v2026.04
Read release notes
exAI Agentic OSexAI
Join the waitlist
§ 01 / 06
Self-hosted · BYOC · air-gappedHelm chart · K8s 1.29+For SRE & platform teams.
chart v2026.04 · signed · operational
exAI Agentic OS · operator handbook

Stand it up inside
your own perimeter.

One Helm chart. Three deployment shapes. Your Postgres, your NATS, your KMS — bring the data plane you already operate.

This page is the operator handbook for SREs and platform teams standing up exAI inside their own VPC, their own data centre, or a sealed air-gapped site. No marketing — install command, sizing tiers, runtime requirements, upgrade flow, and the airgap mode that ships zero outbound bytes.

Helm chartTalk to deployment engineer
Helm 3.13+ chartCustomer-owned Postgres / NATSOn-host KMS · KMIPAir-gapped release channel
Install · references
chart #v2026.04
Kubernetes minimum
0.00+
API · 1.29 / 1.30 / 1.31 tested
Reference VPC topologies
0
AWS · GCP · Azure · on-prem
P50 install time
0 min
from helm install to first run
Outbound egress · air-gapped
0
no callback · no telemetry · sealed
chart.signed · cosign verify● green
Fig. 01 · install envelopeReference targets · BYOC ready
§ 02 / 06
Three deployment modes

Same chart.
Three postures.

Pick the posture that matches your regulator, your network, and your team. Every mode boots from the same Helm chart, the same audit log schema, the same control plane API. No second-class installations, no feature drift between shapes.

01 · Multi-tenant managedwe run it

Multi-tenant managed

Shared control plane operated by exAI on AWS · GCP · Azure. Per-tenant Firecracker pools, per-tenant KEKs, isolated NATS subjects. The fastest path to first useful run.

Spec · enforced
  • Fully managed control plane
  • Per-tenant data isolation guarantees
  • 99.95% SLA · 24×7 SRE rotation
  • SOC 2 Type II · ISO 27001 inherited
Best for · teams without an SRE function
02 · BYOCyour cloud account

BYOC · your AWS / GCP / Azure

Single-tenant control plane provisioned into your own cloud account. exAI manages the workload, your CISO holds the keys. Network never leaves your VPC.

Spec · enforced
  • Customer-owned VPC · subnets · KMS
  • exAI-managed lifecycle · upgrades · pages
  • Cross-account IAM · least-privilege role
  • Audit log streamed to your CloudTrail / SIEM
Best for · regulated workloads with cloud-team capacity
03 · Air-gapped on-premyou run it · sealed

Air-gapped on-prem

Full offline install onto your own metal or private cloud. Signed model artefact bundles delivered via physical media. Zero outbound egress required, ever, by design.

Spec · enforced
  • Helm chart · 100% offline install
  • Cosign-verified model bundles · USB · NAS
  • Local-only telemetry · audit to your SIEM
  • Quarterly air-gapped release channel
Best for · banking · energy · defense-adjacent · sovereign
Helm chart parity across all three modesSame audit log schema · same control plane APIOne SRE rotation · 24×7
Inspect the Helm chart
§ 03 / 06
Helm chart · install

One chart.
Two values files.

The chart splits cleanly into a control plane and a data plane. The control plane is the workload exAI ships and upgrades. The data plane is yours — your Postgres, your NATS, your object storage — wired in via short, declarative values.

The chart structure is intentional: a top-level controlPlane block and a top-level dataPlane block. Control plane values cover replicas, ingress, image pull secrets, and signing keys. Data plane values point at the Postgres, NATS, and object storage you already operate.

exAI does not embed a Postgres, a NATS, or a MinIO. We refuse to operate the customer's persistent data. The chart accepts connection strings, KMS ARNs, and bucket references — that's it. Your DBA team owns durability, your platform team owns the message bus, and the audit log flushes to your S3 bucket under your KMS key.

Upgrades are a normal helm upgrade with a one-shot migration job. Rollbacks are first-class: every release ships with a tested down-migration and a signed manifest of what changed.

Sizing tiersAir-gapped install
ops@bastion · ~/exai
helm 3.13+
$ helm repo add exai https://charts.exai.dev
$ helm install exai exai/exai-platform \
$   --namespace exai-system \
$   --create-namespace \
$   --values values.production.yaml
release · exai · namespace · exai-system● ready
Kubernetes
≥ 1.29
1.29 · 1.30 · 1.31 covered in CI
Postgres
≥ 15
logical replication + pgvector enabled
NATS
≥ 2.10
JetStream cluster · 3 replicas
Object storage
S3-compatible
S3 · GCS · Azure Blob · MinIO
Fig. 03 · runtime requirementscustomer-managed
§ 04 / 06
Infrastructure · sizing tiers

Sized for your
seat count.

Three reference profiles — pilot, standard, strategic. The middle column is what most customers run. The numbers are list price for AWS BYOC; expect a 25–40% discount in your account with reserved capacity, and a different mix on GCP / Azure / on-prem.

Requirement
Pilot
50 seats
Standard● recommended
500 seats
Strategic
5,000 seats
Control plane vCPU
0
shared, burstable
0
dedicated · 3-AZ HA
0
regional · multi-AZ
Control plane RAM
0 GiB
Postgres + NATS in-cluster
0 GiB
split · split out Postgres
0 GiB
managed Postgres + NATS
Postgres
0 GiB
single instance · daily PITR
0 TiB
primary + 2 replicas · streaming
0 TiB
Aurora-class · TDE · cross-region
Object storage
0 TiB
snapshots + audit log
0 TiB
warm + cold tier · 7y retention
0 TiB
tiered · 10y WORM available
Firecracker hosts
0
8 vCPU · 32 GiB each
0
32 vCPU · 128 GiB each
0
64 vCPU · 256 GiB each
Total monthly compute
$0
list price · BYOC reference
$0
list price · BYOC reference
$0
list price · enterprise discount
List price · AWS BYOC referenceStandard tier · 3-AZ · production-readyReserved capacity discount applies
Architect a sizing
§ 05 / 06
Air-gapped operations

No callback.
No telemetry. Sealed.

The hardest deployment shape we ship. Tested in classified-tier facilities, OT/ICS networks, sanctioned regions, and SCIFs. Designed against a single rule — zero outbound bytes, ever — and verified against it in CI.

Air-gapped mode is not a managed-cloud feature with the internet turned off. It is a separate release channel, built every quarter, signed end-to-end, and shipped to you as a single tarball with a manifest of every byte inside it.

Model artefacts are delivered the same way — on signed, encrypted physical media, hand-walked through the procurement chain into the secure facility. The bundle contains weights, tokenizer, and a cosign signature that your inbound process verifies before any byte touches the data plane.

At runtime there is no callback path. The audit log streams to your local SIEM only. There is no support tunnel that phones home, no diagnostic that uploads, no licence check that pings — every line of this is audited against an airgap-verifier in our own CI before a release tag is cut.

Used by ·bankingenergytelecomhealthcaredefense-adjacent
01 · spec
Signed model bundles
cosign-verified · ed25519 keychain
02 · spec
Local Postgres
TDE-enabled · pgcrypto · KMIP-bound
03 · spec
On-host KMS
CloudHSM · Thales Luna · SoftHSM
04 · spec
Update channel
quarterly air-gapped release · USB
Fig. 05 · airgap operating envelopeverified against airgap-verifier
§ 06 / 06
Self-hosted · final cut

Your data plane. Yours.

Helm chart. Customer-managed Postgres, NATS, KMS. Three deployment shapes. One audit log schema. No second-class installation, no second-tier support. Bring it inside your perimeter — or run it sealed, offline, signed.

Get the Helm chartSchedule install workshop
Kubernetes 1.29+Helm 3.13+Signed artefactsLocal KMSOn-prem GPU pools (HPE)
Operator handbook · v2026.04chart · charts.exai.devdeploy@exai.dev · PGP fingerprint on request