Skip to content

[OSDOCS-8305]Document which specific components and traffic flows are encrypted in OSD #99666

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 8, 2025
Merged

[OSDOCS-8305]Document which specific components and traffic flows are encrypted in OSD #99666

merged 1 commit into from
Oct 8, 2025

Conversation

@mletalie
Copy link
Contributor

@mletalie mletalie commented Sep 24, 2025
edited
Loading

@mletalie mletalie changed the title Osdocs 8305 [OSDOCS-8305]Document which specific components and traffic flows are encrypted in OSD Sep 24, 2025
@openshift-ci openshift-ci bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Sep 24, 2025
@ocpdocs-previewbot
Copy link

ocpdocs-previewbot commented Sep 24, 2025
edited
Loading

🤖 Wed Oct 08 20:09:08 - Prow CI generated the docs preview:

https://99666--ocpdocs-pr.netlify.app/openshift-dedicated/latest/osd_architecture/osd_policy/policy-process-security.html

ocpdocs-vale-bot
ocpdocs-vale-bot reviewed Sep 24, 2025
View reviewed changes
modules/policy-security-regulation-compliance.adoc Outdated
=== Component and traffic flow encryption
OpenShift Dedicated (OSD) components are configured to use Transport Layer Security (TLS) for secure communication, prioritizing TLS 1.3 for its performance and security enhancements. For components not yet supporting TLS 1.3, robust TLS 1.2 cipher suites are configured. This comprehensive TLS configuration ensures the encryption of various traffic flows within and to the OpenShift Dedicated environment. For more information, refer TLS configuration on OpenShift and Appendix 4 of the Red Hat Enterprise Agreement Appendix 4 (Online Subscription Services).

** Specific components like the API server (port 6443), kube-controller (port 10257), and kube-scheduler (port 10259) in OpenShift 4.7 and later versions utilize TLS 1.3 and a reduced set of secure cipher suites.
Copy link
Collaborator

@ocpdocs-vale-bot ocpdocs-vale-bot Sep 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🤖 [error] RedHat.TermsErrors: Use 'use' rather than 'utilize'. For more information, see RedHat.TermsErrors.

@mletalie mletalie force-pushed the OSDOCS-8305 branch 2 times, most recently from 1b0dee9 to fbb18dd Compare September 25, 2025 17:01
@jaybeeunix
Copy link
Member

jaybeeunix commented Oct 8, 2025

/lgtm

@openshift-ci openshift-ci bot added the lgtm Indicates that a PR is ready to be merged. label Oct 8, 2025
@openshift-ci openshift-ci bot removed the lgtm Indicates that a PR is ready to be merged. label Oct 8, 2025
@openshift-ci
Copy link

openshift-ci bot commented Oct 8, 2025

New changes are detected. LGTM label has been removed.

@openshift-ci
Copy link

openshift-ci bot commented Oct 8, 2025

@mletalie: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

@mletalie mletalie merged commit e32b88d into openshift:main Oct 8, 2025
2 checks passed
@mletalie
Copy link
Contributor Author

mletalie commented Oct 8, 2025

/cherrypick enterprise-4.19
/cherrypick enterprise-4.20

@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Oct 8, 2025

@mletalie: new pull request created: #100226

In response to this:

/cherrypick enterprise-4.19
/cherrypick enterprise-4.20

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Oct 8, 2025
Merged
@openshift-cherrypick-robot
Copy link

openshift-cherrypick-robot commented Oct 8, 2025

@mletalie: new pull request created: #100227

In response to this:

/cherrypick enterprise-4.19
/cherrypick enterprise-4.20

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@openshift-cherrypick-robot openshift-cherrypick-robot mentioned this pull request Oct 8, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@ocpdocs-vale-bot ocpdocs-vale-bot ocpdocs-vale-bot left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@jaybeeunix jaybeeunix

Labels

size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@mletalie @ocpdocs-previewbot @jaybeeunix @openshift-cherrypick-robot @ocpdocs-vale-bot