K
Q

use a customer-encrypted disk in a kubernetes pod

11/3/2017

I would like to use a customer-encrypted disk with a kubernetes pod and I found no documentation about that.

I created customer-encrypted disk, I used it as a volume with my pod and I have this (expected) error message : AttachVolume.Attach failed for volume "eventstore-persistent-storage" : googleapi: Error 400: 'projects/pagaio-177714/zones/europe-west1-b/disks/eventstore-crypt-disk' is protected with a customer supplied encryption key, but none was provided., resourceIsEncryptedWithCustomerEncryptionKey

unfortunately I sse nothing in the kubernetes documentation about providing the encryption key.

Is it possible to use something like the cloud_sql_proxy to provide the key and mount the volume ?

If it's not possible to use customer-encrypted disk, do you know some alternative about encrypting an entire volume ?

Thanks

-- manu
google-kubernetes-engine
kubernetes

Similar Questions

Azure Log Analytics/OMS - reconstruct container's log as raw text
Using azure file storage with kubernetes and azure container service (aks) - permission denied
Kubectl apply does not update pods or deployments
Kubernetes High-Availability Masters

0 Answers