Enable image signature verification¶
TechPreview
Note
Consider this section as part of Deploy an OpenStack cluster.
Mirantis OpenStack for Kubernetes (MOSK) enables you to perform image signature verification when booting an OpenStack instance, uploading a Glance image with signature metadata fields set, and creating a volume from an image.
To enable signature verification, use the following osdpl
definition:
spec:
features:
glance:
signature:
enabled: true
When enabled during initial deployment, all internal images such as Amphora, Ironic, and test (CirrOS, Fedora, Ubuntu) images, will be signed by a self-signed certificate.