红帽全球峰会1.6. FIPS 就绪性
为 Red Hat Advanced Cluster Management for Kubernetes 完成 FIPS 就绪。Red Hat Advanced Cluster Management 使用相同的工具来确保将加密调用传递给 Red Hat OpenShift Container Platform 使用的 Red Hat Enterprise Linux(RHEL)认证的加密模块。如需有关 OpenShift FIPS 支持的详情,请参阅 对 FIPS 加密的支持。
如果您计划管理启用了 FIPS 的集群,则必须有一个 FIPS 就绪的 hub 集群,因为在 hub 集群上创建的加密存储在受管集群上。在置备 OpenShift Container Platform 受管集群时,使用 fips: true 设置启用 FIPS。置备集群后您无法启用 FIPS。
1.6.1. 限制
复制链接链接已复制到粘贴板!
阅读 Red Hat Advanced Cluster Management 和 FIPS 中的以下限制。
-
Red Hat OpenShift Container Platform 仅在
x86_64架构上支持 FIPS。 - 完整性 Shield 是没有可用的 FIPS 的技术预览组件。
- 在配置提供的存储时,必须对搜索和可观察组件使用的持久性卷声明(PVC)和 S3 存储进行加密。Red Hat Advanced Cluster Management 不提供存储加密,请参阅 OpenShift Container Platform 文档 支持 FIPS 加密。
当使用 Red Hat Advanced Cluster Management 控制台置备受管集群时,在受管集群创建的 Cluster details 部分中选中以下复选框来启用 FIPS 标准:
FIPS with information text: Use the Federal Information Processing Standards (FIPS) modules provided with Red Hat Enterprise Linux CoreOS instead of the default Kubernetes cryptography suite file before you deploy the new managed cluster.
FIPS with information text: Use the Federal Information Processing Standards (FIPS) modules provided with Red Hat Enterprise Linux CoreOS instead of the default Kubernetes cryptography suite file before you deploy the new managed cluster.Copy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}