If you have already configured an Airgap server in an Internet-restricted environment in Telco Cloud Automation, deploy a new Airgap server version 2.1 for additional resource requirements and configure it according to your usage.


Back up the certificates from the existing airgap server to your desktop or jump box.


  1. Deploy and Configure a new Photon OS VM to prepare the Airgap server. For instructions, see Deploy and Configure an Airgap Server VM.

    Ensure that FQDN and IP address of the new airgap server are the same as the existing airgap server installed in the Telco Cloud Automation environment.

  2. Follow the Prerequisites for Setting up the Airgap Repository.

    Ensure that the management network of the new airgap server has internet access.

  3. Set up the Airgap Server.
    1. On an Internet-accessible machine, download the VMware-Telco-Cloud-Automation-airgap-files-2.1.0-<build-number>.tar.gz file from the VMware Downloads page and extract it to the /root/ folder.
    2. Create a copy of the setup-user-inputs.yml file as user-inputs.yml.
      #cd /root/airgap/scripts/vars/
      #cp setup-user-inputs.yml user-inputs.yml
    3. Update the following parameters in the user-inputs.yml file. For more information, see the Telco Cloud Automation documentation. A sample configuration of parameters is as follows:
      #1. General Configurations
        - name: "tca"
          versions: "2.1.0-"
      server_fqdn: <user Airgap FQDN name>
      root: /root/airgap/
      secondary_disk_name: /dev/sdb
      photon_disk_size: 200
      harbor_disk_size: 100
      docker_disk_size: 200
      #2. Additional Disk Configurations
      single_disk: False
      #3. Server Certificate Configurations 
      #False: customer bring certificate
      #True: Playbook will generate a private root CA
      auto_generate: False
      server_cert_path: /root/certs/FQDN.cert
      server_cert_key_path: /root/certs/FQDN.key
      ca_cert_path: /root/certs/ca.crt
      #4. Harbor Configurations
      harbor_password: <Admin user password for Airgap>
    4. Copy the backed-up certificates of the existing airgap server to the new airgap server under the /root/certs/ folder.
    5. Prepare the Airgap server and download all the required repositories:
      #cd /root/airgap/
      #scripts/bin/run.sh setup

      Depending on the number of repositories you download from the Internet, this command takes 3-6 hours to run.

  4. Move the new Airgap server from the Internet-accessible environment to Internet-restricted environment.

What to do next

Validate the Airgap Server Setup.