Deploying to Air-Gapped Environments with Replicated - Technical Walkthrough

Paige Calvert and Kaylee McHugh
 | 
Nov 26, 2024

The team at Replicated built a robust suite of tools to support distributing enterprise software into self-hosted, air-gapped environments. While ISVs can quickly integrate these tools with their own applications and quickly start seeing telemetry, release management, and more from the Replicated platform, there’s a lot going on behind the scenes to ensure air gap deployments are a seamless experience for both the ISV and their end-customers. Paige Calvert, Documentation Manager at Replicated, walks through a diagram detailing how Replicated helps provide air gap support to customer-managed deployments.

Below is the full diagram, with different details emphasized throughout this walkthrough. 

Paige starts with a sample application. In her example this application has a Helm chart, and this Helm chart gets added to a release in the Replicated vendor portal. It’s not a requirement to use Helm with Replicated, but it is recommended. 

Within the release, you can see the KOTS HelmChart custom resource. The HelmChart custom resource is a YAML manifest that you can use to provide the necessary instructions to the Replicated KOTS installer for processing and preparing a chart for deployment. This KOTS HelmChart custom resource includes a builder key. In the builder key, you'll supply the minimum Helm values required so that the vendor portal can render the chart templates when building the air gap bundle for this release, ensuring that all the required images are included in that bundle.

In the specific example shown in this diagram, there's a Postgres value with enabled set to true. The idea here is that we have an optional Postgres resource included with our application. We configure the builder key to enable this optional resource so that the Postgres images are always included in the Air gap bundle for the release.  As we'll see later, this Postgres enabled value in the builder key maps to the values file for the application Helm chart.

Under the KOTS HelmChart custom resource in the release, other custom resources were included. Specifically, these are specs for support bundles and preflight checks, which are recommended for all applications. After creating the release, you can go into the vendor portal to build the air gap bundle. It's possible to have air gap bundles automatically built for all new releases or to manually build the air gap bundle by clicking a button in the vendor portal, as shown here. When you build the air gap bundle, there's a few things going on behind the scenes. First, the Helm values are set based on the values supplied in the KOTS HelmChart custom resource. In this case, that Postgres enabled key is set based on the builder key. 

Then, chart templates are rendered by running the ‘helm template’ command. The vendor portal then uses the images listed in the output of the Helm template command to build the air gap bundle for the release and these images are also pushed to our internal Replicated OCI registry where they can be accessed by end customers during installation through our proxy registry.

Finally, these assets are made available to end customers through the replicated Download Portal. After logging into the download portal with their unique password, your customers can find information about how to download the air gap bundle itself if they plan to install with KOTS in an existing cluster. Or, they can also download the assets needed to install on a VM or bare metal server with the Replicated Embedded Cluster Installer. In this case, the binary for the Embedded Cluster Installer and the air gap bundle are grouped together as a single downloadable asset.

Lastly, end customers will also see instructions for how to authenticate with the replicated proxy registry, so that they can pull all the images needed to install from the OCI registry. They will then tag and push those images to their local private registry to perform an air gap installation. 

Thanks for reading, and happy air gapping!