This post was written in collaboration with Carlos Salinas Gancedo, Cloud Product Manager at Mendix, and Amir Zipory, EMEA ISV Partner Ecosystem at Red Hat.

As a formal Red Hat Partner within the OpenShift ecosystem, Mendix has as of last month been officially certified by Red Hat. This is a pledge to Red Hat and Mendix’s joint collaboration and ongoing innovation in multi-cloud capabilities, cloud-native architecture, and speaks to Mendix’s positioning as a cutting-edge leader in the low-code landscape.

Mendix applications run on the platform’s cloud-native stateless runtime architecture that conforms to Twelve-Factor App principles with support for modern cloud platforms such as Docker, Kubernetes and Cloud Foundry. Subsequently Mendix apps benefit from auto-scaling, auto-provisioning, auto-healing, low infrastructure overhead, CI/CD, and cloud interoperability out of the box. Mendix can be deployed across a suite of various options, including public cloud, virtual private cloud, private cloud, hybrid cloud, multi cloud, and traditional (virtual) servers.

Running and Deploying Mendix on Red Hat OpenShift

Mendix applications are packaged and deployed to Red Hat OpenShift via one-click deployment. This feature automatically builds the appropriate deployment package, including all the necessary assets required before deploying it to the staging area. Mendix also supports the creation of build packs for deployment on premises and infrastructure-as-a-service (IaaS).

Connected and Standalone Clusters

To deploy apps to your private cloud cluster and allow you to manage the deployment of your apps to Red Hat OpenShift and Kubernetes, you will first need to register a cluster in the Mendix Developer Portal. This creates a link between the Mendix Developer Portal and the cluster. This will provide you with the information you need to deploy the Mendix Operator in your cluster. If you have chosen a connected cluster, the Mendix Gateway Agent will also be deployed. Once the Mendix Operator is deployed to your cluster, you can use it to configure the resources which will be used by your apps.

You then have two options, depending on whether you have chosen to create a connected cluster or a standalone cluster.

Connected Clusters

If you have chosen to register a connected cluster, the Mendix Gateway Agent will create a link to the Environments pages of your Mendix app through the Interactor. This is a secure bi-directional communication channel which is initiated from the Mendix Gateway Agent running on the cluster.

Using this channel, any Mendix user who has been given the correct authority can pass instructions to the Mendix Operator and receive status information about the cluster. This includes instructions needed to deploy an app, or to configure the environment.

Standalone Clusters

If you have chosen to register a standalone cluster, then all communication with the Mendix Operator will be through instructions which are made directly through the Kubernetes API. These can be made manually, but are generally performed by your CI/CD pipeline. In this case, you will also have to have local source control of the Mendix app deployment packages to be surethat the deployment process can discover them.

Copy of Deploying, Installing and Configuring the Mendix Operator on Red Hat OpenShift-May-02-2023-03-43-41-0835-PM

Prerequisites for Creating a Cluster

To create a cluster in your OpenShift environment, you will need the following:

  • A Kubernetes platform with a version from 1.13 through 1.20, or OpenShift version 3.11 or above (version 4.4 and above is recommended)
  • An administration account for your OpenShift or Kubernetes platform
  • OpenShift CLI installed (see Getting started with the CLI) if you are creating clusters on OpenShift
  • Kubectl installed if you are deploying to another Kubernetes platform (Install and Set Up kubectl)
  • A command line terminal that supports the console API and mouse interactions. In Windows, this could be PowerShell or the Windows Command Prompt. See Terminal limitations for a more detailed explanation.

Connected Environments

Should you consider using a connected environment, the following URLs will need to be safelisted in your cluster’s operating system, as these URLs point to services or resources required by the Connected Environments' infrastructure.



Websocket based main communication API

Registry for downloading MDA artifacts

Docker registry for downloading Runtime base images

Service to verify call-home license


Creating a Cluster and Namespace

Creating a Cluster

  1. Click Cloud Settings on the General Settings page of your Mendix app.
  2. Click Mendix for Private Cloud.
  3. Click Set up Mendix for Private Cloud.
  4. Open the Switch to menu and select Cloud.
  5. Select Cluster Manager from the top menu bar in the Developer Portal.
  6. Click Register Cluster.
  7. Enter the following information:
    1. Name – The name you want to give the cluster you are creating.
    2. Type – choose the correct type for your cluster. See Supported Providers for more information.
    3. Description – an optional description of the cluster which will be displayed under the cluster name in the cluster manager.
  8. Click Create.

Adding a Namespace

You now need to add a namespace to your cluster. Your cluster can contain several namespaces.

To add a namespace, do the following:

  1. Click Details:
  2. Click Add Namespace:
  3. Enter the following details:
    • Namespace – this is the namespace in your platform. This must conform to the namespace naming conventions of the cluster: all lower-case with hyphens allowed within the name
    • Installation type – if you want to create environments and deploy your app from the Mendix Developer Portal, choose Connected, but if you only want to control your deployments through the Mendix Operator using the CLI, choose Standalone
  4. Click Done to create the namespace.

If you have selected a Connected Installation Type please verify that the Connected Environment Prerequisites are configured.

Installing and Configuring the Mendix Operator

Before you can use the Mendix Operator in your namespace you need to install it and configure the services your app will use. Mendix provides you with a Configuration Tool which guides you through the process.

Download the Configuration Tool

If you are not already on the installation tab for your namespace, go to it by following these instructions:

  1. Go to the Cluster Manager page by clicking Cluster Manager in the top menu of the Clouds page of the Developer Portal.
  2. Click Details next to the namespace you want to use.
  3. Select the Installation tab.

Now you can download the Configuration Tool by doing the following:

  1. Choose the Operating System for your local computer.
  2. Click Download Executable.
  3. Choose the Mendix Operator Version that you would like to install. If you have already installed the Mendix Operator, your currently installed version will be highlighted.
    Mendix Operator version 2.. supports Kubernetes versions 1.19 and later. Mendix Operator version 1.12.* supports Kubernetes versions 1.12 through 1.21. Choose the latest version that is supported by your Kubernetes cluster.
    Versions earlier than 1.9.0 are only available to allow configuration of previously installed Mendix Operator versions.
    Once you’ve installed a certain version of the Mendix Operator into any namespace in the cluster, you should not install older versions of the Mendix Operator into the same cluster, including other namespaces.
    The installation and configuration tool only supports a limited range of Mendix Operator versions. If the Mendix Operator version in your namespace is too new or too old, the configuration tool will not be able to configure it. Download a version of the configuration tool that is compatible with the Mendix Operator you have installed. Both the ARM and AMD versions of the mxpc-cli tool are available to download.
  4. Click the Download icon to download the installation and configuration tool. Make sure that it is stored somewhere on your path.

Signing in to the Platform

You will need to have administrator rights to your private cloud platform. This means you will have to log in before you run the Configuration Tool.

You can do this by performing the following steps:

  1. Sign in to the OpenShift Console.
  2. Click Copy Login Command in the user drop-down.
  3. Choose your IdP (Identity Provider).
  4. Click Display Token.
  5. Copy the command under Log in with this token.
  6. Paste the command into your command line terminal and press Enter.

Running the Configuration Tool

Once you are signed in to your cluster you can run the Configuration Tool.

To install in non-interactive mode please see: Install and Configure Mendix for Private Cloud Non-interactive Mode

  1. Copy the Installation Command by clicking Copy to clipboard.
  2. Paste the command into your command line terminal and press Enter.
    The Configuration Tool needs a CLI terminal with mouse support. Read the
    Terminal limitations section before running the Configuration Tool.
    You will see the configuration options on the screen and will be guided through filling in the information needed.

Base Installation

If the Mendix Operator and the Mendix Gateway Agent have not been installed in your cluster, you will need to install them.

  1. Click Base Installation.
  2. Select the required Cluster Mode – connected or standalone.
    For more information, see
    Connected and Standalone Clusters in the Private Cloud documentation.
  3. Select the required Cluster Type – openshift or generic.
  4. Click Run Installer to install the Mendix Operator and Mendix Gateway Agent in your cluster. You will see the screen below.
  5. Click Save Installer if you want to save these settings to be used later.
  6. Click Exit Installer to finish.

The Mendix operator and Mendix Gateway Agent are now installed on your platform.

If you have selected the Connected Mode which installs the Mendix Gateway Agent component, please take note of the following:

  • All the Websocket connections (to communicate with the Mendix Platform) are initiated by the Mendix Gateway Agent from the cluster, and said connections do not require any listening ports to be opened in the cluster’s firewall. Only an outbound connection from the cluster to the Portal needs to be set up, by safelisting the URL
  • All the Websocket connections are established over HTTPS, and therefore, can be routed through a Proxy server.


Mendix For Private Cloud provides Mendix’s ‘LowOps’ one-click deployment experience for your own Kubernetes-based (virtual) private cloud, which enables development teams to manage the application lifecycle while still having control of the application data in a private cloud environment. It is certified on Red Hat Openshift, offering continuous vulnerability scans, collaborative support and is fully containerized. The joint partnership between Red Hat and Mendix reiterates our ongoing commitment to provide customers with a secure, verified and world-class experience in cloud-native architecture and the broader multi-cloud landscape.

Further Resources


How-tos, Operators, Security, partners, Developers

< Back to the blog