Add information for encrypt etcd disk

tmalove · tmalove · commit da2f4e1ea750 · 2025-09-09T00:34:43.000-04:00
diff --git a/microshift_install_get_ready/microshift-install-get-ready.adoc b/microshift_install_get_ready/microshift-install-get-ready.adoc
@@ -20,6 +20,12 @@ include::modules/microshift-install-rhel-tools-concepts.adoc[leveloffset=+1]
 
 include::modules/microshift-install-rhde-steps.adoc[leveloffset=+1]
 
+include::modules/microshift-encrypt-etcd-data.adoc[leveloffset=+1]
+[role="_additional-resources"]
+.Additional resources
+
+* link:https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/managing_storage_devices/encrypting-block-devices-using-luks_managing-storage-devices#luks-disk-encryption_encrypting-block-devices-using-luks[LUKS disk encryption]
+
 [id="additional-resources_microshift-install-get-ready_{context}"]
 [role="_additional-resources"]
 == Additional resources
diff --git a/modules/microshift-encrypt-etcd-data.adoc b/modules/microshift-encrypt-etcd-data.adoc
@@ -0,0 +1,9 @@
+// Module included in the following assembly:
+//
+// * microshift_install_get_ready/microshift-install-get-ready.adoc
+
+:_mod-docs-content-type: CONCEPT
+[id="microshift-encrypt-etcd-data_{context}"]
+= Encrypt etcd data
+
+Kubernetes objects are stored in an etcd database and might contain sensitive data. The etcd data is not encrypted by default. You can encrypt the disk that contains the etcd database by using the Linux Unified Key Setup-on-disk-format (LUKS) management tool for block device encryption.
