Versions Compared

Old Version 2

changes.mady.by.user Kuralamudhan Ramakrishnan

Saved on

compared with

New Version Current

changes.mady.by.user Salvador Fuentes

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Overall Test Architecture

Test Bed

Pod Topology

Image RemovedImage Added


Bare-metal deployment

Hostname

CPU Model

Memory

BMC 

Firmware

Storage

1GbE: NIC#, VLAN,

(Connected

extreme 480 switch)

10GbE: NIC# VLAN, Network

(Connected with IZ1 switch)

40GbE: NIC#

Jump

Intel

2xE5-2699

64GB

 1.46.9995

3TB (Sata)
180 (SSD)

IF0: VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)


node1

Intel

2xE5-2699

64GB

1.46.9995

3TB (Sata)
180 (SSD)

IF0: VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)


node2

Intel

2xE5-2699

64GB

1.46.9995

3TB (Sata)
180 (SSD)

IF0:  VLAN 110 (DMZ)
IF1: VLAN 111 (Admin)

IF2: VLAN 112 (Private)
VLAN 114 (Management)
IF3: VLAN 113 (Storage)
VLAN 1115 (Public)

IF4: SRIOV

Note: virtualization must already be enabled on the worker nodes that will be part of the Kubernetes cluster.

...

Status as of June 25th, 2021:

Layer

Result

Comments

Nexus

os/lynis

PASS with exceptions

Exceptions:

  • USB-2000
  • SSH-7408: Checking MaxSessions, Checking Port
  • KRNL-6000: net.ipv4.conf.all.forwarding
Logs

os/vuls

PASS with exceptions

Exceptions:

  • CVE-2016-1585
  • CVE-2017-18342
  • CVE-2017-8283
  • CVE-2018-20839
  • CVE-2019-17041
  • CVE-2019-17042
  • CVE-2019-19814
Logs

k8s/conformance

PASS with exceptions

Exceptions:

  • Sonobuoy v0.16.1 does not support Kubernetes v1.18.9
Logs

k8s/kube-hunter

PASS

With aquasec/kube-hunter:edge image

Logs

Release 5 Blueprint Scanning Status

...