# Event Bus

When operating Bindplane in a distributed architecture, an external event bus must be configured.

### NATS

The NATS event bus is Bindplane's embedded event bus, suitable for high availability without the need for external infrastructure.

NATS is configured by setting `eventbus.type` to `nats`.

```yaml
eventbus:
  type: nats
```

#### Resource Tuning

When using NATS, three dedicated StatefulSet pods are deployed. You can set their resource allocation by setting `nats.resources`.

```yaml
eventbus:
  type: nats

nats:
  resources:
    requests:
      memory: 1000Mi
      cpu: 1000m
    limits:
      memory: 1000Mi
```

### Google Pub/Sub

#### Automatic Authentication

Google Pub/Sub can be configured without credentials when using [Google Application Default Credentials](https://cloud.google.com/docs/authentication/application-default-credentials).

When running on a Google Kubernetes Engine cluster, Bindplane can authenticate to Pub/Sub without the use of a service account as long as the GKE node pool has the [Required Scopes](https://developers.google.com/identity/protocols/oauth2/scopes#pubsub) enabled.

```yaml
eventbus:
  type: 'pubsub'
  pubsub:
    projectid: 'my-project'
    topic: 'bindplane'
```

#### Service Account Credentials

If operating outside of Google Cloud, a service account JSON credential can be used. This example creates a secret named `bindplane-pubsub` which contains the service account JSON key.

```bash
kubectl create secret generic bindplane-pubsub \
  --from-file=credentials.json
```

```yaml
eventbus:
  type: 'pubsub'
  pubsub:
    projectid: 'my-project'
    topic: 'bindplane'
    credentials:
      secret: bindplane-pubsub
      subPath: credentials.json
```