -168,13 +167,13 @@ env: [] # key: KAFKA_USER # -- Names of Secrets or ConfigMaps that contain environment variables to pass to the Redpanda Connect container. -envFrom: +envFrom: [] # - secretRef: # name: redpanda # -- Resource limits and requests for the container. -resources: +resources: {} # By default, the chart does not specify default resources to increase the chances that it runs on environments with few # resources, such as Minikube. If you want to specify resources, uncomment the following @@ -244,7 +243,7 @@ updateStrategy: {} # maxUnavailable: 1 # -- Additional volumes to add to the Pod. -extraVolumes: +extraVolumes: [] # - name: config-map # configMap: @@ -254,7 +253,8 @@ extraVolumes: # secretName: s-name # -- Additional volume mounts for the container. -extraVolumeMounts: [] +extraVolumeMounts: + [] # - name: config-map # mountPath: /mnt/configmap # readOnly: true From 5619373566d526554de775e7d0ea8ab32a482f5c Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:16:19 +0100 Subject: [PATCH 7/9] chore(fmt) --- charts/connect/values.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/charts/connect/values.yaml b/charts/connect/values.yaml index c5c7526627..b8a3eb4e7b 100644 --- a/charts/connect/values.yaml +++ b/charts/connect/values.yaml @@ -142,7 +142,7 @@ ingress: # -- Ingress Class name for the Ingress resource. className: "" # -- Annotations for the Ingress resource. - annotations: + annotations: {} # kubernetes.io/ingress.class: nginx # kubernetes.io/tls-acme: "true" @@ -253,7 +253,7 @@ extraVolumes: # secretName: s-name # -- Additional volume mounts for the container. -extraVolumeMounts: +extraVolumeMounts: [] # - name: config-map # mountPath: /mnt/configmap From 1e9b524dfb7586e13ce570656d829e4298e11a60 Mon Sep 17 00:00:00 2001 From: DDany Date: Sat, 7 Feb 2026 22:18:42 +0100 Subject: [PATCH 8/9] chore(docs) --- charts/connect/README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/charts/connect/README.md b/charts/connect/README.md index c5cc3f033b..e5fe53a868 100644 --- a/charts/connect/README.md +++ b/charts/connect/README.md @@ -182,8 +182,6 @@ Kubernetes PriorityClass name to assign to Redpanda Connect Pods. This setting c **Prerequisites:** - The specified PriorityClass must exist in the cluster before deployment -- Requires appropriate RBAC permissions to use the PriorityClass -- Coordinate with cluster administrators when using system-level priority classes **Default:** `""` From e098b9bdb78411ee879807c4b0fbe0ccfcdeebd2 Mon Sep 17 00:00:00 2001 From: DDany Date: Sun, 8 Feb 2026 11:48:13 +0100 Subject: [PATCH 9/9] chore(docs) --- charts/connect/README.md | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/charts/connect/README.md b/charts/connect/README.md index e5fe53a868..86041957ec 100644 --- a/charts/connect/README.md +++ b/charts/connect/README.md @@ -178,12 +178,9 @@ Labels to add to Redpanda Connect Pods. ### [deployment.priorityClassName](https://artifacthub.io/packages/helm/redpanda-data/connect?modal=values&path=deployment.priorityClassName) -Kubernetes PriorityClass name to assign to Redpanda Connect Pods. This setting controls pod scheduling priority and eviction order when cluster nodes are under resource pressure. +Kubernetes PriorityClass name to assign to Redpanda Connect Pods. The specified PriorityClass must already exist in the cluster before deployment. Leave empty (default) for standard scheduling priority. -**Prerequisites:** -- The specified PriorityClass must exist in the cluster before deployment - -**Default:** `""` +**Default:** not set ### [deployment.readinessProbe](https://artifacthub.io/packages/helm/redpanda-data/connect?modal=values&path=deployment.readinessProbe)