[doc][yba] CIS hardened OS support #23789
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for infallible-bardeen-164bc9 ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
ddhodge
changed the title
aishwarya24
reviewed
Sep 12, 2024
aishwarya24
reviewed
Sep 12, 2024
| @@ -23,7 +23,9 @@ Unless otherwise noted, operating systems are supported by all supported version | |||
| | AlmaLinux 9 | {{<icon/yes>}} | {{<icon/yes>}} | | | |||
| | Oracle Linux 8 | {{<icon/yes>}} | | | | |||
| | Red Hat Enterprise Linux 8 | {{<icon/yes>}} | | Recommended for production | | |||
| | Red Hat Enterprise Linux 9.3 and later| {{<icon/yes>}} | | Supported in v2.20.3 and later. {{<badge/ea>}} | | |||
| | Red Hat Enterprise Linux 8 CIS Hardened | {{<icon/yes>}} | | | | |||
There was a problem hiding this comment.
any notes to add for Red Hat Enterprise Linux 8 CIS Hardened ? @yushenng . Is it Recommended for production ?
aishwarya24
reviewed
Sep 12, 2024
docs/content/preview/yugabyte-platform/prepare/server-nodes-software/software-on-prem-manual.md
Outdated
Show resolved
Hide resolved
aishwarya24
approved these changes
Sep 12, 2024
chidmuthu
reviewed
Sep 17, 2024
|
|
||
| ```sh | ||
| add_cmd = ( | ||
| f"sudo sed -i '/^AllowUsers / s/$/ yugabyte/' /etc/ssh/sshd_config && " |
There was a problem hiding this comment.
I think they have to run this on the node itself? Not sure where this add_cmd is used
There was a problem hiding this comment.
Yes user has to run this cmd on the node itself
There was a problem hiding this comment.
@shashwat-yb can you TAL
There was a problem hiding this comment.
This got copy pasted from itest code, get rid of the add_cmd we only want the actualy linux commands that are run directly on the host.
|
Overall looks good to me, please check 2 comments from my side and make any necessary changes required. Thanks! |
Don't see your comments |
Co-authored-by: Aishwarya Chakravarthy <achakravarthy@yugabyte.com>
shashwat-yb
approved these changes
Sep 18, 2024
|
|
||
| ```sh | ||
| add_cmd = ( | ||
| f"sudo sed -i '/^AllowUsers / s/$/ yugabyte/' /etc/ssh/sshd_config && " |
There was a problem hiding this comment.
Yes user has to run this cmd on the node itself
docs/content/preview/yugabyte-platform/prepare/server-nodes-software/software-on-prem-manual.md
Outdated
Show resolved
Hide resolved
foucher
pushed a commit
that referenced
this pull request
Sep 24, 2024
Summary: 5d3e83e [PLAT-15199] Change TP API URLs according to latest refactoring a50a730 [doc][yba] YBDB compatibility (#23984) 0c84dbe [#24029] Update the callhome diagnostics not to send gflags details. b53ed3a [PLAT-15379][Fix PLAT-12510] Option to use UTC when dealing with cron exp. in backup schedule f0eab8f [PLAT-15278]: Fix DB Scoped XCluster replication restart 344bc76 Revert "[PLAT-15379][Fix PLAT-12510] Option to use UTC when dealing with cron exp. in backup schedule" 3628ba7 [PLAT-14459] Swagger fix bb93ebe [#24021] YSQL: Add --TEST_check_catalog_version_overflow 9ab7806 [#23927] docdb: Add gflag for minimum thread stack size Excluded: 8c8adc0 [#18822] YSQL: Gate update optimizations behind preview flag 5e86515 [#23768] YSQL: Fix table rewrite DDL before slot creation 123d496 [PLAT-14682] Universe task should only unlock itself and make unlock aware of the lock config de9d4ad [doc][yba] CIS hardened OS support (#23789) e131b20 [#23998] DocDB: Update usearch and other header-only third-party dependencies 1665662 Automatic commit by thirdparty_tool: update usearch to commit 240fe9c298100f9e37a2d7377b1595be6ba1f412. 3adbdae Automatic commit by thirdparty_tool: update fp16 to commit 98b0a46bce017382a6351a19577ec43a715b6835. 9a819f7 Automatic commit by thirdparty_tool: update hnswlib to commit 2142dc6f4dd08e64ab727a7bbd93be7f732e80b0. 2dc58f4 Automatic commit by thirdparty_tool: update simsimd to tag v5.1.0. 9a03432 [doc][ybm] Azure private link host (#24086) 039c9a2 [#17378] YSQL: Testing for histogram_bounds in pg_stats 09f7a0f [#24085] DocDB: Refactor HNSW wrappers 555af7d [#24000] DocDB: Shutting down shared exchange could cause TServer to hang 5743a03 [PLAT-15317]Alert emails are not in the correct format. 8642555 [PLAT-15379][Fix PLAT-12510] Option to use UTC when dealing with cron exp. in backup schedule 253ab07 [PLAT-15400][PLAT-15401][PLAT-13051] - Connection pooling ui issues and other ui issues 57576ae [#16487] YSQL: Fix flakey TestPostgresPid test bc8ae45 Update ports for CIS hardened (#24098) 6fa33e6 [#18152, #18729] Docdb: Fix test TestPgIndexSelectiveUpdate cc6d2d1 [docs] added and updated cves (#24046) Excluded: ed153dc [#24055] YSQL: fix pg_hint_plan regression with executing prepared statement Test Plan: Jenkins: rebase: pg15-cherrypicks Reviewers: jason, jenkins-bot Differential Revision: https://phorge.dev.yugabyte.com/D38322
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Server node landing page and SEO
DOC-461
@netlify /preview/yugabyte-platform/prepare/server-nodes/