Enabling FIPS Mode
To enable FIPS mode, perform the following steps.
Enable FIPS mode during the installation of a new CloudVision cluster by entering yes when prompted with FIPS mode:
For shell-based configuration, the prompt will be included as part of the Common
Configuration.
Common Configuration:
CloudVision Deployment Model [d]efault [w]ifi_analytics: d
DNS Server Addresses (IPv4 Only): xxx.xxx.xxx.xxx
DNS Domain Search List:
Number of NTP Servers: 1
NTP Server Address (IPv4 or FQDN) #1: xxxxxxxxxx
Is Auth enabled for NTP Server #1: no
Cluster Interface Name: xxxxx
Device Interface Name: xxxxxx
CloudVision Wifi Enabled: no
Enter a private IP range for the internal cluster network (overlay): xxx.xxx.xxx.xxx
FIPS mode: yes
When doing an ISO-based configuration, you will add yes under the common
section of the cvp-config.yaml file.
Python
Commom:
cluster_interface: xxxxxx
cv_wifi_enabled: 'no'
deployment_model: DEFAULT
device_interface: xxxxx
dns:
fips_mode: 'yes'
kube_cluster_network: xxx.xxx.xxx.xxxx
ntp_servers:
- auth: 'no'
server:
num_ntp_servers: '1'
node1:
default_route: xxxx.xxxxx
dns_domains:
- sjc.aristanetworks.com
hostname: xxxxxxxxxxx
interfaces:
eth0:
ip_address: xxx.xxx.xxx.xxx
netmask: xxx.xxx.xxx.xxx
version: 2