Skip to content

Fix: EBS encryption for /shared #4

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jun 19, 2014
Merged

Fix: EBS encryption for /shared #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CHANGELOG.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ CHANGELOG
=====

* feature:``cfncluster``: Added option to encrypt ephemeral drives with in-memory keys
* feature:``cfncluster``: Support for EBS encryption on /shared volume
* feature:``cfncluster``: Detect all ephemeral drives, stripe and mount as /scratch
* feature:``cfncluster``: Support for placement groups
* feature:``cfncluster``: Support for cluster placement logic. Can either be cluster or compute.
Expand Down
2 changes: 1 addition & 1 deletion cli/cfncluster/cfnconfig.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ def __init__(self, args):

# Dictionary list of all EBS options
self.__ebs_options = dict(ebs_snapshot_id='EBSSnapshotId', volume_type='VolumeType', volume_size='VolumeSize',
volume_iops='VolumeIOPS')
volume_iops='VolumeIOPS', encrypted='EBSEncryption')

try:
if self.__ebs_section:
Expand Down
3 changes: 3 additions & 0 deletions cli/cfncluster/examples/config
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,6 +133,9 @@ availability_zones =
#volume_size = 200
# Number of IOPS for io1 type volumes
#volume_iops = 200
# Use encrypted volume (should not be used with snapshots)
# (defaults to false for default template)
#encrypted = false

## Scaling settings
#[scaling custom]
Expand Down
29 changes: 29 additions & 0 deletions cloudformation/cfncluster.cfn.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -309,6 +309,16 @@
"Description" : "Postinstall script args passed to the postinstall script.",
"Type" : "String",
"Default" : "NONE"
},
"EBSEncryption" : {
"Description" : "Boolean flag to use EBS encryption for /shared volume. (Not to be used for snapshots)",
"Type" : "String",
"Default" : "false",
"ConstraintDescription" : "true/false",
"AllowedValues" : [
"true",
"false"
]
}
},
"Conditions" : {
Expand Down Expand Up @@ -434,6 +444,14 @@
},
"cluster"
]
},
"UseEBSEncryption" : {
"Fn::Equals" : [
{
"Ref" : "EBSEncryption"
},
"true"
]
}
},
"Mappings" : {
Expand Down Expand Up @@ -1671,6 +1689,17 @@
"Ref" : "AWS::NoValue"
}
]
},
"Encrypted" : {
"Fn::If" : [
"UseEBSEncryption",
{
"Ref" : "EBSEncryption"
},
{
"Ref" : "AWS::NoValue"
}
]
}
}
}
Expand Down