NetBox Enterprise Overview
Overview
NetBox Enterprise is a self-hosted NetBox distribution built by NetBox Labs for organizations deploying NetBox in their own infrastructure. It provides a streamlined installation and upgrade experience through an embedded Kubernetes cluster, along with enterprise-grade features and professional support.
Key Benefits:
- Simplified Deployment: Fully managed installer handles Kubernetes cluster setup and NetBox deployment
- Enterprise Features: Advanced capabilities including SSO authentication, LDAP/SAML integration, plugin management, and backup/restore
- Professional Support: Access to NetBox Labs engineering team for technical assistance
- Flexible Architecture: Use embedded components or integrate with external PostgreSQL, Redis, and S3-compatible storage
- Automated Updates: Simplified upgrade process through admin console
- Production Ready: Battle-tested deployment architecture used by enterprise customers
Key Concepts:
- Embedded Cluster: Self-contained Kubernetes cluster (k0s distribution) deployed and managed by the installer
- Admin Console: Web-based management interface (KOTS) for configuration and upgrades on port 30000
- Diode: Data ingestion service for automated network discovery and reconciliation
- Embedded Components: Bundled PostgreSQL (CrunchyData operator), Redis, and OpenEBS storage
- External Integration: Connect to external PostgreSQL, Redis, and S3-compatible storage
- Replicas: Multiple NetBox and worker instances for load distribution (limits based on license tier)
Architecture
NetBox Enterprise uses an embedded Kubernetes cluster architecture that provides production-grade infrastructure with minimal configuration:
Component Options
NetBox Enterprise provides flexibility in choosing between embedded and external components:
| Component | Embedded Option | External Option | When to Use External |
|---|---|---|---|
| PostgreSQL | CrunchyData Postgres Operator | AWS RDS, Cloud SQL, managed PostgreSQL | Existing managed databases (requires 3 databases: netbox, diode, hydra) |
| Redis | Redis with Sentinel (single instance by default, scales with multi-node) | AWS ElastiCache, managed Redis | Existing managed caching infrastructure |
| Object Storage | Local persistent volume | AWS S3, MinIO, DigitalOcean Spaces | Required for multi-node/HA deployments |
| Kubernetes | Embedded k0s cluster | N/A | Embedded cluster required |
Diode Data Ingestion
Diode is the data ingestion service bundled with NetBox Enterprise. It enables automated network discovery and reconciliation by accepting data from external sources and applying it to NetBox through a changeset workflow.
Architecture
Diode consists of several components:
| Component | Purpose |
|---|---|
| Ingester | Receives data via gRPC (port 443) from external sources and SDKs |
| Reconciler | Compares ingested data against current NetBox state and creates changesets |
| Reconciler Pro | Enhanced reconciler with additional data mapping capabilities |
| Auth | Handles authentication for Diode API access |
| Hydra | OAuth2 provider for Diode service-to-service authentication |
How It Works
- External sources send data to the Diode Ingester via gRPC on port 443
- The Ingester validates and queues incoming data
- The Reconciler compares ingested data with the current NetBox state
- Changesets are created for any differences found
- If
diode_auto_apply_changesetsis enabled, changesets are applied automatically; otherwise, they require manual review in NetBox
Database Requirements
Diode requires two additional databases beyond the main NetBox database:
- diode — stores ingestion state and changeset data
- hydra — stores OAuth2 tokens and client credentials
When using the embedded PostgreSQL, these databases are created automatically. When using an external PostgreSQL instance, all three databases (netbox, diode, hydra) must be provisioned.
Configuration
Diode is enabled by default in NetBox Enterprise. The key configuration option is:
- Auto Apply Changesets (
diode_auto_apply_changesets): When enabled, changesets created by Diode are applied to NetBox automatically without manual review. Disabled by default.
This setting is available in the Admin Console under Config.
Scaling and License Tiers
NetBox Enterprise supports horizontal scaling of application and worker replicas. The maximum number of replicas depends on your license tier:
| License Tier | NetBox Replicas | Worker Replicas |
|---|---|---|
| Starter | 1 | 1 |
| Professional | 1–4 | 1–4 |
| Premium | 1–8 | 1–8 |
Replica counts are configured per node — in multi-node deployments, the total replicas scale with the number of nodes.
Resource Presets
NetBox Enterprise provides resource presets to match different workload requirements. Select a preset in the Admin Console under Config > Resources.
| Preset | NetBox CPU (req/limit) | NetBox Memory (req/limit) | Worker CPU (req/limit) | Worker Memory (req/limit) |
|---|---|---|---|---|
| Regular | 200m / 1000m | 750Mi / 1500Mi | 100m / 1000m | 128Mi / 1500Mi |
| Large | 500m / 2000m | 1500Mi / 3000Mi | 250m / 2000m | 256Mi / 3000Mi |
| Extra Large | 1000m / 4000m | 3000Mi / 6000Mi | 500m / 4000m | 512Mi / 6000Mi |
| 2x Large | 2000m / 8000m | 6000Mi / 12000Mi | 1000m / 8000m | 1024Mi / 12000Mi |
Choose a larger preset if you experience out-of-memory errors on worker pods or need to process large Git repository syncs. See Troubleshooting for guidance.
Deployment Scenarios
Production Deployment
Recommended for production NetBox Enterprise deployments:
- Use Case: Production NetBox instance
- Resources: 8 vCPU, 24 GB RAM, 100 GB SSD
- Components: Embedded PostgreSQL and Redis, or external managed services
- Replicas: 2 or more NetBox application replicas (Professional or Premium tier)
- Backup: Regular database backups configured
Development and Testing
Recommended for non-production environments:
- Use Case: Development, staging, or testing
- Resources: 4 vCPU, 16 GB RAM, 50 GB SSD
- Components: All embedded components
- Replicas: 1 NetBox replica
- Backup: Optional
Getting Started
To deploy NetBox Enterprise, follow this process:
-
Review Requirements: Check system requirements for your distribution
-
Prepare Your Host: Configure firewall, disable swap, load kernel modules
-
Install NetBox Enterprise: Follow the installation guide
-
Configure NetBox: Use Admin Console to configure superuser, replicas, database, and authentication
-
Deploy and Verify: Deploy NetBox and verify access on ports 80/443
-
Migrate Data (Optional): Import existing NetBox data using the migration guide
-
Configure Plugins (Optional):
- Enable built-in plugins
- Install custom plugins
-
Configure Authentication (Optional):
Support and Documentation
- Installation Issues: See troubleshooting guide
- Technical Support: Contact your NetBox Enterprise support representative
- Release Information: Review release notes before upgrading
- Backup and Recovery: Configure database backups