You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: modules/installation-azure-config-yaml.adoc
+9-2Lines changed: 9 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -234,6 +234,13 @@ ifdef::gov[]
234
234
endif::gov[]
235
235
ifdef::restricted[]
236
236
<14> When using Azure Firewall to restrict Internet access, you must configure outbound routing to send traffic through the Firewall. Configuring user-defined routing prevents exposing external endpoints in your cluster.
237
+
<15> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
238
+
+
239
+
[IMPORTANT]
240
+
====
241
+
To enable FIPS mode for your cluster, you must run the installation program from a {op-system-base-full} computer configured to operate in FIPS mode. For more information about configuring FIPS mode on RHEL, see link:https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/security_hardening/assembly_installing-the-system-in-fips-mode_security-hardening[Installing the system in FIPS mode]. The use of FIPS validated or Modules In Process cryptographic libraries is only supported on {product-title} deployments on the `x86_64`, `ppc64le`, and `s390x` architectures.
242
+
====
243
+
<16> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
237
244
endif::restricted[]
238
245
ifdef::vnet[]
239
246
ifndef::openshift-origin[]
@@ -277,7 +284,7 @@ ifdef::openshift-origin[]
277
284
<16> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
278
285
endif::openshift-origin[]
279
286
endif::gov[]
280
-
ifndef::vnet,private,gov[]
287
+
ifndef::vnet,private,gov,restricted[]
281
288
ifndef::openshift-origin[]
282
289
<10> Whether to enable or disable FIPS mode. By default, FIPS mode is not enabled. If FIPS mode is enabled, the {op-system-first} machines that {product-title} runs on bypass the default Kubernetes cryptography suite and use the cryptography modules that are provided with {op-system} instead.
283
290
+
@@ -290,7 +297,7 @@ endif::openshift-origin[]
290
297
ifdef::openshift-origin[]
291
298
<10> You can optionally provide the `sshKey` value that you use to access the machines in your cluster.
0 commit comments