v2.8.0 RHEL9.4 RKE1.28.10+rke2r1 [Full]

Article summary

Did you find this summary helpful?

Thank you for your feedback!

Date of Release: 18/02/2025

Version Information

-	Version	Hardening References
Red Hat Enterprise Linux	9.4	USG STIGs ver 1 rel 14
Rancher Kubernetes Engine Government (RKE2)	v1.28.10	CIS v1.23
Glasswall Halo	2.8.0	SAST, DAST, SCA and Container Security Reports available on request

16 vCPU
32 GB RAM

SELinux is Enforcing
No USG STIG banner message by default (configurable)
Password Quality Enhancements:
- Be at least 15 characters long.
- Contains:
  - At least 1 uppercase letter (e.g., A),
  - At least 1 lowercase letter (e.g., a),
  - At least 1 digit (e.g., 1),
  - At least 1 special character (e.g., !).
- Avoid:
  - Using more than 3 consecutive identical characters (e.g., aaa),
  - Using more than 4 consecutive characters of the same type (e.g., 1111 or AAAA).
  - Be significantly different from the previous password (at least 8 characters must differ).
  - Exclude the username or dictionary-based words.
RKE2 log configuration changes:
- API server audit level updated from None to RequestResponse
- API server audit log location updated to /var/log/rancher

Currently deployed services and Helm charts:

Please refer to the Glasswall Halo V2.8.0 Release Notes for more information.

Was this article helpful?

Table of contents