docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update rhel.md

This commit is contained in:
Anne Henmi 2018-09-25 17:52:02 -06:00 committed by GitHub
parent fa8353cd31
commit c20652b1c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
install/linux/docker-ee/rhel.md
View File

@ -46,13 +46,13 @@ On {{ linux-dist-long }}, Docker EE supports storage drivers, `overlay2` and `de
### FIPS 140-2 cryptographic module support ### FIPS 140-2 cryptographic module support
(Federal Information Processing Standards (FIPS) Publication 140-2[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules. (Federal Information Processing Standards (FIPS) Publication 140-2)[https://csrc.nist.gov/csrc/media/publications/fips/140/2/final/documents/fips1402.pdf] is a United States Federal security requirement for cryptographic modules.
With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine. With Docker EE Basic license for versions 18.03 and later, Docker provides FIPS 140-2 support in RHEL 7.3, 7.4 and 7.5. This includes a FIPS support cryptographic module. If the RHEL implementation already has FIPS support enabled, FIPS is automatically enabled in the Docker engine.
**NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2. **NOTE:** FIPS is only supported in the Docker EE engine. UCP and DTR currently do not have support for FIPS-140-2.
To enable FIPS-140-2 compliance on a system that is not in FIPS mode, do the following: To enable FIPS 140-2 compliance on a system that is not in FIPS 140-2 mode, do the following:
Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following: Create a file called `/etc/systemd/system/docker.service.d/fips-module`. It needs to contain the following:
@ -73,7 +73,7 @@ Labels:
com.docker.security.fips=enabled com.docker.security.fips=enabled
``` ```
**NOTE:** If the system has the FIPS-140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS-140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`. **NOTE:** If the system has the FIPS 140-2 cryptographic module installed on the operating system, it is possible to disable FIPS-140-2 compliance. To disable FIPS 140-2 in Docker but not the operating system, set the value `DOCKER_FIPS=0` in the `/etc/systemd/system/docker.service.d/fips-module`.
### Find your Docker EE repo URL ### Find your Docker EE repo URL