Uploaded image for project: 'OpenShift API Server'
  1. OpenShift API Server
  2. API-1509

APIserver encryption cipher for etcd


    • Icon: Epic Epic
    • Resolution: Done
    • Icon: Critical Critical
    • openshift-4.13
    • None
    • None
    • APIserver encryption cipher for etcd
    • False
    • False
    • Yellow
    • To Do
    • OCPSTRAT-370 - Update ETCD datastore encryption to use AES-GCM instead of AES-CBC
    • Impediment
    • OCPSTRAT-370Update ETCD datastore encryption to use AES-GCM instead of AES-CBC
    • 0% To Do, 6% In Progress, 94% Done

      Epic Goal*

      What is our purpose in implementing this?  What new capability will be available to customers?

      The Kube APIserver is used to set the encryption of data stored in etcd. See https://docs.openshift.com/container-platform/4.11/security/encrypting-etcd.html


      Today with OpenShift 4.11 or earlier, only aescbc is allowed as the encryption field type. 


      RFE-3095 is asking that aesgcm (which is an updated and more recent type) be supported. Furthermore RFE-3338 is asking for more customizability which brings us to how we have implemented cipher customzation with tlsSecurityProfile. See https://docs.openshift.com/container-platform/4.11/security/tls-security-profiles.html


      Why is this important? (mandatory)

      AES-CBC is considered as a weak cipher

      Scenarios (mandatory) 

      Provide details for user scenarios including actions to be performed, platform specifications, and user personas.  


      Dependencies (internal and external) (mandatory)

      What items must be delivered by other teams/groups to enable delivery of this epic. 

      Contributing Teams(and contacts) (mandatory) 

      Our expectation is that teams would modify the list below to fit the epic. Some epics may not need all the default groups but what is included here should accurately reflect who will be involved in delivering the epic.

      • Development - 
      • Documentation -
      • QE - 
      • PX - 
      • Others -

      Acceptance Criteria (optional)

      Provide some (testable) examples of how we will know if we have achieved the epic goal.  

      Drawbacks or Risk (optional)

      Reasons we should consider NOT doing this such as: limited audience for the feature, feature will be superseded by other work that is planned, resulting feature will introduce substantial administrative complexity or user confusion, etc.

      Done - Checklist (mandatory)

      The following points apply to all epics and are what the OpenShift team believes are the minimum set of criteria that epics should meet for us to consider them potentially shippable. We request that epic owners modify this list to reflect the work to be completed in order to produce something that is potentially shippable.

      • CI Testing -  Basic e2e automationTests are merged and completing successfully
      • Documentation - Content development is complete.
      • QE - Test scenarios are written and executed successfully.
      • Technical Enablement - Slides are complete (if requested by PLM)
      • Engineering Stories Merged
      • All associated work items with the Epic are closed
      • Epic status should be “Release Pending” 

        Docs Tracker Sub-task Closed Undefined Unassigned
        PX Tracker Sub-task Closed Undefined Unassigned
        QE Tracker Sub-task Closed Undefined Unassigned
        TE Tracker Sub-task Closed Undefined Unassigned

            dgrisonn@redhat.com Damien Grisonnet
            tkatarki@redhat.com Tushar Katarki
            Deepak Punia Deepak Punia
            0 Vote for this issue
            12 Start watching this issue