RHEA-2023:7491 - Product Enhancement Advisory

Topic

Release of nbde tang server 1.0

Description

Network-bound Disk Encryption (NBDE) provides an automated unlocking of LUKS-encrypted volumes using one or more dedicated network-binding servers. The client side of NBDE is called the Clevis decryption policy framework and the server side is represented by Tang.

The nbde tang server Operator allows the automation of deployments of one or several Tang servers in the OpenShift Container Platform (OCP) environment.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

The steps to apply the upgraded images are different depending on the installation plan approval policy you used when installing the nbde tang server Operator for Red Hat OpenShift.

• If the approval policy is set to Automatic, then the Operator will be upgraded automatically when there is a new version of the Operator. No further action is required to upgrade. This is the default setting.
• If you changed the approval policy to Manual, then you must manually approve the upgrade to the Operator.

Affected Products

• nbde tang server 1 x86_64

Fixes

• SECENGSP-5454 - tang operator productization: test release 1.0 version (GA candidate)

CVEs

(none)

References

(none)