Unmanaged Private Cloud

The Unmanaged Private Cloud is an alternative deployment option to Jedox Cloud Software as a Service (SaaS). It allows customers to deploy Jedox in their own Kubernetes cluster, providing the flexibility to control and manage their infrastructure while benefiting from Jedox’s cutting-edge features. This offering is ideal for organizations with rigorous security requirements, as it enables them to maintain strict control over their infrastructure and systems and comply with industry-specific regulations.

Key Benefits

Own security standards
Maintain your organization's strict security standards by deploying Jedox in your own Kubernetes cluster, keeping sensitive data and planning processes within your controlled environment.

Customization and control
Gain complete control over the deployment process, enabling fine-tuning and customization as needed.

Helm Chart for Kubernetes Deployment

The Unmanaged Private Cloud leverages a continuously updated Helm Chart, which is the preferred method for deploying Jedox on Kubernetes clusters. Helm, a package manager for Kubernetes, simplifies the installation, configuration, and management of Jedox, ensuring seamless integration into your existing infrastructure.

Key highlights of using the Helm Chart

  • Automated deployment
    Helm Chart streamlines the deployment process, reducing the complexity of setting up Jedox on Kubernetes.
  • Flexibility and scalability
    The Helm Chart enables seamless scaling of Jedox instances to match evolving business needs.
  • Continuous updates
    Jedox is committed to regularly updating the Helm Chart with the newest version of the platform, providing access to the latest features and improvements.

Services Provided by Jedox Cloud Operations

Deployment assistance
Jedox Cloud Operations offers deployment assistance to help customers successfully set up Jedox on their Kubernetes cluster. This includes guidance on installing the Helm Chart and configuring Jedox according to the organization’s requirements.

Support and troubleshooting
Customers receive support related to the deployment and configuration of Jedox on their infrastructure.

Helm Chart updates
The Helm Chart provided by Jedox Cloud Operations is continuously updated with the latest Jedox version, ensuring access to the newest features, bug fixes, and performance improvements.

Technical Requirements

These guidelines are applicable to most deployment scenarios in CNCF-certified Kubernetes distributions.

Before starting the deployment, ensure that the following requirements are met:

Requirements Details
Helm and admin access Helm must be installed on the local machine that you will use for deployment, and you must have admin access to the Kubernetes cluster.
Kubernetes version As of January 2025, Jedox has been tested to be compatible with Kubernetes version 1.31.x. While using older/newer releases may be technically possible, it has not been officially tested against the latest Jedox version.
Worker nodes The Kubernetes cluster must meet the following worker node requirements:
  • The cluster must be provisioned with a minimum of 2 worker nodes.
  • The worker nodes must be dedicated solely to supporting the workloads of the cluster.
  • Recommended worker node size is 16 CPU and 128 GB RAM.
  • Nodes must be equipped with an OS disk of at least 128 GB.
Ingress controller
  • Inbound access to Jedox must be done via the Ingress NGINX controller for Kubernetes.
  • Install NGINX Ingress Helm Chart using the following command:
    helm upgrade --install ingress-nginx ingress-nginx --repo https://kubernetes.github.io/ingress-nginx/ --namespace ingress-nginx --set controller.allowSnippetAnnotations=true --set-string controller.config.annotations-risk-level=Critical --version 4.12.1
  • Ensure that the release name and namespace for the NGINX Ingress controller are set to “ingress-nginx”.
Inbound access and certificates
  • Inbound access to Jedox must be done via HTTPS.
  • Certificate management and deployment must be performed according to each customer’s best practices.
Storage requirements
  • Each Jedox instance must be provided with at least 512 GB of underlying storage. The Persistent Volumes (PVs) must be created via StorageClass.
  • The underlying storage of the storage class must provide ReadWriteMany volumes. The StorageClass must utilize NFS version 3 as the underlying storage protocol.
  • NFS mount parameters for version 3:
    - rw
    - relatime
    - rsize=262144
    - wsize=262144
    - namlen=255
    - hard
    - proto=tcp
    - nconnect=8
    - timeo=600
    - retrans=2
    - sec=sys
    - mountproto=udp
    - local_lock=none
    - nolock
  • PostgreSQL or MSSQL database. Jedox requires a relational database (PostgreSQL or MSSQL) for persisting the ETL drillthrough and ETL history.
  • Deploy a PostgreSQL or MSSQL database alongside Jedox to meet this requirement.

Disclaimer: while the Helm Chart has been tested for compatibility with Jedox's Azure infrastructure, it may also work with other cloud providers. However, it is the responsibility of the customer to ensure the compatibility and suitability of the Helm Chart for their specific cloud provider. We recommend conducting thorough testing and evaluation before deploying the Helm Chart in a non-Azure environment. Jedox does not guarantee the performance or functionality of the Helm Chart in cloud providers other than Azure. Customers should do their due diligence and consult with their cloud provider's documentation and support resources for guidance on deploying and managing applications in their specific environment.

Frequently Asked Questions

Below we address the most common questions about the Private Cloud offering.

Overall, customers must ensure that they have the budget for the infrastructure and the right engineering team to set up and manage it. Jedox provides the application via a Helm Chart, but the installation and monitoring of the infrastructure is customers' responsibility. Jedox will only support the application itself - in this case the customer should contact Jedox Support. Note that Jedox does not have a monitoring mechanism in place, nor does it have any access to the environment.

In the Private Cloud offering, “unmanaged” means that Jedox Cloud Operations will not directly manage the infrastructure where the Jedox Platform is deployed. Instead, it is the responsibility of the customer to manage and maintain the underlying infrastructure, including the Kubernetes cluster and associated resources. Jedox will provide the necessary software components, such as the Helm Chart for deployment, but customers are required to handle the operational aspects of their infrastructure.

In the Unmanaged Private Cloud offering, the customer is responsible for tasks such as provisioning and scaling the Kubernetes cluster, ensuring high availability and disaster recovery measures, applying security patches, monitoring performance, and troubleshooting infrastructure-related issues.

Jedox will provide support related to the deployment of the Jedox platform within the customer’s Kubernetes cluster. This support typically includes assistance with the installation, configuration, and troubleshooting of the Jedox software. Customers should be aware that Jedox will not provide ongoing infrastructure management or maintenance. For such tasks, customers are expected to have their own technical resources, or partner with a managed service provider.

In the Unmanaged Private Cloud offering, Jedox Cloud Operations will not have direct access to your data or network. Jedox will provide the necessary software components, but the data resides within the customer’s infrastructure and is not accessible by Jedox Cloud Operations. The Jedox team does not have visibility into your data or network configuration. This is done on a best-effort basis.

We monitor the status and performance of services comprising the Jedox Application. Patches are applied automatically. New releases are communicated to the customer in advance. When the customer requests not to upgrade, Jedox puts the customer on a hold list.

Jedox is committed to continuously updating the Helm Chart with the latest Jedox version, ensuring customers have access to the most recent features, enhancements, and bug fixes. The frequency of these updates may vary based on the Jedox’ release schedule and the introduction of new versions. Customers should regularly check for updates or subscribe to notifications from Jedox to stay informed about the availability of new Helm Chart releases.

Yes, the Unmanaged Private Cloud offering is designed to be flexible and customizable. You can integrate Jedox seamlessly with your existing infrastructure, data sources, and services. The Helm Chart allows you to adjust settings to meet your specific requirements and integration needs.

While the Unmanaged Private Cloud offering provides flexibility and control, it requires technical expertise to manage the Kubernetes cluster and associated infrastructure. Customers should consider their team’s capabilities, infrastructure readiness, and ongoing maintenance requirements before opting for this offering. Additionally, customers are responsible for ensuring compliance with relevant data protection regulations and implementing best practices for securing their infrastructure and data.

Secure development: Jedox adheres to the principles of secure software development and testing along the Secure Development Lifecycle (SDLC) in all Jedox internal software development procedures.

Security patches: Jedox continuously deploys security patches overnight (local time). Thus, there is no downtime for customers and no need to schedule a maintenance window during which work on the Jedox Platform must be halted.

Jedox has partnered with HackerOne for a continuous bug bounty program. Throughout the year, potential weak spots are identified by selected security experts from a group of global “white hat hackers”. These weak spots are triaged and quality tested, and this information is shared with Jedox internal teams. Through this practice, Jedox has implemented an additional layer of quality assurance, guaranteeing the best practices in data security to protect customer data. Besides actively searching for vulnerabilities, the Jedox development pipeline implements various other security tools and methods, such as Trivy and Static Code Analysis.

Jedox does not deploy or operate a centralized logging or monitoring stack in an Unmanaged Private Cloud installation. Responsibility for observability lies entirely with the customer.

The table below outlines vendor-neutral best practices you may follow. The tools listed are examples, feel free to use any solution that meets your needs.

Aspect Customer Responsibility Common Tools (examples)
Log collection & retention Collect container logs and store them in a searchable system with dedicated storage. Fluent Bit → Elasticsearch / Loki / Splunk
Metrics & alerts Collect cluster and service level metrics, visualize trends, and define alert rules. Prometheus + Alertmanager + Grafana
Event & health monitoring Track pod restarts, ingress errors, storage thresholds, certificate expiry, etc. Prometheus rules, Grafana dashboards

Jedox doesn’t include a built-in backup mechanism for Unmanaged Private Cloud deployments. Protecting your data and ensuring its recoverability is your responsibility.

The following Stop - Snapshot - Start process provides a solid foundation and can be scripted or integrated with automation tools such as Ansible, GitHub Actions, or your preferred scheduler.

Minimal procedure for the NFS‑based storage:

  1. Stop all Jedox workloads

    Copy 
    kubectl scale deployment --all --replicas=0 -n <namespace>
    kubectl scale statefulset --all --replicas=0 -n <namespace>

    Confirm every pod is terminated before continuing.

  2. Snapshot the storage

    Use your NFS array’s native snapshot to capture the Jedox data volume.

  3. Start the services

    Copy 
    kubectl scale deployment --all --replicas=1 -n <namespace>
    kubectl scale statefulset --all --replicas=1 -n <namespace>

    Verify that all pods return to a Running state.

Recommended sizing guidelines:

Environment vCPUs RAM Storage
Dev / Test 2 8GB 16GB
Prod 4 16GB 32GB

These values are intended as baseline recommendations. You may need to scale resources based on actual load, concurrent users, and data growth over time.

To ensure stable performance, particularly during simultaneous ETL operations or high-frequency read/write workloads, use SSD-backed storage with sufficient IOPS throughput and low latency. Avoid HDDs or any other storage class with limited I/O performance, especially in production scenarios where responsiveness and consistency are critical.

Updated August 4, 2025