starlingx/docs
Code Issues Proposed changes
d466920c10
docs/doc/source/planning/kubernetes/index-planning-kub-913bd621ac0f.rst
Oliver 73e7f8ef4c Security Planning shall support customer expectations 
Epic: Security Planning shall support expectations presented in pre-sales presentations.
Updated with review comments for Patch set 4
Updated with review comments for Patch set 3
Updated with review comments from Patch set 2
Updated with review comments from Patch set 1
Added summaries of items raised in pre-sales presentations

Change-Id: Ic1e458dfd57ad7ab18923f3a1756007ad717efe1
2022-06-23 14:09:03 -04:00

3.1 KiB
Raw Blame History

partner

Introduction

overview-of-starlingx-planning

Network planning

network-requirements networks-for-a-simplex-system networks-for-a-duplex-system networks-for-a-system-with-controller-storage networks-for-a-system-with-dedicated-storage network-requirements-ip-support network-planning-the-pxe-boot-network the-cluster-host-network the-storage-network network-addressing-requirements-2fac0035b878

Internal management network

the-internal-management-network internal-management-network-planning multicast-subnets-for-the-management-network

OAM network

about-the-oam-network oam-network-planning dns-and-ntp-servers network-planning-firewall-options

L2 access switches

l2-access-switches redundant-top-of-rack-switch-deployment-considerations

Ethernet interfaces

about-ethernet-interfaces network-planning-ethernet-interface-configuration the-ethernet-mtu shared-vlan-or-multi-netted-ethernet-interfaces

Storage planning

storage-planning-storage-resources storage-planning-storage-on-controller-hosts storage-planning-storage-on-worker-hosts storage-planning-storage-on-storage-hosts external-netapp-trident-storage

Security planning

infrastructure-security container-security-df8a251ec03f

Security hardening Guidelines

security-hardening-intro

Recommended Security Features with a Minimal Performance Impact

uefi-secure-boot

Secure System Accounts

local-linux-account-for-sysadmin local-and-ldap-linux-user-accounts starlingx-accounts web-administration-login-timeout ssh-and-console-login-timeout system-account-password-rules

Security Features

secure-https-external-connectivity security-hardening-firewall-options isolate-starlingx-internal-cloud-management-network

Installation and resource planning

installation-and-resource-planning-https-access-planning starlingx-hardware-requirements verified-commercial-hardware starlingx-boot-sequence-considerations hard-drive-options controller-disk-configurations-for-all-in-one-systems