66d1d0beba
Move partition handling to overcloud-partition / overcloud-partition-uefi as whole-disk images with kernel-rt would be impossible to create due to dependencies between kernel-rt and kdump/kexec-tools. We need to be able to create whole-disk image while some package should not be uninstalled. Change-Id: I181cf4dc0c0976833e39e4df78a7cff184f0f0b2 |
||
---|---|---|
.. | ||
block-device-default.yaml | ||
element-deps | ||
README.rst |
overcloud-partition-uefi
overcloud-partition-uefi is an element to add extra security hardening features to the tripleo images: partition creation. This element is the equivalent of overcloud-partition one, but is used when needed to build images that are capable of booting from uefi.
It includes the block-device-default definition, that creates independent partitions on the overcloud image, allowing those to accomplish the ANSSI security requirements. Please note that the sizes of the partitions may not be enough for production usage, they will need to be resized properly after deployment depending on the available disk size.