DocsAPI

Netmaker Server Deployment

OverviewCopied!

In this section of the field guide, we discuss deployment options for your Netmaker Server including On-Prem vs SaaS deployment. In this guide we rely on several “Pro Only” features, so assume you are not using the Community version of Netmaker. You are welcome to use this guide with just the open source version of Netmaker, but note that some features may be missing depending on what you are attempting to do.

Determine SaaS vs. On PremCopied!

We’ll begin by discussing the options of SaaS and On-Prem. At a high level, here are the differences.

It is important to note that you can deploy multiple servers of either SaaS or On-Prem. If you are a B2B company that provides IT Services, you may want to create a tenant per-customer, which can be done via the portal. This also allows you to have both SaaS and On-Prem tenants, depending on the use case, and to keep all settings and access segmented by account.

Netmaker SaaS

Netmaker On-Prem

Recommended for most use cases. The easiest way to get started and manage Netmakr, because we manage the Netmaker server for you.

Recommended for IT Administrators deploying Netmaker who require enhanced data privacy, server customizations, custom Oauth integration, or metrics exporting capabilities.


Flow ChartCopied!

Here is a quick flow chart that can help you decide whether SaaS or On-Prem is right for you.

Primary Considerations for SaaS vs On-PremCopied!

You should default to assuming you will use the SaaS version, unless you have a particular need for On-Prem. Here are a few reasons you may need to deploy On-Prem

White Labeling, Custom Domain

Netmaker On-Prem allows you to use a custom domain for your server, e.g. “netmaker.mycompany.com”. Additionally, you can customize the color scheme, labels, and logos in the On-Prem version to match your business.

OAuth Integration

Netmaker On-Prem allows you to integrate with any OIDC-compliant Oauth provider such as Auth0, Azure AD, and more. This can allow you to integrate your in-house auth provider, or provide a more generic authentication mechanism that integrates several different sources like Google, Microsoft, etc. SaaS, by comparison, allows you to use basic auth, Google, GitHub, and Microsoft for authentication.

Data Controls

For companies that have heightened data control policies, On-Prem may be necessary. For instance, companies requiring GDPR compliance may need to use Netmaker’s On-Prem edition. The only data exported to Netmaker on-prem is licensing and billing information.

Additionally, you may need to add security enhancements to your server, such as whitelisting and blacklisting IP addresses, or making it only accessible from within a particular environment.

Metrics Exports

Netmaker On-Prem allows you to export traffic metrics via Prometheus, which can be helpful for monitoring your networks.

Creating and Managing Server InstancesCopied!

Netmaker’s account management portal allows you to create and manage multiple instances of Netmaker, referred to as “Tenants”, for both SaaS and On-Prem.

If you are a B2B company that provides IT Services, you may want to create a tenant per-customer, which can be done via the portal. This also allows you to have both SaaS and On-Prem tenants, depending on the use case.

To create a tenant, you first need to sign up at https://account.netmaker.io/. You must provide valid billing details, and then you can create both SaaS and On-Prem instances. Your first instance will include a 2-week free trial.

After you have created a tenant, you can either sign in directly to your dashboard (SaaS) or retrieve your deployment keys (On-Prem).

SaaS Tenants: An actual server instance is created for you

On-Prem Tenants: A license key is created that is valid for your server deployment

Multiple Tenants or Single TenantCopied!

You may want to create multiple tenants depending on your use case and business needs. You should default to assuming you only need one tenant. Here are some reasons you might need multiple Tenants:

You Manage Multiple Customers: If you are managing Netmaker for multiple customers, the best practice would be to deploy a tenant per-customer. You can also segment your customers using multiple networks within your instance, but in most cases, this is a cleaner approach.

You Have a Test/Staging Environments: If you have test or staging environments for your in-house operations, you may want to have Test and Staging instances of Netmaker as well.

You Have Global Operations: If you have widely dispersed operations, it may be better to have multiple instances of Netmaker to improve performance.. 

Deploying Netmaker SaaSCopied!

Deploying Netmaker SaaS is very simple. Once you create an account, you just need to click to create a new SaaS tenant. It will take 1-3 minutes to provision, and you will then be able to log in.

Deploying Netmaker On-PremCopied!

Deploying Netmaker On-Prem can be straightforward or complex, depending on your requirements. To start, once you create an account, click to create a new On-Prem tenant. You can then go to the dashboard for your instance and retrieve the license keys necessary to deploy your server.

On-Prem Deployment ConsiderationsCopied!

Deploying on-prem can be done in many ways and highly customized for your environment, but here are some primary considerations.

Single Instance vs. Highly AvailableCopied!

Netmaker can be deployed on a single VM or in HA-mode using Kubernetes. To deploy HA you should have an existing Kubernetes cluster you can use. For most use cases, we recommend a single-instance. The server is fairly resilient and your networks will continue to function even if there is a server failure. HA should only be considered for large-scale deployments.

Deploying on a Single VM: https://docs.netmaker.io/docs/server-installation/quick-install

Deploying HA on Kubernetes: https://docs.netmaker.io/docs/server-installation/ha-installation-on-k8s

OAuth integration

If you have an OIDC-compliant auth provider you would like to use with Netmaker, you can integrate that provider using the following steps: https://docs.netmaker.io/docs/server-installation/integrating-oauth

White Labeling

If you would like to customize the colors and logo of your deployment, and replace Netmaker with your company name, you can do so with the following steps: https://docs.netmaker.io/docs/server-installation/ui-branding

Other Server Customizations

In some cases you may wish to perform some other server customizations:

Whitelist IPs to Restrict Server Access: https://docs.netmaker.io/docs/server-installation/advanced-options#security-settings

Use Nginx instead of Caddy Reverse Proxy: https://docs.netmaker.io/docs/server-installation/advanced-options#nginx-reverse-proxy-setup-with-https

Deploy Prometheus and Grafana for Metrics Exports: https://docs.netmaker.io/docs/features/metrics-pro

Next StepsCopied!

Once your server is deployed and configured, you can then proceed to setting up your Networks.