Airgap installation

Wickr Enterprise and KOTS both support deployment into a fully airgapped Kubernetes cluster. You must provide access to a Private Docker Image Registry that is reachable from the airgapped Kubernetes cluster. The Private Docker Image Registry supplied to KOTS must be secured with username/password authentication to function correctly for this purpose. KOTS will utilize the Private Docker Image Registry to host all of the Wickr Enterprise images.

Run the following commands to deploy KOTS and Wickr Enterprise on your airgapped kubernetes cluster. These commands upload the KOTS admin images and the the Wickr Enterprise images to the Private Docker Image Registry. After the commands finish you will be prompted to access the KOTS Admin Console to complete the Wickr Enterprise installation as above.

kubectl kots admin-console push-images \
  ~/kotsadm.tar.gz $PRIVATE_REGISTRY_HOST \
  --registry-username $PRIVATE_REGISTRY_USER \
  --registry-password $PRIVATE_REGISTRY_PASSWORD
  
kubectl kots install wickr \
  --license-file ~/YOUR_LICENSE.yaml \
  --airgap-bundle ~/wickr.airgap \
  --kotsadm-registry $PRIVATE_REGISTRY_HOST \
  --registry-username $PRIVATE_REGISTRY_USER \
  --registry-password $PRIVATE_REGISTRY_PASSWORD

Mobile notification for airgap installs

Additional networking allow lists are necessary for push notifications from server backend to mobile clients. This requirement is due to how Apple iOS and Google Android implement this feature for offline and background devices. Refer to the documentation for these services and allow list the specified IP addresses and ports.