Prerequisites

Before deploying NetBox Enterprise, ensure your environment meets the following requirements.

Kubernetes Requirements

• Kubernetes Version: ≥1.29
• Cluster Resources (minimum per component):
  • Web pods: 250m CPU, 1Gi memory (per pod)
  • Worker pods: 100m CPU, 256Mi memory (per pod)
  • PostgreSQL (if using internal): 1 CPU, 2Gi memory
  • Redis (if using internal): 100m CPU, 256Mi memory
• Recommended: At least 3 nodes for high availability deployments

Helm Requirements

• Helm Version: 3.17.3 or later (critical for compatibility)
• Helm must be configured with access to create resources in your target namespace

Network Requirements

• Ingress Controller:
  • Option 1: Use an existing NGINX Ingress Controller in your cluster
  • Option 2: The chart includes its own NGINX Ingress Controller (enabled by default with Diode)
• Port Requirements:
  • Port 80/443 for web access
  • Port 8080 for NetBox application
  • Port 8081 for health checks
  • Port 5432 for PostgreSQL (if external)
• DNS: Resolvable hostname for NetBox Enterprise web interface
• Load Balancer: Support for LoadBalancer service type or Ingress

Storage Requirements

• Storage Class: Dynamic provisioning recommended
• Default Storage Class: Required - Your cluster must have a default storage class configured
• User Data Volume (contains media, reports, and scripts):
  • Default size: 10Gi (adjustable based on needs)
  • Access mode: ReadWriteOnce
  • Mount paths:
    • /opt/netbox/netbox/media - Media files
    • /opt/netbox/netbox/reports - Reports
    • /opt/netbox/netbox/scripts - Custom scripts

Verifying Default Storage Class

Check if your cluster has a default storage class:

kubectl get storageclass

You should see output with one storage class marked as (default). If no default is set, you can designate one:

# Example for AWS EKS (adjust storage class name for your environment)
kubectl patch storageclass gp2 -p '{"metadata": {"annotations":{"storageclass.kubernetes.io/is-default-class":"true"}}}'

# For other cloud providers, common storage class names:
# - Azure AKS: managed-csi
# - Google GKE: standard
# - OpenShift: gp2-csi or gp3-csi

Database Requirements

NetBox Enterprise can use either internal databases (default) or external PostgreSQL. Redis is always deployed internally.

Option 1: Internal Databases (Default)

The chart includes:

• PostgreSQL: Deployed using Crunchy Data PostgreSQL Operator v5.7.0
• Redis: Deployed using Bitnami Redis chart with no persistence

Option 2: External PostgreSQL

Note: External Redis is not currently supported. The chart will always deploy internal Redis.

PostgreSQL Requirements

• Version: PostgreSQL 14 or higher
• Extensions: PostgreSQL must have the pg_trgm extension available
• Resources:
  • Minimum: 1 CPU, 2Gi memory
  • Recommended: 2+ CPUs, 4Gi+ memory for production
• Connection: Accessible from Kubernetes cluster
• Authentication: Username/password authentication
• TLS: Optional TLS support available

License Requirements

• Valid NetBox Enterprise license file provided by NetBox Labs
• License file will be configured during installation

Enterprise Portal Requirements

• Valid NetBox Enterprise license from NetBox Labs
• Service account token from Enterprise Portal
• Access to registry.netboxlabs.com for Helm charts
• Access to proxy.netboxlabs.com for Docker authentication
• Access to proxy.enterprise.netboxlabs.com for Docker image pulls

Getting Your License and Credentials

1. NetBox Enterprise License: Contact NetBox Labs for your license
2. Service Account Token: Available from your Enterprise Portal
3. Registry Access: Provided with your license credentials

Authentication Pattern

export SERVICE_ACCOUNT_TOKEN="your-service-account-token"
export USERNAME="your-email@company.com"

# Docker authentication (to netboxlabs.com)
docker login proxy.netboxlabs.com -u $USERNAME -p $SERVICE_ACCOUNT_TOKEN

# Helm authentication (to netboxlabs.com)  
helm registry login registry.netboxlabs.com -u $USERNAME -p $SERVICE_ACCOUNT_TOKEN

# Docker images are pulled from proxy.enterprise.netboxlabs.com
# Helm charts are pulled from registry.netboxlabs.com

Private Registry Requirements (Environments with Restricted Connectivity)

If deploying in an environment with restricted internet access:

• Access to a private container registry (JFrog Artifactory, Harbor, Nexus, etc.)
• Ability to mirror required container images
• Registry credentials for pulling images

Container Images Required

The following images must be available in your private registry:

# Core NetBox Enterprise images
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/ghcr.io/netboxlabs/nbe-core:4.2.9_main-90
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/netboxlabs/nbe-utils:4

# Diode components
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/docker.io/netboxlabs/diode-auth:1.2.0
proxy.enterprise.netboxlabs.com/anonymous/index.docker.io/netboxlabs/diode-ingester:1.2.0
proxy.enterprise.netboxlabs.com/anonymous/index.docker.io/netboxlabs/diode-reconciler:1.2.0

# Database and infrastructure
proxy.enterprise.netboxlabs.com/anonymous/index.docker.io/bitnami/redis:7.4.2-debian-12-r4
proxy.enterprise.netboxlabs.com/anonymous/registry.developers.crunchydata.com/crunchydata/postgres-operator:ubi9-5.8.2-0

# Security and utilities
proxy.enterprise.netboxlabs.com/anonymous/index.docker.io/oryd/hydra:v2.3.0
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/oryd/hydra-maester:v0.0.36
proxy.enterprise.netboxlabs.com/anonymous/index.docker.io/library/busybox:1.37
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/busybox:latest

# Replicated SDK
proxy.enterprise.netboxlabs.com/proxy/netbox-enterprise/registry.replicated.com/library/replicated-sdk-image:1.5.3

# Ingress controller (if using internal)
proxy.enterprise.netboxlabs.com/anonymous/registry.k8s.io/ingress-nginx/controller:v1.12.1
proxy.enterprise.netboxlabs.com/anonymous/registry.k8s.io/ingress-nginx/kube-webhook-certgen:v1.5.2

Restricted Connectivity Installation Resources

For deployments in environments with restricted connectivity, the following resources are available:

• Private Registry Template: https://netboxlabs.com/docs/files/private-registry.yaml
• Registry Configuration Script: https://netboxlabs.com/docs/files/private-registry.sh
• Values Template: https://netboxlabs.com/docs/files/values-extra.yaml

For environments using HTTP/HTTPS proxies:

• HTTP/HTTPS proxy configuration is passed through standard Kubernetes environment variables
• Configure proxy settings in your container runtime, not in the Helm values
• The httpProxies configuration in the chart is deprecated

Next Steps

Once your environment meets these prerequisites, continue with:

• Basic Installation - Recommended guided installation
• Advanced Installation - Custom configuration options