-
Notifications
You must be signed in to change notification settings - Fork 29
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Per volume encryption #170
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature you'd like to have.
Encrypted PV with the key managed in Kubernetes
What is the value to the end user? (why is it a priority?)
If there is a container escape on a node, only volumes required by pods running on that node will be exposed as the keys for any other volumes would not be accessible. In addition even if the gluster server were compromised, only encrypted data would be available.
How will we know we have a good solution? (acceptance criteria)
A PV can be created with an encrypted flag and the resulting data is stored encrypted on the gluster server
Additional context
An attempt was made in kubernetes/kubernetes#28454
The text was updated successfully, but these errors were encountered: