📄️ Architecture
This page will walk through the architecture of the Carbide Secured Registry (CSR), including both of the pipelines related to the CSR, as well as typical usage of the images.
�📄️ Carbide Helm Charts
Along with our secured images, we also provide helm charts through the CSR to install various components of the Carbide product suite. These charts include the necessary components to run STIGATRON, an airgapped copy of all Rancher product docs, and a custom build of Rancher with our white-labeling.
🗃️ configuration
2 items
📄️ Copying Images to a Registry
This page will walk you through copying our secured images into your own registry for later use.
📄️ Downloading the Images
This page will walk you through locally downloading our secured images from our hardened registry, as well as packaging them to move over an airgap into your registry.
📄️ Enforcement
This page will walk you through configuring a few example policy enforcement engines to validate your cluster images against our public key. This should ensure only the images from our hardened registry are allowed to run.
📄️ Introduction
This page will walk through benefits of the hardened registry and what exactly the hardened registry provides.
📄️ Loading Images to a Registry
This page will walk you through seeding your registry with downloaded images from the CSR for all Rancher components.
📄️ Prerequisites
Below are all the things you need to get started with the Hardened Container Registry. As we improve and streamline the process, this list could evolve.
📄️ Release Cadence
This page will walk through how the pipelines are currently configured to execute, and future plans.
📄️ RKE2/K3s Uninstall
K3s
📄️ Rancher Uninstall
This page will walk you through how to uninstall Carbide Registry Images from Rancher, both for its own components and downstream Rancher Kubernetes clusters (RKE2/K3s).
📄️ Validating Images
This will guide you through validating the signatures and attestations of each image in the secured registry, as well as how to download artifacts about the image (Software Bill of Materials, Vulnerability Scan, Cryptographic Signature, etc...).