NetBox Enterprise Helm Values Configuration Guide
This guide covers the configuration and customization of NetBox Enterprise Helm deployments using overlay values files.
Overview
The NetBox Enterprise Helm chart supports a two-tier configuration approach:
- Base values file: Generated from the Enterprise Portal containing license information and default settings
- Overlay values file: Custom configurations that override or extend the base configuration
This approach ensures license information remains intact while allowing environment-specific customizations.
Prerequisites
- NetBox Enterprise license with access to the Enterprise Portal
- Kubernetes cluster version 1.26 or higher
- Helm 3.17.3 or higher
- kubectl configured with cluster access
Configuration Workflow
Step 1: Generate Base Values File
Access the Enterprise Portal and generate your base values file:
# Set authentication credentials
export NETBOX_USERNAME="your-email@company.com"
export SERVICE_ACCOUNT_TOKEN="your-service-account-token"
# Authenticate to the registry
helm registry login registry.replicated.com \
--username "$NETBOX_USERNAME" \
--password "$SERVICE_ACCOUNT_TOKEN"
# Generate base values file with license information
helm show values oci://registry.replicated.com/netbox-enterprise/beta/netbox-enterprise \
--version 1.11.4 > netbox-enterprise-values.yaml
Step 2: Create Overlay Configuration
Create a values-extra.yaml file for your custom configurations:
# values-extra.yaml
netbox:
ingress:
hosts:
- host: netbox.example.com
superuserEmail: "admin@example.com"
extraEnvironment:
TZ: "UTC"
Step 3: Deploy with Multiple Values Files
Deploy the chart using both the base and overlay values files:
helm install netbox-enterprise \
oci://registry.replicated.com/netbox-enterprise/beta/netbox-enterprise \
--namespace netbox-enterprise \
--create-namespace \
--values netbox-enterprise-values.yaml \
--values values-extra.yaml \
--version 1.11.4 \
--wait
Common Configuration Patterns
Network Configuration
Configure ingress and external access:
netbox:
ingress:
enabled: true
hosts:
- host: netbox.example.com
paths:
- path: /
pathType: Prefix
tls:
- secretName: netbox-tls
hosts:
- netbox.example.com
annotations:
cert-manager.io/cluster-issuer: "letsencrypt-prod"
nginx.ingress.kubernetes.io/proxy-body-size: "100m"
Resource Allocation
Configure resource requests and limits for production deployments:
netbox:
resources:
requests:
cpu: "1000m"
memory: "4Gi"
limits:
cpu: "4000m"
memory: "8Gi"
replicaCount: 3
worker:
replicaCount: 3
resources:
requests:
cpu: "500m"
memory: "1Gi"
limits:
cpu: "2000m"
memory: "4Gi"
External Database Configuration
Configure external PostgreSQL and Redis instances:
netbox:
extraEnvironment:
DATABASE_URL: "postgresql://netbox:password@postgres.example.com:5432/netbox"
REDIS_URL: "redis://:password@redis.example.com:6379/0"
CACHE_URL: "redis://:password@redis.example.com:6379/1"
postgresql:
enabled: false
redis:
enabled: false
Private Registry Configuration
Configure private container registries for air-gapped environments:
global:
imageRegistry: "registry.example.com/netbox"
imagePullSecrets:
- name: "registry-credentials"
netbox:
image:
repository: "registry.example.com/netbox/netbox-enterprise"
tag: "v1.11.4"
Advanced Configuration
Storage Configuration
Configure persistent storage for file uploads and media:
netbox:
persistence:
enabled: true
storageClass: "fast-ssd"
size: "100Gi"
accessMode: "ReadWriteOnce"
Security Configuration
Configure security contexts and pod security policies:
netbox:
securityContext:
runAsNonRoot: true
runAsUser: 1000
fsGroup: 1000
podSecurityContext:
seccompProfile:
type: RuntimeDefault
Monitoring and Observability
Configure metrics and monitoring endpoints:
netbox:
metrics:
enabled: true
serviceMonitor:
enabled: true
namespace: "monitoring"
extraEnvironment:
METRICS_ENABLED: "true"
LOGGING_LEVEL: "INFO"
Validation and Testing
Pre-deployment Validation
Validate configuration before deployment:
# Validate YAML syntax
helm template netbox-enterprise \
oci://registry.replicated.com/netbox-enterprise/beta/netbox-enterprise \
--values netbox-enterprise-values.yaml \
--values values-extra.yaml \
--version 1.11.4 \
--dry-run
# Check resource requirements
kubectl describe nodes | grep -E "(Name|Allocatable)"
Post-deployment Verification
Verify successful deployment:
# Check pod status
kubectl get pods -n netbox-enterprise
# Verify resource allocation
kubectl top pods -n netbox-enterprise
# Check service endpoints
kubectl get svc -n netbox-enterprise
# Verify ingress configuration
kubectl get ingress -n netbox-enterprise
Troubleshooting
Common Configuration Issues
Database Connection Failures
# Test database connectivity
kubectl run -it --rm debug --image=postgres:14 --restart=Never -- \
psql postgresql://user:pass@host:5432/dbname
Resource Constraints
# Check resource usage
kubectl describe pod -n netbox-enterprise <pod-name>
kubectl top nodes
Ingress Configuration Problems
# Verify ingress controller
kubectl get pods -A | grep ingress
kubectl get ingressclass
Debug Commands
# View application logs
kubectl logs -n netbox-enterprise deployment/netbox-enterprise
# Check configuration
kubectl describe configmap -n netbox-enterprise
# Inspect secrets
kubectl get secrets -n netbox-enterprise
File Management
Directory Structure
deployment/
├── netbox-enterprise-values.yaml # Base values from Enterprise Portal
├── values-extra.yaml # Environment-specific overrides
├── values-production.yaml # Production-specific settings
└── values-development.yaml # Development-specific settings
Version Control Considerations
- Include:
values-extra.yamland environment-specific configurations - Exclude:
netbox-enterprise-values.yaml(contains license secrets) - Protect: Use Kubernetes secrets for sensitive configuration data
Reference
Chart Information
- Chart Repository:
oci://registry.replicated.com/netbox-enterprise/beta/netbox-enterprise - Current Version: 1.11.4
- Registry:
registry.netboxlabs.com
Documentation Links
Support
For technical support, contact NetBox Labs support with your deployment configuration (excluding sensitive information such as license keys and passwords).