Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-8666

HCP KubeVirt support for rootdisk encryption and automatic (vTPM) unlock

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Unresolved
    • Icon: Major Major
    • None
    • openshift-4.20
    • Hosted Control Planes
    • None
    • None
    • Product / Portfolio Work
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      1. Proposed title of this feature request
      HCP KubeVirt Nodepool support for rootdisk encryption and automatic (vTPM) unlock

      2. What is the nature and description of the request?
      The Hosted Control Planes (with KubeVirt provider) do not provide an option to enable (LUKS) rootdisk encryption on the KubeVirt VirtualMachines, which is possible on a "classic" installation [1]. Automatic encryption unlock during boot (with vTPM) [2] is also required.

       [1] https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html-single/installation_configuration/index#installation-special-config-storage_installing-customizing 
       [2] https://docs.redhat.com/en/documentation/openshift_container_platform/4.20/html/virtualization/managing-vms#virt-adding-vtpm-to-vm_virt-using-vtpm-devices 

      3. Why does the customer need this? (List the business requirements here)
      Compliance requirements for rootdisk encryption on virtual machines

      4. List any affected packages or components.

      • HCP Nodepool CR or HostedCluster CR

              racedoro@redhat.com Ramon Acedo
              rh-ee-kniederw Kevin Niederwanger
              None
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                None
                None