Important Notes and Guidelines

This topic lists some important notes and guidelines that you must follow when working with VMware Telco Cloud Automation in an air-gapped environment.

CNF Catalog Design

Since cluster nodes in the isolated network cannot access the Internet, ensure that all images and dependencies of the Helm charts or any other software used by CNFs during instantiation are already provided in the Harbor repository. This Harbor repository must be accessible from the air-gapped Kubernetes clusters. Use Helm Property Overrides or the updated values.yaml files to point to the local Harbor repositories.
If your CNF requires access to workflows or designs, ensure that they are accessible from the air-gapped Kubernetes clusters.

Kubernetes Cluster Deployment

Kubernetes clusters can lose connection with the air-gapped server if you change the FQDN, IP address, or certificates after deployment.
It is recommended to keep a backup of all certificates, keys, FQDN, and IP addresses of the air-gapped server.
The air gap solution in 1.9.5 only works in a restricted Internet-accessing environment with DNS service, so that the clusters can resolve the address of the air-gapped server.
Configure the workload cluster with air gap settings that are similar to its related Management cluster. VMware Telco Cloud Automation does not validate these settings. However, workload cluster deployment fails if the air gap settings on the Workload cluster and the Management cluster are different.
The air-gapped server works only on a newly deployed Kubernetes cluster, or on a Management cluster that is deployed on a newly deployed Kubernetes cluster. The air-gapped server does not work on existing Kubernetes clusters that are upgraded from previous VMware Telco Cloud Automation versions. It also does not work on workload clusters deployed on existing Management clusters that are upgraded from previous VMware Telco Cloud Automation versions.
To deploy a Management cluster, the VMware Telco Cloud Automation Control Plane must be able to access the air-gapped server that is set to the Management cluster.

VMware Telco Cloud Automation Upgrades

Since the VMware Telco Cloud Automation appliances do not communicate with the Telco Cloud server, they cannot check for updates or cannot receive upgrade notifications. Scheduling upgrades is not supported. For steps to upgrade manually, see the VMware Telco Cloud Automation Deployment Guide.

Supported Versions

This guide is written for VMware Telco Cloud Automation 1.9.5, VMware Tanzu Kubernetes Grid 1.3.1, and k8s v1.20.5+vmware.2. VMware does not guarantee the feasibility on other versions.