Skip to main content
Skip table of contents

Create FIPS 140 Images: Non-air-gapped Environment

Use Konvoy Image Builder to create images with FIPS-compliant binaries

Non-air-gapped Environment Create FIPS-140 images

KIB can produce images containing FIPS-140 compliant binaries. Use the fips.yaml override file provided with the image bundles.

You can also find these override files in the Konvoy Image Builder repo.

Examples:

The below snippets will create images with FIPS-compliant Kubernetes components. If you need the underlying OS to be FIPS-compliant, then you will need to provide the specific FIPS-compliant OS image, using the --source-ami flag for AWS.

  • A non-air-gapped environment example of override file use is the command below, which produces a FIPS-compliant image on RHEL 8.4 for AWS:
    Replace ami with your infrastructure provisioner

CODE 
konvoy-image build --overrides overrides/fips.yaml images/ami/rhel-84.yaml

  • vSphere FIPS-complaint using image.yaml created during VM Template configuration:

CODE 
konvoy-image build --overrides overrides/fips.yaml images/ova/<image.yaml>

Here is a list of FIPS Override Files.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close