Phase 1 - Prerequisites
18 days ago
The guides in this section walk you through the steps required to install CircleCI server in an air-gapped environment.
Required components for air-gapped installation
The following table shows an overview of the prerequisites required to run an air-gapped CircleCI server installation. These items must be present in your air-gapped environment in order to move forward with the installation.
| Component | Used for |
|---|---|
Container registry |
Hosting CircleCI server images for Kubernetes |
A Kubernetes cluster |
Running CircleCI server |
An object storage system (MinIO) |
Object and artifact storage |
GitHub Enterprise |
Source of code for CircleCI server to build |
Nomad Virtual Machines |
Machines for running Nomad |
1. Copy images
CircleCI server is deployed into a Kubernetes cluster using a Helm chart. You will need to copy the latest images and charts from CircleCI into your virtual environment. All images referenced in the CircleCI Helm chart must be accessible within your air-gapped environment.
a. Log in to CircleCI server container registry
Access to the images you need for your installation requires you to use a username and token, which will be provided by CircleCI. Access the CircleCI support portal for more information.
docker login cciserver.azurecr.io --username <your-circleci-provided-username> --password <your-circleci-provided-token>b. Download all images required for this release
Download all images required for the release of CircleCI server to your local machine. This list contains all required images for the Helm installation, the CircleCI Agent, and the Reality Check testing tool.
SERVER_4_8_IMAGE_LIST=`cat <<EOF
cciserver.azurecr.io/api-gateway:0.1.61921-e4a01bc
cciserver.azurecr.io/api-service:0.1.23605-22918fa9
cciserver.azurecr.io/approval-job-provider-migrator:1.0.24272-104c03c
cciserver.azurecr.io/audit-log-service:0.1.2397-a7da5d4
cciserver.azurecr.io/authentication-svc:0.1.58969-58c1074
cciserver.azurecr.io/authentication-svc-migrator:0.1.17533-7681416
cciserver.azurecr.io/branch-service:0.1.10733-b86ee0b
cciserver.azurecr.io/branch-service-migrator:0.1.10732-b86ee0b
cciserver.azurecr.io/builds-service:1.0.8057-3dd0d4a
cciserver.azurecr.io/builds-service-migrator:1.0.8057-3dd0d4a
cciserver.azurecr.io/ciam:0.1.51820-dfc780b
cciserver.azurecr.io/ciam-gateway:0.1.15510-aca155b
cciserver.azurecr.io/circle-www-api:0.1.725594-01d33257c1
cciserver.azurecr.io/contexts-service:0.1.26685-0844d30
cciserver.azurecr.io/contexts-service-migrator:0.1.26684-0844d30
cciserver.azurecr.io/cron-service:0.1.7106-14eb552
cciserver.azurecr.io/cron-service-migrator:0.1.7106-14eb552
cciserver.azurecr.io/distributor:0.1.143907-6257ecb2
cciserver.azurecr.io/distributor-migrator:0.1.143910-6257ecb2
cciserver.azurecr.io/docker-provisioner:0.1.42238-2278cdc
cciserver.azurecr.io/domain-service:0.1.20023-880e5de
cciserver.azurecr.io/domain-service-migrator:0.1.20025-880e5de
cciserver.azurecr.io/execution-gateway:0.1.26003-62eb568
cciserver.azurecr.io/feature-flags:0.1.9673-ea619de
cciserver.azurecr.io/init-known-hosts:1.0.333-bcdc3e8
cciserver.azurecr.io/insights-service:0.1.96976-fbd87a8e
cciserver.azurecr.io/insights-service-migrator:0.1.96977-fbd87a8e
cciserver.azurecr.io/machine-provisioner:0.1.102339-0c4ebfaf
cciserver.azurecr.io/machine-provisioner-migrator:0.1.102342-0c4ebfaf
cciserver.azurecr.io/orb-service:0.1.110147-b317b0cf
cciserver.azurecr.io/orb-service-analytics-migrator:0.1.110149-b317b0cf
cciserver.azurecr.io/orb-service-migrator:0.1.110147-b317b0cf
cciserver.azurecr.io/output:0.1.32248-8bfeb8d
cciserver.azurecr.io/permissions-service:0.1.51818-dfc780b
cciserver.azurecr.io/permissions-service-migrator:0.1.51817-dfc780b
cciserver.azurecr.io/policy-service:0.1.10884-ac563e1
cciserver.azurecr.io/public-api-service:0.1.38704-762b942
cciserver.azurecr.io/runner-admin:0.1.31309-435cddd
cciserver.azurecr.io/runner-admin-migrator:0.1.31306-435cddd
cciserver.azurecr.io/server-license:1.0.90-16b88b3
cciserver.azurecr.io/server-mongodb:3.6.22-debian-9-r38
cciserver.azurecr.io/server-postgres:12.16.37-7629bfd
cciserver.azurecr.io/server-postgres:12.22.1872-8d69c45
cciserver.azurecr.io/server-rabbitmq:3.12.1805-b227531
cciserver.azurecr.io/server-redis:6.2.2471-c0995cc
cciserver.azurecr.io/step:0.1.10419-7c172f9
cciserver.azurecr.io/vault-cci:0.4.196-1af3417
cciserver.azurecr.io/webhook-service:0.1.13227-f34e006
cciserver.azurecr.io/webhook-service-migrator:0.1.13225-f34e006
cciserver.azurecr.io/web-ui:0.1.395854-f2b912aa4e
cciserver.azurecr.io/web-ui-authentication:0.1.119922-bd2b764ed5
cciserver.azurecr.io/web-ui-server-admin:0.1.343268-131c60cc18
cciserver.azurecr.io/workflows-conductor:1.0.24272-104c03c
cciserver.azurecr.io/workflows-conductor-migrator:1.0.24272-104c03c
circleci/picard:1.0.295093-server-4.8-1bf56e99
docker.io/library/telegraf:1.34-alpine
hashicorp/nomad:1.10.0
hashicorp/nomad-autoscaler:0.4.6
kong:3.4.2
nginxinc/nginx-unprivileged:1.28.0
quay.io/soketi/soketi:1.6-16-distroless
EOF
`echo $SERVER_4_8_IMAGE_LIST | while read -r image; do docker pull $image; done2. Copy charts
Next steps
Once the steps on this page are complete, go to the Phase 2 - Configure object storage guide.