Stackit changes#11208
Conversation
katarzyna-koltun-mx
left a comment
katarzyna-koltun-mx
left a comment
There was a problem hiding this comment.
Reviewed and waiting for the go ahead.
| | User | Username for the registry robot account | | ||
| | Password | Token (password) for the robot account | | ||
|
|
||
| Before pushing images to container registry, you must first create the repository. |
There was a problem hiding this comment.
I think repositories automatically created when pushing to them.
There was a problem hiding this comment.
@walkline https://mendix.slack.com/archives/C0B2Y7ZQ3K4/p1778569861394009
here, gauarav created the registry before
and then u were able to use it
There was a problem hiding this comment.
fixed. Replaced repository with registry
| Example: | ||
|
|
||
| ```shell | ||
| kubectl patch serviceaccount default -n <namespace> -p '{"imagePullSecrets": [{"name": "<secret-name>"}]}' |
There was a problem hiding this comment.
Maybe we should mention somewhere that mxpc-cli or the Helm chart will create a secret with the registry credentials, so they can use that secret. Usually, the secret has a name similar to this: mendix-generic-registry-secret.
| If your provider is Azure, [Postgres managed identity authentication](#database-postgres-azwi) can be used instead to increase security. | ||
|
|
||
| {{% alert color="info" %}} | ||
| The Mendix on-demand PostgreSQL provisioner cannot be used directly. STACKIT PostgreSQL Flex does not expose the `CREATEROLE` privilege, which is necessary for Mendix to automatically create database users with SQL commands. In order to facilitate the use of Postgres, switch to [JDBC plan](#database-jdbc) and create a dedicated database user for the new Mendix environment using the STACKIT CLI or API. |
There was a problem hiding this comment.
Maybe we should add something like this at the beginning: This limitation applies only to STACKIT PostgreSQL Flex databases. Because Reading just the first santace can lead to a false impression.
|
|
||
| #### Prerequisites | ||
|
|
||
| * A Ceph or S3-compatible bucket. |
There was a problem hiding this comment.
Why are we mentioning Ceph storage here (and several lines below)? I only tested the S3-compatible interface for STACKIT Object Storage.
There was a problem hiding this comment.
This was already there
I just moved ceph storage in next section
|
|
||
| #### Configuring the Plan | ||
|
|
||
| In the Ceph plan configuration, enter the following details: |
| {{% /alert %}} | ||
|
|
||
| {{% alert color="info" %}} | ||
| The Mendix on-demand PostgreSQL provisioner cannot be used directly. STACKIT PostgreSQL Flex does not expose the CREATEROLE privilege, which is necessary for Mendix to automatically create database users via SQL commands. Hence, a databaser user needs to be created per environment before deployment. |
There was a problem hiding this comment.
The same comment: Maybe we should add something like this at the beginning: This limitation applies only to STACKIT PostgreSQL Flex databases. Because Reading just the first santace can lead to a false impression.
…n' into stackItdocumentation emote commit for stackit
walkline
left a comment
walkline
left a comment
There was a problem hiding this comment.
Looks good to me, thanks!
|
On hold until June, waiting for the go ahead |
There was a problem hiding this comment.
Review Summary
Thank you for adding STACKIT support documentation. This is a great addition. However, the changes need several revisions before merging.
Findings:
- MUST FIX: Brand-name casing throughout: "STACKIT" (not "Stackit" or "StackIt"), "STACKIT Kubernetes Engine", "STACKIT PostgreSQL Flex", "STACKIT Container Registry", "STACKIT Object Storage". STACKIT is consistently rendered all-caps in their own brand and product naming.
- MUST FIX: The release note entry is too thin and underspecified — readers learn nothing about scope, prerequisites, or the SKE-specific limitations that already exist elsewhere in this PR. I've suggested a complete rewrite that surfaces those limitations and links into the relevant sections.
- MUST FIX: Duplicate field list in the STACKIT Object Storage configuration section (
private-cloud-storage-plans.md). - SHOULD FIX: Several grammar/typo issues in the new prose (
fail to start the and deployment,By creating dedicated bucket for all the environment, double-spaceoption and the bucket). - SHOULD FIX: Add an explicit "unmanaged" statement to the SKE entry
- SHOULD FIX: Add a Kubernetes-version statement for SKE (any SKE-offered version within our supported range).
- SHOULD FIX: Whitespace-only reindent of the unrelated
gcloudblock inprivate-cloud-registry.mdshould be reverted — it pulls the fenced block out of its list-item indentation and is unrelated to STACKIT. - SHOULD FIX: Trailing whitespace in the new STACKIT registry table (
private-cloud-registry.md). - PENDING (please clarify): The
/metricsline removal inprivate-cloud-license-manager.mdlooks unrelated to STACKIT. Either revert, or split into a separate PR with a rationale.
See inline comments for the specific edits.
| ### May 20, 2026 | ||
|
|
||
| #### StackIt support | ||
|
|
There was a problem hiding this comment.
MUST FIX (casing): Change StackIt support to STACKIT Support. STACKIT's own brand and product naming uses all-caps consistently.
| #### StackIt support | ||
|
|
||
| * We now officially support app deployments in Stackit kubernetes environments. | ||
|
|
There was a problem hiding this comment.
MUST FIX (casing): Stackit kubernetes environments should be STACKIT Kubernetes Engine — both "STACKIT" and the product name "Kubernetes Engine" need correct capitalization.
| #### StackIt support | ||
|
|
||
| * We now officially support app deployments in Stackit kubernetes environments. | ||
|
|
There was a problem hiding this comment.
MUST FIX (rewrite): This release note is too thin. It doesn't tell readers what's actually supported, what the limitations are, or where to find configuration details — and it omits the SKE-specific caveats that this same PR adds elsewhere. Please replace the heading + bullet with the following:
### STACKIT Kubernetes Engine Support
Mendix on Kubernetes now supports deployment to STACKIT Kubernetes Engine (SKE). See [Supported Environments](/developerportal/deploy/private-cloud-supported-environments/#supported-clusters) for details.
**Limitations:**
- STACKIT PostgreSQL Flex requires JDBC plan (CREATEROLE not exposed)
- STACKIT Object Storage requires manual bucket and user creation
- Container registry repositories must be created before pushing images
For configuration details, see [Storage Plans](/developerportal/deploy/private-cloud-cluster/private-cloud-storage-plans/#stackit-object-storage) and [Container Registry](/developerportal/deploy/private-cloud-cluster/private-cloud-registry/#stackit-container-registry).| * [Google Cloud SQL for PostgreSQL](https://cloud.google.com/sql/docs/postgres). | ||
| * [Amazon RDS Aurora for PostgreSQL](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.AuroraPostgreSQL.html) | ||
| * [Stackit Postgres Flex](https://stackit.com/en/products/database/stackit-postgresql-flex) | ||
|
|
There was a problem hiding this comment.
MUST FIX (casing): Stackit Postgres Flex should be STACKIT PostgreSQL Flex — matches both STACKIT's brand casing and their own product naming (PostgreSQL, not Postgres).
| * [Google Cloud Platform](https://cloud.google.com/) | ||
| * [Google Kubernetes Engine- Autopilot](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview). For more information, see [Mendix on Kubernetes Cluster: GKE Autopilot Workarounds](/developerportal/deploy/private-cloud-cluster/#gke-autopilot-workarounds) | ||
| * [STACKIT Kubernetes Engine](https://stackit.com/en/products/runtime/stackit-kubernetes-engine) | ||
|
|
There was a problem hiding this comment.
SHOULD FIX (clarity — add unmanaged statement): STACKIT is unmanaged on our side — customers self-provision the cluster and dependencies. Please add the following sentence after the SKE bullet so readers understand the scope up front:
For STACKIT Kubernetes Engine, customers provision the SKE cluster, PostgreSQL Flex database(s), and Object Storage bucket(s) themselves before deploying Mendix.
| * **Access Key** and **Secret Key** - The credentials for the environment user account. | ||
| * **Autogenerate prefix** - Leave it empty | ||
| * **Share bucket between environments** - Specifies if the bucket can be shared between environments (create an on-demand storage plan); Enable this option and the bucket will be shared between multiple environments. | ||
|
|
There was a problem hiding this comment.
SHOULD FIX (whitespace): Enable this option and the bucket will be shared has a double space between and and the. Please collapse to a single space.
| --member "serviceAccount:PROJECT_ID.svc.id.goog[K8S_NAMESPACE/KSA_NAME]" \ | ||
| GSA_NAME@PROJECT_ID.iam.gserviceaccount.com | ||
| ``` | ||
|
|
There was a problem hiding this comment.
SHOULD FIX (unrelated whitespace change): The gcloud fenced block (positions 13–24 of this hunk) has been re-indented from 4 spaces to 8 spaces. This is unrelated to STACKIT support and pulls the code block out of its list-item indentation context, which can affect rendering. Please revert the whitespace change in this block.
| | Push URL | registry.onstackit.cloud | | ||
| | Pull URL | registry.onstackit.cloud | | ||
| | Registry name | `<stackitregistry>/<repository>`, where `<stackitregistry>` is the registry created in stackit | | ||
| | With authentication | enabled | |
There was a problem hiding this comment.
SHOULD FIX (grammar + casing): where <stackitregistry> is the registry created in stackit → where <stackitregistry> is the registry you created in STACKIT.
| | ------------------- | -----------------------------------------------------------------------------------------------| | ||
| | Push URL | registry.onstackit.cloud | | ||
| | Pull URL | registry.onstackit.cloud | | ||
| | Registry name | `<stackitregistry>/<repository>`, where `<stackitregistry>` is the registry created in stackit | |
There was a problem hiding this comment.
SHOULD FIX (formatting): This row of the new STACKIT registry table has trailing whitespace after the closing |. Please clean up trailing whitespace across the table rows for consistency.
|
|
||
| * `http<s>://pclm.<domain>/health` should return `HTTP 200 OK` | ||
| * `https<s>://pclm.<domain>/metrics` should return `HTTP 200 OK` together with the collected server metrics | ||
|
|
There was a problem hiding this comment.
PENDING (please clarify): Was this /metrics line removal intentional? It seems unrelated to STACKIT support. Please revert if unintentional, or move to a separate PR with a rationale if it was deliberate.
There was a problem hiding this comment.
@MXClyde for PENDING (please clarify): The /metrics line removal in private-cloud-license-manager.md looks unrelated to STACKIT. Either revert, or split into a separate PR with a rationale.
yes, the change was minimal, so thought of specifying it in the same PR. We dont have metrics endpoint for PCLM anymore.
|
@katarzyna-koltun-mx can u please incorporate above changes from Clyde |
Proposed Fixes Available@katarzyna-koltun-mx For your convenience, I've applied all the review fixes in a separate PR that targets → #11290 You can review the changes there and, if they look good, this PR (#11208) can be closed in favor of the new one. This includes: ✅ All STACKIT casing standardized to all-caps Feel free to cherry-pick specific commits or merge the whole thing. Let me know if you have questions! |
4 participants
Stack it changes