Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-8332

Secure the communication between the cluster worker nodes and Peer Pods

XMLWordPrintable

    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • OCPSTRAT-2027OpenShift Confidential Containers
    • None
    • None
    • None
    • None
    • None
    • None

      The SecureComms feature, see SecureComms Doc secures the communication between the cluster Worker Nodes and Peer Pods.

      Goal

      Secure all control plane communication between cluster worker nodes and Peer Pods. 

       

      Requirements

      1. Secure Comms depend on a KBS service. Trustee should be installed prior to setting up Secure Comms - See instructions
      2. Secure Comms is enforced by the podvm image, an appropriate podvm image need to be created with Secure Comms feature enabled before  - See instructions
      3. Enabling CAA Secure Comms feature is done using a config map. - See instructions.
      4. Adding named tunnels to SecureComms is optional and allow us to introduce future enhancements more easily - See instructions.

       

      Acceptance criteria

      1. Ability to deploy working peer-pod with SecureComms enabled by CAA.

       

       

              bpradipt Pradipta Banerjee
              dhadas David Hadas (Inactive)
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                None
                None