Skip to main content
We considered a semi-airgapped environment to be one where the target machine has limited internet access, is under a very restrictive firewall or proxy but still can pull some resources from the internet at least once during the initial setup.
Check out the proxy guide if you need to configure a proxy.
To Zylon installation is possible, at minimum all these requirements must be met:
  • It’s possible to run apt-get to install system dependencies
    • If apt is not available the following packages must be installed manually: gcc, make, wget, git, curl, gpg
  • The server clock is synchronized with a NTP server
  • All these domains are reachable:
    • get.zylon.ai
    • zylon-cli.s3.us-east-1.amazonaws.com
    • quay.io
    • ghcr.io
    • docker.io
    • registry.k8s.io
    • reg.kyverno.io
    • hugginface.co
    • xet.huggingface.co
    • nvidia.com
    • zylon-hf-mirror.s3.us-east-1.amazonaws.com
    • developer.download.nvidia.com
    • get.k0s.sh
    • raw.githubusercontent.com
    • github.com
    • openebs.github.io
    • stakater.github.io
    • kyverno.github.io
    • registry.k8s.io
    • reg.kyverno.io
    • *.github.io
    • replicated.app
    • api.replicated.com
    • proxy.replicated.com
These are the the docker images that will be downloaded during installation, hosted in docker, our private Zylon image repository, or github (versions might vary as we update Zylon) 
docker.io/alpine/k8s:1.29.13
docker.io/arizephoenix/phoenix:version-9.2.0
docker.io/bitnamilegacy/kubectl:1.25.15
docker.io/bitnamilegacy/minio:2025.3.12-debian-12-r0
docker.io/bitnamilegacy/postgres-exporter:0.15.0-debian-12-r36
docker.io/bitnamilegacy/postgresql:16.3.0-debian-12-r19
docker.io/bitnamilegacy/rabbitmq:3.13.4-debian-12-r0
docker.io/bitnamilegacy/redis-exporter:1.69.0-debian-12-r1
docker.io/bitnamilegacy/redis:7.4.2-debian-12-r6
docker.io/grafana/alloy:v1.7.4
docker.io/grafana/alloy:v1.8.1
docker.io/kubernetesui/dashboard-api:1.10.2
docker.io/kubernetesui/dashboard-auth:1.2.3
docker.io/kubernetesui/dashboard-metrics-scraper:1.2.2
docker.io/kubernetesui/dashboard-web:1.6.1
docker.io/library/kong:3.8
docker.io/openebs/linux-utils:4.2.0
docker.io/openebs/lvm-driver:1.6.1
docker.io/openebs/lvm-driver:1.8.0-develop
docker.io/openebs/provisioner-localpv:4.4.0-develop
docker.io/openebs/zfs-driver:2.6.2
docker.io/openebs/zfs-driver:2.9.0-develop
docker.io/qdrant/qdrant:v1.13.5
docker.io/replicated/replicated-sdk:1.0.0
ghcr.io/getsentry/sentry-kubernetes:latest
ghcr.io/jimmidyson/configmap-reload:v0.14.0
ghcr.io/stakater/reloader:v1.0.116
ghcr.io/superblocksteam/agent:v1.19.0
nvcr.io/nvidia/cloud-native/gpu-operator-validator:v24.9.2
nvcr.io/nvidia/gpu-operator:v24.9.2
nvcr.io/nvidia/k8s-device-plugin:v0.17.0
nvcr.io/nvidia/k8s/dcgm-exporter:3.3.9-3.6.1-ubuntu22.04
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-backend:0.101.7
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-docling:1.0.9
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-docling:1.0.9
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-frontend:1.86.6
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-gpt:0.68.1
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-gpt:0.68.5
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-gpt:0.68.6
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-sandbox:1.0.0
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-sandbox:1.0.0
proxy.replicated.com/proxy/zylon/918593742895.dkr.ecr.us-east-1.amazonaws.com/zylon-triton:1.8.0
quay.io/jetstack/cert-manager-acmesolver:v1.15.3
quay.io/jetstack/cert-manager-cainjector:v1.15.3
quay.io/jetstack/cert-manager-controller:v1.15.3
quay.io/jetstack/cert-manager-webhook:v1.15.3
quay.io/k0sproject/cni-node:1.3.0-k0s.0
quay.io/k0sproject/coredns:1.12.0
quay.io/k0sproject/kube-proxy:v1.32.1
quay.io/k0sproject/kube-router:v2.4.1-iptables1.8.9-0
quay.io/prometheus-operator/prometheus-config-reloader:v0.81.0
quay.io/prometheus/node-exporter:v1.9.0
reg.kyverno.io/kyverno/background-controller:v1.15.2
reg.kyverno.io/kyverno/cleanup-controller:v1.15.2
reg.kyverno.io/kyverno/kyverno:v1.15.2
reg.kyverno.io/kyverno/kyvernopre:v1.15.2
reg.kyverno.io/kyverno/reports-controller:v1.15.2
registry.k8s.io/metrics-server/metrics-server:v0.7.2
registry.k8s.io/nfd/node-feature-discovery:v0.16.6
registry.k8s.io/pause:3.9
registry.k8s.io/sig-storage/csi-node-driver-registrar:v2.13.0
registry.k8s.io/sig-storage/csi-provisioner:v5.2.0
registry.k8s.io/sig-storage/csi-resizer:v1.13.2
registry.k8s.io/sig-storage/csi-resizer:v1.8.0
registry.k8s.io/sig-storage/csi-snapshotter:v8.2.0
registry.k8s.io/sig-storage/snapshot-controller:v8.2.0

Requistes

You are required to have a local Zylon License in case api.replicated.com cannot be reached during operation time. To obtain your local Zylon License, please reach out to Zylon team.

Enable semi-airgapped environment

Add to the configuration file located in /etc/zylon/zylon-conf.yaml the following snippet: 
airgap:
  offline_operation: true
In case you need the local license add the type and data properties to the license block in the configuration file. 
license:
  email: "dev@zylon.ai" // remains as it was
  id: "2xo..." // remains as it was
  type: "Zylon"
  data: |-
    eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVC.eyJhdWQiOiJ6eWxvbi5haSIsImlzcyI6Inp5bG9uLmF
    pIiwic3ViIjoibWdhcmNpYUBiYW5zaS5jb20ubXgiLCJpYXQiOjE3NjEzMTYxMDcsImV4cCI6MTc5
    ...
    YWA9VSHEGmsoxFn85i0

Update process in a semi-airgapped environment

For all practical purposes, the update process is the same as the installation process, so the same requirements apply. (Note that only the incremental updates will be downloaded during the update process). This means, internet connectivity towards the mentioned domains.