Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3005

Enabling SecureComms in CoCo PeerPods

XMLWordPrintable

    • Icon: Feature Feature
    • Resolution: Unresolved
    • Icon: Medium Medium
    • None
    • None
    • None
    • None
    • BU Product Work
    • False
    • None
    • False
    • KATA-2603Enhanced protection for data in-use (CoCo)
    • Not Selected
    • 0
    • 0

      The SecureComms feature, see SecureComms Doc secures the communication between the cluster Worker Nodes and Peer Pods.

      Goal

      Secure all control plane communication between cluster worker nodes and Peer Pods. 

       

      Requirements

      1. Secure Comms depend on a KBS service. Trustee should be installed prior to setting up Secure Comms - See instructions
      2. Secure Comms is enforced by the podvm image, an appropriate podvm image need to be created with Secure Comms feature enabled before  - See instructions
      3. Enabling CAA Secure Comms feature is done using a config map. - See instructions.
      4. Adding named tunnels to SecureComms is optional and allow us to introduce future enhancements more easily - See instructions.

       

      Acceptance criteria

      1. Ability to deploy working peer-pod with SecureComms enabled by CAA.

       

       

            Unassigned Unassigned
            dhadas David Hadas
            David Hadas
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: