Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-2844

Evaluate Support for Confidential Containers on private clusters

XMLWordPrintable

    • Icon: Epic Epic
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • None
    • None
    • None
    • Evaluate Support for Confidential Containers on private clusters
    • BU Product Work
    • False
    • None
    • False
    • KATA-2843support Confidential Containers on ARO private clusters with and without UDR
    • Not Selected
    • To Do
    • KATA-2843 - support Confidential Containers on ARO private clusters with and without UDR
    • 100% To Do, 0% In Progress, 0% Done
    • No
    • 0
    • 0

      Epic Goal

      • Ensure confidential containers can be deployed and run effectively on ARO private clusters, with and without UDR, by conducting comprehensive manual testing.

      Why is this important?

      • Confidential Containers are key to enhancing the security and privacy of applications on ARO private clusters. Ensuring they work with both standard and UDR network configurations widens secure deployment options for users.
      • Early manual testing helps identify potential issues, allowing for focused development and improvements, ensuring a solid foundation for automation and documentation.
      • This phase is critical for establishing a robust support framework for confidential containers, supporting further testing, development, and documentation efforts.

      Scenarios

      1. Cluster administrator able to deploy OpenShift sandboxed containers operator on a standard ARO private cluster and enable the confidential containers feature.
      2. Cluster administrator able to deploy OpenShift sandboxed containers operator on an ARO private cluster with UDR and enable the confidential containers feature.
      3. Successful deployment of a sample application using confidential containers on both types of clusters.
      4. Verification of the expected security and performance benchmarks of confidential containers in the different cluster configurations.

      Acceptance Criteria 

      (The Epic is complete when...)

      1. A simple confidential container can be successfully deployed and runs as expected in a test environment on a private ARO cluster without UDR.
      2. The same simple confidential container can also be successfully deployed and runs as expected in a test environment on a private ARO cluster with UDR.
      3. Initial findings, including any challenges encountered during the deployment and operation of the confidential container in both environments, are documented. This documentation should provide a basis for understanding whether further detailed testing or development work is needed.

      Additional context:

      • The outcomes of this epic will guide subsequent actions, potentially including development work to address gaps identified, creation of automated tests based on manual testing scenarios, and updates to documentation with best practices and troubleshooting tips.
      • Collaboration with the security team is essential to ensure the confidential containers meet all security standards.
      • Feedback from cluster administrators during manual testing could offer valuable insights into usability and potential enhancements.

      Additional context:

      https://learn.microsoft.com/en-us/azure/openshift/howto-create-private-cluster-4x
      https://docs.openshift.com/container-platform/4.15/installing/installing_azure/installing-azure-private.html

              Unassigned Unassigned
              jfreiman Jens Freimann
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: