Uploaded image for project: 'OpenShift Storage'
  1. OpenShift Storage
  2. STOR-559

Spike: NFS mount in a Kerberized environment

XMLWordPrintable

    • Spike: NFS mount in a Kerberized environment
    • False
    • False
    • Done
    • Undefined

      Epic Goal

      • Spike to investigate if it is possible to mount and read data from a NFS server in a kerberized environment. 
      • The output should be instructions of how that is possible today or a suggestion of what would need to be implemented in OpenShift to make this possible
      • This epic will not cover the management of kerberos tickets/tokens which is outside the scope of this investigation

      Why is this important?

      • In the financial space there is some dependence on data which is protected by Kerberos. As OpenShift is adopted and access to that data is necessary then a method to do this cleanly is required
      • Data silos and protection are often implemented using kerberos

      Scenarios

      1. Mount a Kerberised NFS volume
      2. Read/write to/from a Kerberised NFS volume
      3. Verify that it is the case that the mount of the NFS volume(s) do not require any Kerberos credentials
      4. Verify that RHCOS can mount an kerberized share without any kerberos RPMs present
      5. Verify if it is possible for the NFS client to read a kerberos ticket from a container

      Acceptance Criteria

      • CI - MUST be running successfully with tests automated
      • Release Technical Enablement - Provide necessary release enablement details and documents.
      • ...

      Dependencies (internal and external)

      1. ...

      Previous Work (Optional):

      Open questions::

      Done Checklist

      • CI - CI is running, tests are automated and merged.
      • Release Enablement <link to Feature Enablement Presentation>
      • DEV - Upstream code and tests merged: <link to meaningful PR or GitHub Issue>
      • DEV - Upstream documentation merged: <link to meaningful PR or GitHub Issue>
      • DEV - Downstream build attached to advisory: <link to errata>
      • QE - Test plans in Polarion: <link or reference to Polarion>
      • QE - Automated tests merged: <link or reference to automated tests>
      • DOC - Downstream documentation merged: <link to meaningful PR>

          There are no Sub-Tasks for this issue.

              gmargali Guy Margalit (Inactive)
              rhn-support-dhardie Duncan Hardie
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: