Compliance Operator with OVN in Openshift 4
Issue
- Are any CSI rules related to
OVN
Cluster? - Are CIS SDN rules automatically skipped in an
OVN
Cluster? - How to configure Compliance Operator in OpenShift with
OVN-Kubernetes CNI
- Is
Compliance Operator
aware of whichCNI
OpenShift is using? -
ComplianceCheckResult
resource object is marked asFAIL
$ oc -n openshift-compliance get ComplianceCheckResult ocp4-cis-node-master-file-owner-ip-allocations FAIL medium ocp4-cis-node-worker-file-owner-ip-allocations FAIL medium ocp4-cis-node-master-file-groupowner-ip-allocations FAIL medium ocp4-cis-node-worker-file-groupowner-ip-allocations FAIL medium ocp4-cis-node-master-file-groupowner-openshift-sdn-cniserver-config FAIL medium ocp4-cis-node-worker-file-groupowner-openshift-sdn-cniserver-config FAIL medium ocp4-cis-node-master-file-owner-openshift-sdn-cniserver-config FAIL medium ocp4-cis-node-worker-file-owner-openshift-sdn-cniserver-config FAIL medium ocp4-cis-node-master-file-perms-openshift-sdn-cniserver-config PASS medium ocp4-cis-node-worker-file-perms-openshift-sdn-cniserver-config PASS medium ocp4-cis-file-permissions-proxy-kubeconfig FAIL medium
Environment
- Red Hat OpenShift Container Platform (RHOCP)
- 4.8
- 4.9
- Compliance Operator
- 0.1.48
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.