Platform-level encryption

Enable platform-level encryption on a user-managed Red Hat OpenShift cluster, securing internal pod-to-pod traffic between nodes by using IPsec Transport mode.

Procedure

To enable platform-level encryption, follow these steps:

  1. Migrate your cluster from the Red Hat OpenShift SDN network plugin to the OVN-Kubernetes network plugin. Detailed instructions can be found here: Migrate from OpenShift SDN to OVN-Kubernetes.
  2. Enable platform-level encryption on a user-managed Red Hat OpenShift cluster to encrypt all traffic between nodes by using IPsec Transport mode. Instructions for enabling IPsec can be found here: Configuring IPsec on OVN-Kubernetes
Note: This procedure is disruptive and might impact your cluster's availability. Pause any Netezza Performance Server instances before starting the process and resume them after the procedure is completed.