Containers, Kubernetes, OpenShift on Power

 View Only

The blog of blogs: Security and Compliance Resources for the Red Hat OpenShift Container Platform

By PAUL BASTIDE posted Wed March 29, 2023 09:27 AM

  

As you define, build, and run your OpenShift Container Platform cluster, you should be aware of the rich security features available for your installation. We have curated a list of security and compliance focused resources on topics from configuring FIPS to using the Compliance Operator on the Power Platform. We plan to update the list as new content is developed so follow this blog (click the little star up above) to make sure you receive notifications when we do.

Learn

Learn

The OpenShift Container Platform supports many security and compliance features, you can read about it on the documentation site. You can learn about OpenShift Container Platform 4.x Tested Integrations for ppc64le and see which features are tested and available for your cluster.


Try it

Use

Deploying a OpenShift Container Platform Cluster

  • FIPS (powervm upi) (powervs upi) (blog) covers how to turn on FIPS compatibility mode.

  • LUKS/NBDE (powervm upi) (powervs upi) (blog) covers encryption concepts, how to setup an external Tang cluster on IBM PowerVS, how to setup a cluster on IBM PowerVS, and how to confirm the encrypted disk setup.

  • Terraform Automation for NBDE/LUKS - (powervs) (powervm) supports deploying an external Tang server on PowerVS and PowerVM.

Configuring OpenShift Container Platform cluster

  • etcd encryption (blog) covers encrypting a subset of resources in the etcd data store on OpenShift and how to go through some common operations related to etcd management when it’s encrypted.

  • TLS Profiles (blog) covers the setting up of TLS inside OpenShift and verifying the settings.

  • seccomp (blog) covers the ins and outs of configuring the seccomp profile, and tells you why you should care and how you can configure it with your workload.

  • Security Context Constraints (blog) covers key things she learned from using Security Context Constraints.

  • Secure Attached Storage (blog) covers restricting the use of NFS mounts and securing the attached storage on OCP.

  • Authentication Providers (blog) covers using and configuring one of the many Authentication Providers for external auth in OCP.

  • cert-manager (blog) covers using and configuring certificates and their lifecycle in OCP.

Compliance to Industry Standards


Start a conversation icon

Start a conversation

The Security and Compliance Squad thanks you and looks forward to further updates.

Please drop a note in the comments section below (you need to join the community to comment) and tell us what other topics you'd like us to cover and/or provide your valuable feedback.

We are continuing to update this blog as we develop more content, so click Follow above to get notifications when we do.


#Featured-area-1 #Featured-area-1-home 

Permalink