Enable image signature verification¶
Consider this section as part of Deploy an OpenStack cluster.
Mirantis OpenStack for Kubernetes (MOSK) enables you to perform image signature verification when booting an OpenStack instance, uploading a Glance image with signature metadata fields set, and creating a volume from an image.
To enable signature verification, use the following
spec: features: glance: signature: enabled: true
When enabled during initial deployment, all internal images such as Amphora, Ironic, and test (CirrOS, Fedora, Ubuntu) images, will be signed by a self-signed certificate.