Running SettleIndex in isolated, Cloud Native environments
For clients wishing to take advantage of SettleIndex’s software solution in a self managed or isolated environment, we offer the ability to run both the client and server instances on Kubernetes.
Clients have full access to all features of SettleIndex, while exposing zero data to any third party or SettleIndex.
We provide Helm charts for running the user front-end and the server side GraphQL service, including secure ingress access points.
The charts reference private container images that always reflect the latest release version of our software. While regular updates are recommended, these can be scheduled at intervals that suit the client’s workflow.
We do not provide a database with this setup as it is recommended to use a solution that is managed outside of Kubernetes.
We are happy to provide assistance to run non-production databases for trialling & testing.
Our solution works with existing user directories and integrates seamlessly with any OIDC compliant IdP – all configured via the Helm charts. This solution increases security and makes SSO integration trivial. All major cloud providers offer such solutions and we have several successful setups using Microsoft/Azure directories and AWS user pools.
Requirements for standalone installations
- Kubernetes cluster
- Postgres or compatible database
- OIDC compliant IdP
- Helm support
Single tenant version / managed instance
We also offer the option to set up and manage a dedicated and independent Kubernetes cluster for our clients. In this scenario we create a dedicated (single tenant) cluster on the chosen cloud provider’s infrastructure. We configure and update the instance on a regular basis.
Both the database storage and identity management (user access) is configurable, our customers can bring their existing solutions (see constraints above) or we can set up a database and/or a user directory for them.
This particular solution can be an ideal choice to minimise IT costs while allowing clients to pick the data storage region and database encryption strategy (depending on cloud provider’s offering).
For more information about these options or to discuss your bespoke requirements please contact Charles Szilagyi (CTO) on firstname.lastname@example.org.