Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3005

Enabling SecureComms in CoCo PeerPods

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • None
    • None
    • None
    • BU Product Work
    • False
    • None
    • False
    • KATA-2603protection for data in-use (CoCo)
    • Not Selected
    • 0
    • 0

      The SecureComms feature, see SecureComms Doc secures the communication between the cluster Worker Nodes and Peer Pods.

      Goal

      Secure all control plane communication between cluster worker nodes and Peer Pods. 

       

      Requirements

      1. Secure Comms depend on a KBS service. Trustee should be installed prior to setting up Secure Comms - See instructions
      2. Secure Comms is enforced by the podvm image, an appropriate podvm image need to be created with Secure Comms feature enabled before  - See instructions
      3. Enabling CAA Secure Comms feature is done using a config map. - See instructions.
      4. Adding named tunnels to SecureComms is optional and allow us to introduce future enhancements more easily - See instructions.

       

      Acceptance criteria

      1. Ability to deploy working peer-pod with SecureComms enabled by CAA.

       

       

              bpradipt Pradipta Banerjee
              dhadas David Hadas
              David Hadas
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated: