26 signed container images, one Helm chart, two tenancy modes. Data stays with you — compliance, data residency, or air-gap requirements are no problem. Identical images to Pipelet SaaS, identical updates, identical monitoring hooks.
All station, session, CDR, and driver data lives in your DB, in your cluster, in your country. No cross-border transfer, no US Cloud Act exposure — relevant for regulated operators and municipal utilities.
Cosign-signed images with SPDX SBOMs for vulnerability audits. NetworkPolicy + RLS + readOnlyRootFilesystem out-of-the-box. Certifications like ISO 27001 or TISAX run through your infra documentation, not through us.
Source-code access via the Pipelet repos, Helm chart as an OCI artifact, all 26 service images from open build pipelines. Right to export all data via Postgres dumps. Worst case, your setup keeps running without Pipelet.
Sizing defaults target 50–250 chargers per tenant. Horizontal scaling via Helm values, vertical via Postgres tier. We have customers that start with 30 stations and grow to 5,000 in 18 months — same stack, bigger DB.
The complete suite — OCPP broker + server, CPMS, Driver/Fleet/Admin/EMP portals, OCPI roaming, Plug & Charge, billing, automation, MCP server, developer portal, homepage. All from the same build, all on ghcr.io.
Everything under one chart, OCI-published to oci://ghcr.io/munichseb/charts/pipelet. Two tenancy modes: shared (one DB, many tenants via RLS) or isolated (one release per customer). Postgres + Redis as subcharts, or BYO managed.
Every image is signed keyless via Sigstore (no key management needed). SPDX-JSON Software Bill of Materials attached as an attestation. Client-side verification with cosign verify.
One encrypted bundle per customer with pull token, customer-specific config.json, values.customer.yaml with your hosts/tenant IDs, optional mTLS material for Hubject. Step-by-step setup README included.
On request we deliver an offline-capable bundle: all images as a regctl dump, Sigstore roots pre-fetched, Helm chart as a .tgz. Importable into any private registry — no ghcr.io access needed post-install.
Read-only deploy keys for all 9 Pipelet repos. You can audit, customize, keep local branches. Will we take your bug fixes? Yes — as pull requests against our main. Your own forks? Also fine, with a support-model adjustment.
The Helm pre-install hook runs 3 idempotent DB migrations sequentially, then service pods start. Failover via service mesh or classic ingress sticky sessions. Rolling updates independent per service.
If you're coming from another CPMS platform: the OCPP broker switches individual stations live, without a big bang. Data import scripts for stations, tariffs, customers. 4–8 weeks typical ramp-up phase.
| SaaS | Marketplace | Self-Hosted | |
|---|---|---|---|
| Who runs it | Pipelet GmbH | You, in Azure | You, anywhere |
| Data location | EU-Frankfurt | Your Azure region | Free choice |
| Time-to-production | ~10 min | ~30 min | ~1 day (incl. cluster setup) |
| Source-code access | read-only | read-only | Read + forking |
| Compliance boundary | Pipelet contracts | Microsoft + Pipelet | You alone |
| Air-gap capable | — | — | Yes, with bundle |
| Updates | automatic | helm upgrade by click | helm upgrade, your pace |
| Scaling | automatic | AKS-managed | free choice (HPA / VPA) |
| Best for | any size | Azure-only setups | compliance / regulation requirements |
# 1. Image-Pull-Token aus dem Onboarding-Bundle anlegen
kubectl create namespace pipelet
kubectl -n pipelet create secret docker-registry pipelet-ghcr-pull \
--docker-server=ghcr.io \
--docker-username=munichseb \
--docker-password="$(cat ghcr-pull-token.txt)"
# 2. Customer-spezifische config.json als Secret
kubectl -n pipelet create secret generic pipelet-config \
--from-file=config.json=./config.json
# 3. Helm-Chart aus dem OCI-Registry installieren
helm install pipelet oci://ghcr.io/munichseb/charts/pipelet \
--version 0.1.0 \
-n pipelet \
-f my-customer.yaml \
--set externalConfigSecret=pipelet-config
# 4. (Optional) Image-Signaturen verifizieren
cosign verify ghcr.io/munichseb/pipelet-cpms-core:0.1.0 \
--certificate-oidc-issuer "https://token.actions.githubusercontent.com" \
--certificate-identity-regexp "https://github.com/munichseb/.+/build-images.yml@.+"
Full guide with every values.yaml option, tenancy setup, and operator notes: Tech docs in the developer portal →
Self-hosting isn't "click + go". For every customer install, we work through these 6 steps together — typically across 1–2 working sessions:
No. By default 21 services are active — the 5 opt-in ones (test tools like ChargerSim + EMP-Sim, plus the Hubject bridge) need explicit enable flags. From the 21 default services you can turn off more per module / use case.
Postgres ≥ 14 is a requirement. The Helm chart can roll out an in-cluster Bitnami Postgres (fine for dev/eval); for production we recommend Azure Database for PostgreSQL Flexible Server, AWS RDS, Aiven, or Crunchy Bridge.
License pricing is a function of charger count + activated modules. Plus support tier (Bronze/Silver/Gold with different SLAs). Concrete numbers come with the consultation — we discuss your setup first, because 30 chargers with pure CPMS have different terms than 1,500 with OCPI + PnC + billing.
We ship updates via Helm chart versions on ghcr.io. Critical security patches come out-of-band by email with an upgrade path. You decide when to upgrade — typical customer cadence is every 4–6 weeks, critical patches within 24–48 h.
Yes. Helm values cover sizing, replicas, storage classes, ingress annotations, NetworkPolicy rules. Deeper custom code is possible via your own forks — we then ship patches against the forks instead of deploying directly, with a cost impact on support.
Postgres dump + DNS cut-over. Switching from self-hosted to Pipelet SaaS takes one maintenance window — all data comes along 1:1, because schema and image versions are identical. The other way around is just as feasible.