Airgapped Environment

Hello,

Can Pulp work in an airgapped environment? Any information regarding this would be very helpful.

Thank you in advance!

Pulp can absolutely work to serve content within an airgapped environment.

The question is always how is that content going to go from the big bad world out there into your airgapped environment, and there are several Pulp native options I can think of:

• Pulp export/import: You have a Pulp instance outside your airgapped environment, you sync content to it as normal, you evaluate that content any way you wish, export it with Pulp export, carry the files into your airgapped environment, and import them on a second Pulp instance in your airgapped environment.
• Sync from disk: You store your upstream repos on a disk outside your airgapped environment, carry it into your airgapped environment (after evaluating as much as you like), and then sync from disk to Pulp on your Pulp server in your airgapped environment.
• Pulp to Pulp sync (with a small well defined hole in your airgapped environment): You have a Pulp instance outside and another Pulp instance inside your airgapped environment. You create enough of a hole in your airgapped environment to allow for a Pulp to Pulp sync.
• Mirror to Pulp within airgapped environment. You create a repo mirror server within your airgapped environment using any method, and then you sync from that mirror to your Pulp instance. (Though in this version there is a question how much you gain over just using your mirror directly.)

That is just a few options I can come up with. I am sure there are additional variations. Each with their own advantages and draw backs and security implications.

Great summary!
The only idea, I can add is to carry the packages individually over the airgap and upload them one by one. Probably the least viable option when you want to serve the same content as outside, but gives you more control about what exactly is served inside.