Versions Compared

Old Version 10

changes.mady.by.user Kuralamudhan Ramakrishnan (Deactivated)

Saved on

compared with

New Version 11

changes.mady.by.user Kuralamudhan Ramakrishnan (Deactivated)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
outlinetrue
Introduction

...

Hostname

CPU Model

Memory

BMC 

Firmware

Storage

1GbE: NIC#, VLAN,

(Connected

Extreme 480 switch)

10GbE: NIC# VLAN, Network

(Connected with IZ1 switch)

40GbE: NIC#

pod11-node5 (jump)

Intel

2xE5-2699

64GB

 1.46.9995

3TB (Sata)
180 (SSD)

IF0: VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)


pod11-node2

Intel

2xE5-2699

64GB

1.46.9995

3TB (Sata)
180 (SSD)

IF0: VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)


pod11-node3

Intel

2xE5-2699

64GB

1.46.9995

3TB (Sata)
180 (SSD)

IF0:  VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)

IF4: SRIOV

Virtual deployment

Hostname

CPU Model

Memory

Storage

1GbE: NIC#, VLAN,

(Connected

extreme 480 switch)

10GbE: NIC# VLAN, Network

(Connected with IZ1 switch)

pod14-node2

Intel

2xE5-2699

64GB

3TB (Sata)
180 (SSD)

IF0: VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)

Test Framework

All components are tested with end-to-end testing

...

Release 6 Blueprint Scanning Status

...

OS Vuls Scan

  • Pass/Fail
  • Exceptions

OS Lynis Scan

  • Pass/Fail
  • Exceptions

Kube-Hunter Scan

  • Pass/Fail
  • Exceptions

See results here

Exceptions requested for the following:

  • CVE-2021-33574
  • CVE-2019-19814
  • CVE-2021-35942

Exception requests


See results here

Exceptions requested for the following:

  • BOOT-5122: GRUB boot password interferes with the unattended reboot during OS provisioning.
  • USB-2000: USB hubs and HID device must be enabled for BMC Console Redirection.
  • SSH-7408: MaxSessions of 2 prevents lynis from running under Bluval.  Lynis, etc. robot files need to be updated to handle a different port.
  • KRNL-6000: Kernel module loading required by accelerator drivers.  Forwarding required by k8s.

See results here

Pass

Akraino CVE Vulnerability Exception Request

...