-
Feature
-
Resolution: Unresolved
-
Medium
-
None
-
None
-
None
-
None
-
BU Product Work
-
False
-
None
-
False
-
KATA-2603Enhanced protection for data in-use (CoCo)
-
Not Selected
-
-
-
0
-
0
The SecureComms feature, see SecureComms Doc secures the communication between the cluster Worker Nodes and Peer Pods.
Goal
Secure all control plane communication between cluster worker nodes and Peer Pods.
Requirements
- Secure Comms depend on a KBS service. Trustee should be installed prior to setting up Secure Comms - See instructions
- Secure Comms is enforced by the podvm image, an appropriate podvm image need to be created with Secure Comms feature enabled before - See instructions
- Enabling CAA Secure Comms feature is done using a config map. - See instructions.
- Adding named tunnels to SecureComms is optional and allow us to introduce future enhancements more easily - See instructions.
Acceptance criteria
1. Ability to deploy working peer-pod with SecureComms enabled by CAA.