You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the feature you'd like to have.
Encrypted PV with the key managed in Kubernetes
What is the value to the end user? (why is it a priority?)
If there is a container escape on a node, only volumes required by pods running on that node will be exposed as the keys for any other volumes would not be accessible. In addition even if the gluster server were compromised, only encrypted data would be available.
How will we know we have a good solution? (acceptance criteria)
A PV can be created with an encrypted flag and the resulting data is stored encrypted on the gluster server
Describe the feature you'd like to have.
Encrypted PV with the key managed in Kubernetes
What is the value to the end user? (why is it a priority?)
If there is a container escape on a node, only volumes required by pods running on that node will be exposed as the keys for any other volumes would not be accessible. In addition even if the gluster server were compromised, only encrypted data would be available.
How will we know we have a good solution? (acceptance criteria)
A PV can be created with an encrypted flag and the resulting data is stored encrypted on the gluster server
Additional context
An attempt was made in kubernetes/kubernetes#28454
The text was updated successfully, but these errors were encountered: