openstack
/
tripleo-image-elements
Code Issues Proposed changes
tripleo-image-elements/elements/overcloud-secure
History
Yolanda Robla 950a63f77c Add a dependency on block-device-mbr element 
When specifying the layout for the hardened image, we need
also to specify the device type, that in our case will be
mbr. So add this as a dependency of overcloud-secure to
properly set the type.

Change-Id: Ic0ad151cc12723e437a1123f90c6663198b9564d
 		2018-04-05 11:21:07 +02:00
..
README.rst Add overcloud-secure element 2017-05-30 18:18:41 +02:00
block-device-default.yaml Increase the image size to 23G 2018-03-16 13:08:44 +00:00
element-deps Add a dependency on block-device-mbr element 2018-04-05 11:21:07 +02:00
package-installs.yaml Add overcloud-secure element 2017-05-30 18:18:41 +02:00

README.rst

overcloud-secure

CAUTION: This element is part of the security hardened images feature, that is delivered in this release as tech preview. The following element is not intended for production usage.

overcloud-secure is an element to add extra security hardening features to the tripleo images: partition creation and unsafe package uninstall.

It includes the block-device-default definition, that creates independent partitions on the overcloud image, allowing those to accomplish the ANSSI security requirements. Please note that the sizes of the partitions may not be enough for production usage, they will need to be resized properly after deployment depending on the available disk size.