Skip to content

FIPS Compliant Controller

Introduction

To install the FIPS-compliant Controller with an ECR registry in the Amazon EKS environment, follow the steps outlined below. This installation adheres to FIPS 140-2 standards, with all software libraries and components within the controller compiled using cryptographic libraries for robust security in sensitive, regulated environments. Leveraging Amazon EKS for managed Kubernetes and ECR for secure container image storage, this setup ensures a highly secure and compliant deployment of the Controller.

Supported Platforms and Compatibility

  • Supported Platforms: Amazon EKS with ECR Public Registry
  • Controller Version: Rafay Controller Version 2.6
  • Kubernetes Version Compatibility: Supports Kubernetes versions 1.27, 1.28, and 1.29, provided the nodes are FIPS enabled
  • Node Operating Systems: Compatible with FIPS-enabled Amazon Linux 2 (AL2) AMIs for all node groups
  • CNI Compatibility: The FIPS controller uses the aws-cni
  • Cluster Type: Currently supports only EKS cluster type

Getting Started with FIPS-Enabled Installation

The installation process requires specific prerequisites, including DNS configurations and X.509 certificates for secure communication. Additional setup may involve IAM roles to enable seamless integration with ECR.

For detailed, step-by-step guidance or to obtain the required FIPS installer, contact the support team for assistance in configuring the Rafay Controller to meet compliance and security requirements for your environment.