At the moment the configuration of network access is only automated in a limited way. Two regular load balancing services, one for the console-jolokia port and one for the all protocol port, are created with stickiness to the clientIP. By default the load balancing service round robins incoming traffic, however the stickiness setting ensures that the traffic will always go to the first broker pod selected in the case of a cluster.

This ensures that the console experience is not broken by default out of the box, as if traffic is sent in a round robin fashion it is practically impossible to use the console attached to each broker in that fashion.

As well there is a headless service associated with the statefulset that exposes all the protocol ports as well as the console. This alone is good for internal access but to enable external access requires wild card openshift specific routes to access each port on each broker in the broker cluster in the statefulset individually. At the moment creation of such wild card routes is manual; we do not detect if wild card routing is enabled on the openshift router, and as the routes are openshift specific we provide yaml in the docs for a 'howto'. This works only for openshift and is clunky.

What is required, once detection of plain vanilla kubernetes or openshift environment is in place, is to automate this so that we can provide external access automatically simply by turning it on in the custom resource.