The data never touches the internet. The network is sealed. No paths in, no paths out. This is the promise—and the challenge—of air-gapped deployment.
When you run critical workloads in air-gapped environments, every dependency must be controlled, every channel secured. There are no external calls. No unverified registries. No surprise updates. In this isolation, service mesh security becomes both more vital and more complex. Without the cloud to lean on, the control plane, data plane, and traffic policies must still be watertight.
A modern service mesh in an air-gapped setup must ensure strong mutual TLS across all services. It should deliver fine-grained policy enforcement while running with zero reliance on public network reachability. Certificate rotation, workload identity, and telemetry must all function behind the firewall without leaking metadata or service discovery patterns. Observability tools must be built for offline operation, storing and processing metrics locally without sacrificing insight.
The security model in air-gapped deployments is unforgiving. Misconfiguration that might be harmless on a connected network can become a silent failure here. Every ingress is intentional. Every egress is scrutinized. Image provenance, binary signatures, and artifact attestations are non-negotiable. Automated deployment pipelines must source from trusted mirrors inside the gap, and images must be scanned against policies that never query the outside world.
Isolation raises unique problems in service mesh upgrades. You cannot just pull a new control plane container from an online repository. Mesh upgrades must be planned, shipped, and validated entirely inside your private environment. Compatibility testing becomes a core security control, because patching late is not an option.
A robust approach to air-gapped service mesh security also means thinking about how developers interact with the environment. Tools must be designed to work locally without degrading experience. CLI commands, dashboards, and configuration APIs should be available without complex workarounds.
This is why many teams use purpose-built platforms that simplify and harden air-gapped deployments from day one. hoop.dev lets you deploy and explore the entire service mesh stack in isolation, configured for maximum security, in minutes. Go see it live and cut months off your path to a production-ready, air-gapped mesh.