Skip to main content
Skip table of contents

Create FIPS 140 Images

Use Konvoy Image Builder to create images with FIPS-compliant binaries

Create FIPS-140 images

KIB can produce images containing FIPS-140 compliant binaries. Use the fips.yaml override file provided with the image bundles.

For example, this command produces a FIPS-compliant image on RHEL 8.4:

CODE 
konvoy-image build --overrides overrides/fips.yaml images/ami/rhel-84.yaml

Pre-provisioned infrastructure

If you are targeting a pre-provisioned infrastructure, you can create a FIPS-compliant cluster by doing the following:

  1. Create a bootstrap cluster

  2. Create a secret on the bootstrap cluster with the contents from fips.yamloverride file and any other user overrides you wish to provide

CODE 
kubectl create secret generic $CLUSTER_NAME-fips-overrides --from-file=overrides.yaml=overrides.yaml
kubectl label secret $CLUSTER_NAME-fips-overrides clusterctl.cluster.x-k8s.io/move=

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close