Uploaded image for project: 'Hybrid Cloud Infrastructure Documentation'
  1. Hybrid Cloud Infrastructure Documentation
  2. HCIDOCS-557

Document enabling secure boot by default

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • True
    • Hide
      .Secure boot disabled by default for {cc} on Azure

      Secure boot is disabled by default for {cc} on Azure. This is a security risk. To work around this problem, set `ENABLE_SECURE_BOOT` to `true` when you link:https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/{osc-version}/html-single/user_guide/index#creating-peer-pods-config-map_azure-cc[update the peer pods config map].
      Show
      .Secure boot disabled by default for {cc} on Azure Secure boot is disabled by default for {cc} on Azure. This is a security risk. To work around this problem, set `ENABLE_SECURE_BOOT` to `true` when you link: https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/ {osc-version}/html-single/user_guide/index#creating-peer-pods-config-map_azure-cc[update the peer pods config map].
    • Known Issue
    • Done
    • HCIDOCS 2024#11
    • 1

      Description

      Following default peer pods configmap setup(https://docs.redhat.com/en/documentation/openshift_sandboxed_containers/1.7/html/user_guide/deploying-on-azure#creating-peer-pods-config-map_azure-cc), the secure boot with confidential containers is disabled. We need to tell users how to enable secure boot by default in OSC.

      Steps to reproduce

      1. Start a peer-pods VM in Azure with TDX VM size, check the PodVM page in Azure, you can see that "Enable secure boot" is "Disabled".

      2. Adding ENABLE_SECURE_BOOT: "true" in peer-pods-cm, restart the CAA pod. Re-check the PodVM page in Azure, you can see that "Enable secure boot" is "Enabled".

      Expected result

      We need to document this to tell people how to enable secure boot by default in OSC.

      Actual result

      There is no such documentation.

      Impact

       

      Env

      OCP 4.16, OSC 1.7.

      Additional helpful info

      <logs, screenshot, doc links, etc.>

        1. Screenshot from 2024-11-01 15-48-36.png
          Screenshot from 2024-11-01 15-48-36.png
          13 kB
        2. Screenshot from 2024-11-01 16-30-48.png
          Screenshot from 2024-11-01 16-30-48.png
          13 kB

              rhn-support-jowilkin John Wilkins
              rhn-support-pezhang Pei Zhang
              Pradipta Banerjee Pradipta Banerjee
              John Wilkins John Wilkins
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

                Created:
                Updated:
                Resolved: