I'm curious about how teams manage air-gapped or on-premises Kubernetes deployments. Our SaaS product serves data centers, and many of our clients have stringent security protocols for installations. We provide a Helm chart that can be easily deployed on various Kubernetes setups like EKS, but creating a script that includes all necessary Docker images, Helm charts, Kubernetes, and their dependencies is tricky. Some clients prefer RHEL while others opt for Ubuntu. I'm looking for practical insights on the following:
* How do you package and transfer container images and other dependencies?
* Do you bundle the Kubernetes installation or leave that to customers?
* What's your approach to handling upgrades and patches in offline scenarios?
* How repeatable is your deployment process across different environments?
I'd love to hear about experiences and solutions that work in real setups!
5 Answers
We developed an in-house tool that creates an archive file from a functioning cluster, allowing easy transitions between versions in air-gapped systems. It's essential to ensure everything is documented well, so the client knows how to proceed with updates.
Using Rancher with RKE2 works wonders for setting up air-gapped clusters, making provisioning much smoother. Just ensure you have a solid process in place for deployments.
You might want to explore tools like Defence Unicorn's Zarf, which help package dependencies neatly for deployment. It streamlines the process significantly, especially for air-gapped setups.
I wouldn't advise bundling Kubernetes because it can become incredibly complex with various hardware and software setups. Instead, ship just your application. Have customers manage their own Kubernetes installations to avoid overwhelming support issues later on. Also, make sure clients provide their own image registry, and remember to package your Docker images correctly before handing it all over.
To handle packaging and transferring container images and dependencies, it's best to use a private on-premises registry with limited internet access for updates. Without it, managing everything will get chaotic very quickly. You can check out the RKE2 documentation for some guidance on airgap installations. As for Kubernetes, it usually depends on your contract with the customer — both bundling and client installations are valid approaches.
Related Questions
How To Get Your Domain Unblocked From Facebook
How To Find A String In a Directory of Files Using Linux