NetBox Enterprise Overview
Overview
NetBox Enterprise is a self-hosted NetBox distribution built by NetBox Labs for organizations deploying NetBox in their own infrastructure. It provides enterprise-grade features, professional support, and two deployment methods to match your operational model.
Key Benefits:
- Two Deployment Methods: Embedded Cluster (self-contained installer) or Helm (your existing Kubernetes cluster)
- Enterprise Features: SSO authentication, LDAP/SAML integration, plugin management, backup/restore, and Diode data ingestion
- Professional Support: Access to NetBox Labs engineering team for technical assistance
- Flexible Architecture: Use bundled components or integrate with external PostgreSQL, Redis, and S3-compatible storage
- Production Ready: Battle-tested deployment architecture used by enterprise customers
Deployment Methods
Embedded Cluster
Deploy NetBox Enterprise on bare-metal servers or VMs with a self-contained installer that sets up a Kubernetes cluster (k0s) and all required components automatically.
- Best for: Teams without existing Kubernetes infrastructure, or preferring a simplified deployment
- Control: Web-based Admin Console (KOTS) on port 30000 for configuration and upgrades
- Components: Embedded k0s cluster, CrunchyData PostgreSQL, Redis with Sentinel, OpenEBS storage
- Requirements: Supported Linux distribution (RHEL or Ubuntu), 4+ vCPU, 16+ GB RAM
Get started with Embedded Cluster
Helm
Deploy NetBox Enterprise on your existing Kubernetes cluster using the netbox-enterprise Helm chart. The operator manages the full lifecycle of your NetBox deployment through a declarative custom resource.
- Best for: Teams with existing Kubernetes infrastructure and Helm workflows
- Control: Full Helm values customization, namespace-scoped deployments, GitOps-compatible
- Components: netbox-enterprise chart, 3 CRD charts, PostgreSQL Operator (PGO), Redis Operator
- Requirements: Kubernetes 1.26+, Helm 3.x,
kubectl
Choosing a Deployment Method
| Embedded Cluster | Helm | |
|---|---|---|
| Infrastructure | Bare-metal server or VM | Existing Kubernetes cluster |
| Installation | Single-binary installer | helm install |
| Configuration | Admin Console UI | manifest + Helm values |
| Upgrades | Admin Console UI | helm upgrade |
| Multi-tenancy | Dedicated cluster | Namespace isolation |
| Networking | Bundled NGINX Ingress | Your ingress controller |
| Storage | Bundled OpenEBS | Your storage classes |
Architecture
Component Versions (2.1.1)
| Component | Version |
|---|---|
| NetBox | 4.5.3 |
| netbox-enterprise Chart | 2.1.1 |
| PostgreSQL Operator (PGO) | 6.0.0 |
| PostgreSQL | 18.x (Operator), 16.x (Embedded) |
| Redis | 7.4.8 (via Redis Operator 0.24.0) |
| Hydra | v25.4.0 |
| Diode Pro | 1.12.4 |
Component Options
NetBox Enterprise provides flexibility in choosing between bundled and external components:
| Component | Bundled Option | External Option | When to Use External |
|---|---|---|---|
| PostgreSQL | CrunchyData (EC) or PGO-managed (Helm) | AWS RDS, Cloud SQL, managed PostgreSQL | Existing managed databases (requires 3 databases: netbox, diode, hydra) |
| Redis | Redis with Sentinel (EC) or Operator-managed (Helm) | AWS ElastiCache, managed Redis | Existing managed caching infrastructure |
| Object Storage | Local persistent volume (EC) or BYO (Helm) | AWS S3, MinIO, DigitalOcean Spaces | Required for multi-node deployments |
| Kubernetes | Embedded k0s | N/A | Automatically provisioned |
Diode Data Ingestion
Diode is the data ingestion service bundled with NetBox Enterprise. It accepts data from external sources via gRPC, reconciles it against the current NetBox state, and creates changesets for review or automatic application. When using an external PostgreSQL instance, Diode requires two additional databases (diode and hydra) beyond the main NetBox database.
Scaling and License Tiers
NetBox Enterprise supports horizontal scaling of application and worker replicas. The maximum number of replicas depends on your license tier:
| License Tier | NetBox Replicas | Worker Replicas |
|---|---|---|
| Starter | 1 | 1 |
| Professional | 1-4 | 1-4 |
| Premium | 1-8 | 1-8 |
For resource presets, see the installation guide.
For Helm deployments, resource limits are configured in the manifest - see the Quickstart.
Getting Started
Embedded Cluster Path
-
Review Requirements: Check system requirements for your distribution
-
Prepare Your Host: Configure firewall, disable swap, load kernel modules
-
Install NetBox Enterprise: Follow the installation guide
-
Configure NetBox: Use Admin Console to configure superuser, replicas, database, and authentication
-
Deploy and Verify: Deploy NetBox and verify access on ports 80/443
-
Migrate Data (Optional): Import existing NetBox data using the migration guide
Helm Path
- Review Prerequisites: Check prerequisites for Kubernetes version, tools, and registry access
- Quick Start or Standard Install: Follow the quickstart for a minimal deployment, or the standard installation for production
- Configure: Customize TLS/Ingress and monitoring
- Review Architecture: Understand the component topology and security model
Common Configuration
- Plugins: Enable built-in plugins or install custom plugins
- Authentication: Configure SAML SSO, Entra ID SSO, OIDC, or LDAP
- Backups: Configure database backups or Velero backups (Helm)
Support and Documentation
- Troubleshooting: Troubleshooting | Helm troubleshooting
- Technical Support: Contact your NetBox Enterprise support representative
- Release Information: Review release notes before upgrading