ocp-disconnected-docs icon indicating copy to clipboard operation
ocp-disconnected-docs copied to clipboard

Published 20 hours ago verified publisher icon redhat-cop

FIPS Deployment on ARO

Open jflowers opened this issue 4 years ago • 3 comments

Add in how deploy with FIPS on

jflowers avatar Mar 15 '21 20:03 jflowers

Noted. Will submit PR once MAG/FIPS instructions are released.

theckang avatar Apr 19 '21 15:04 theckang

@theckang I half expected you to come back and say it's on by default as it is FISMA High, right? I'm pretty sure that you can flip it on after creating a cluster...that would be good to document as a workaround if it is not possible to create it with FIPS on.

jflowers avatar Apr 20 '21 12:04 jflowers

Because FIPS must be enabled before the operating system that your cluster uses boots for the first time, you cannot enable FIPS after you deploy a cluster.

https://docs.openshift.com/container-platform/4.7/installing/installing-fips.html

:(

jharmison-redhat avatar Apr 20 '21 12:04 jharmison-redhat