Uploaded image for project: 'Multiple Architecture Enablement'
  1. Multiple Architecture Enablement
  2. MULTIARCH-685

Exploit CryptoExpress (CEX) Adapters in Container Workload in RHOCP on Z/LinuxONE

XMLWordPrintable

    • Support CryptoExpress (CEX) Adapters in RHOCP and make them available to containers.
    • False
    • False
    • Done
    • s390x
    • Planned
    • 0% To Do, 0% In Progress, 100% Done
    • Undefined

      Enable container workload to use IBM CryptoExpress (CEX) cards to perform cryptographic operations on an HSM level. In particular, enable containers to use secure and protected key cryptography. This enablement is about to provide a Kubernetes device plugin to make CEX resources (APQNs) available to containers in PODs as extended resources.

      The development of the Kubernetes device plugin is handled by IBM Linux and will be provided in a github community.

      Note that this is not about supporting CEX to be consumed by RHCOS itself (e.g. LUKS disk encryption).

      References

      Epic onĀ  IBM internal github: https://github.ibm.com/OpenShift-on-Z/Planning/issues/58

              hbrueckner Hendrik Brueckner
              hbrueckner Hendrik Brueckner
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: