Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-5291

[RFE] Improve the bootstrapping process to use authentication on the webserver or https connection which is only allowed from certain endpoints.

XMLWordPrintable

    • False
    • None
    • False
    • Not Selected

      1. Proposed title of this feature request

      Improve the bootstrapping process to use authentication on the webserver or https connection which is only allowed from certain endpoints.

      2. What is the nature and description of the request?
      The bootstrap.ign file used for install contains a lot of sensitive data, the documentation doesn't have warning to delete it after install/usage though doing this shouldn't be a additional task.
      The validity is for 24 hours though this file contains a lot secure information.
      The kubeconfig generated by the installer is valid for 10 years!
      There is also no information on the importance of putting access control on the webserver and how to integrate authentication into the bootstrapping process.
      So we would like to request a proper authentication and encryption at transport in order to secure it more.

      3. Why does the customer need this? (List the business requirements here)
      4. List any affected packages or components.

            racedoro@redhat.com Ramon Acedo
            rhn-support-pkhedeka Parikshit Khedekar
            Votes:
            2 Vote for this issue
            Watchers:
            8 Start watching this issue

              Created:
              Updated: