If you need increased security for your Coder deployments, you can set up an air-gapped deployment.
Coder Enterprise's auto-generated licenses do not support air-gapped deployments.
To set up an air-gapped deployment, you must:
- Pull all Coder deployment resources into your air-gapped environment
- Push the images to your Docker registry,
- Deploy Coder from within your air-gapped environment
Before proceeding, please ensure that you've installed the following dependencies:
Step 1: Pull all Coder resources into your air-gapped environment
Coder Enterprise is deployed through helm, and the platform images are hosted in Coder's Docker Hub repo.
1a. Pull the helm Charts
Pull down the Coder Enterprise helm charts by running the following in a non-air-gapped environment:
helm repo add coder https://helm.coder.com
helm pull coder/coder
These commands will add Coder's helm charts and pull the latest stable release into a tarball file whose name uses the following format:
coder-X.Y.Z.tgz (X.Y.Z is the release number).
1b. Pull the Images
Pull the images for the Coder platform from the following Docker Hub locations:
You can pull each of these images from their
coderenvs/<img-name>:<coder-version> registry location using the image's name and Coder version:
docker pull coderenvs/coder-service:1.11.0
Step 2: Push the images to your Docker registry
Once you've downloaded the images, tag and push them to your internal Docker registry (this registry must be accessible from your air-gapped environment):
docker tag coderenvs/coder-service:1.11.0 my-registry.example.com/coderenvs/coder-service:1.11.0
docker push my-registry.example.com/coderenvs/coder-service:1.11.0
Step 3: Deploy Coder from within your air-gapped environment
Once all of the resources are in your air-gapped network, run the following to deploy Coder to your Kubernetes cluster:
kubectl create namespace coder
helm --namespace coder install coder /path/to/coder-X.Y.Z.tgz \
--set cemanager.image=my-registry.example.com/coderenvs/coder-service:1.11.0 \
--set envproxy.image=my-registry.example.com/coderenvs/coder-service:1.11.0 \
--set envbuilder.image=my-registry.example.com/coderenvs/envbuilder:1.11.0 \
--set timescale.image=my-registry.example.com/coderenvs/timescale:1.11.0 \
--set dockerd.image=my-registry.example.com/coderenvs/dockerd:1.11.0 \
Once deployed, follow the Installation steps to get the access URL and the temporary admin password. You will need these to proceed with setting up and configuring Coder using its UI.
You can configure your deployment to use the internal, built-in extension marketplace, allowing your developers to utilize whitelisted IDE extensions within your air-gapped environment. For additional details, see Extensions.