New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add PV support for Azure Disk Encryption #57070
Comments
@jdumars @khenidak After my investigation, I don't think there is k8s upstream work for this feature. |
@andyzhangx Andy, Do you happen to have a timeline for this feature ? Would it be available for GA ? |
@prashantchari this is no upstream work for this feature.
Let me know if you have any question, I will close this issue if there is no concern. |
Hey @andyzhangx , For my scenario, I'm using https://docs.microsoft.com/en-us/azure/aks/azure-disks-dynamic-pv in combination with stateful sets to store user data on external disks. Can you elaborate on how I can enable azure disk encryption on those disks using custom keys from my key vault ? I saw your example, but that requires me to setup encryption using the az commands on the VMs in the resource group - is that the recommended approach ? |
@prashantchari I see your scenario is "Azure Disk Encryption", here is the detailed doc: While according to my use expericence on Ubuntu VM, the encryption process will fail sometimes, it's not stable. You may try it in testing env first. Anyway, it's not related to k8s upstream work. |
close this issue since there is no work in k8s upstream |
Is this a BUG REPORT or FEATURE REQUEST?:
/kind feature
Feature Description:
Managed
Note:
kekVault
andkekURL
are optional, which is used to do Key Encryption3 . If
kekURL
is provided andkekVault
is empty, thenkekVault
will be the same keyvault withsecretVault
@jdumars @khenidak
Anything else we need to know?:
Azure/acs-engine#747
Environment:
kubectl version
): v1.10uname -a
):/sig azure
/assign
The text was updated successfully, but these errors were encountered: