![]() When specifying the layout for the hardened image, we need also to specify the device type, that in our case will be mbr. So add this as a dependency of overcloud-secure to properly set the type. Change-Id: Ic0ad151cc12723e437a1123f90c6663198b9564d |
||
---|---|---|
.. | ||
README.rst | ||
block-device-default.yaml | ||
element-deps | ||
package-installs.yaml |
README.rst
overcloud-secure
CAUTION: This element is part of the security hardened images feature, that is delivered in this release as tech preview. The following element is not intended for production usage.
overcloud-secure is an element to add extra security hardening features to the tripleo images: partition creation and unsafe package uninstall.
It includes the block-device-default definition, that creates independent partitions on the overcloud image, allowing those to accomplish the ANSSI security requirements. Please note that the sizes of the partitions may not be enough for production usage, they will need to be resized properly after deployment depending on the available disk size.