Álvaro Manera

CARTO Self Hosted on Kubernetes in Partnership with VMware

As legal regulations on how user data is managed becomes stricter, Data Governance is becoming a priority for many Enterprises across the globe. In many cases, because of the sensitivity of user data, it is sometimes difficult to fully outsource the storage and handling of data to third-party providers. For that reason, CARTO has been supporting enterprise customers with an on-premise deployment of our Location Intelligence solution for several years.

Creating and offering a self-hosted Location Intelligence solution is often complex due to many combinations of target environments, deployment types, software versions, security components and configurations that have to be considered. Furthermore, there is a requirement to provide customers with convenient installation processes and easy maintenance protocols.

Compliance with data governance standards and regulations is a must in Enterprise setups. CARTO Self Hosted can be deployed within secured environments to meet the highest security requirements.

To give CARTO customers the most secure, convenient and scalable cloud native solution, we have partnered with VMware, the leading provider of cross cloud services. Supported by their market-leading knowledge and technical expertise, today we are excited to announce our Kubernetes self-hosted version of the CARTO platform.

vmware logo

VMware Image Builder is a pipeline that makes it easier to package, verify and publish secure Helm charts that can be deployed on any Kubernetes platform and any cloud. Controlling supply chains and at the same time adhering to industry standards and best practices.

For customers working on large scale spatial analytics use cases in the cloud, this deployment method brings a number of Data Governance benefits. Let’s take a look at them in more detail.

Security at Every Layer of the Stack with VMware

Modern software is made up of many data layers and interconnected systems, and in that sense, the CARTO platform is no different. Our engineering focus has been to continually secure all layers in our technical stack for customers.


All Kubernetes nodes are managed by the cloud provider, which ensures they are kept up to date and shielded from known vulnerabilities.

Container Images

CARTO platform images are verified by VMware Image Builder to ensure they are not exposed to known vulnerabilities.

CARTO Services

At CARTO we follow the DevSecOps approach to software delivery. Having automated checks and reports on vulnerabilities in our development and build pipelines. We also go through external audits to ensure we deliver software with the highest security standards.

A Modern Architecture that Allows for Faster Updates and More Features

The Kubernetes self-hosted CARTO platform is built using the industry de facto standards. Kubernetes has become the most effective way to deploy and run different applications in your own cloud infrastructure. To package and distribute software to run on Kubernetes, we use Helm Charts that simplify the deployment of complex software setups. The SaaS version of our platform runs on almost the same software stack, and is well battle tested by many CARTO customers.

Using Kubernetes gives you the possibility to use standard tools for monitoring and alerting. This ultimately lowers the cost of maintenance of the CARTO software.

Available in All Major Clouds and Managed Kubernetes Clusters

Kubernetes Self Hosted runs perfectly in all managed Kubernetes from the major cloud providers including AWS EKS, GCP GKE and Azure’s AKS; and even in AWS GovCloud for government use cases.

It can also run in your own Virtual Private Cloud, making it even easier to control and monitor network access.

Scalable by Design

All CARTO services have been designed to be stateless. Running stateless workloads in Kubernetes is easy and lets you configure automated scaling policies to adapt to the load and fully maximize the usage of cloud resources.

This automated capability removes the need to manually provision and scale up or down resources as demand changes over time, avoiding any needless spend on cloud consumption. And as a fully cloud native platform, computation for CARTO’s analytical workloads happens in the cloud data warehouse environment itself, giving almost limitless scalability.

Flexible Deployment Options

If your regulatory environment or enterprise IT policies require you to run software in your private cloud, then CARTO Self Hosted for Kubernetes gives the security and flexibility required for larger scale deployments. In addition, we also offer CARTO Self Hosted with Docker which is an on-premise solution aimed at smaller scale cloud deployments.

CARTO SaaS vs CARTO with Kubernetes vs CARTO with Docker table

Getting Started

For more detailed information on the self-hosted version of the CARTO platform, check out our technical documentation and these Github resources. You can also reach out to the CARTO sales team for guidance on the best deployment option for your particular infrastructure requirements.

About the author
Álvaro Manera

Director of Engineering at CARTO

More posts from Álvaro Manera

Related Posts

Ready to optimize your territories with Location Intelligence?

Close circle icon

Contact us

Please fill out the below form and we'll be in touch real soon.