Uploaded image for project: 'OpenShift Edge Enablement'
  1. OpenShift Edge Enablement
  2. OCPEDGE-82

Support using encrypted devices

XMLWordPrintable

    • Support using encrypted devices
    • Product / Portfolio Work
    • OCPSTRAT-85LVM Storage encryption at rest
    • 0% To Do, 0% In Progress, 100% Done
    • False
    • Hide

      None

      Show
      None
    • False
    • Green
    • L
    • None
    • Backlog Refinement

      Goal

      Provide a way to encrypt local disks before they are used for providing persistent storage using ODF LVMO

      Problem

      Right now we don't have a way to ensure encrypted devices work for LVMS

      Why is this important?

      Customers sometimes need to offer encryption due to regulations. So, we need to support encrypted devices on LVMS. 

      Prioritized Scenarios

      In Scope

      • Document the encryption at rest, e.g. using LVM / LUKS / MachineConfig.

      Not in Scope

      • key recovery procedures

      Documentation Requirements

      • provide instructions on how to configure / install encryption

      Customers

       

      Customer Facing Story

      As an administrator, I want to use encryption at rest on my SNO clusters, so that I can sleep well if a disk is stolen from an edge device. 

      What does success look like?

      Questions

      1. What can we re-use (patterns, mechanisms) from existing solutions (e.g. OCP full disk encryption of the OS disk, or ODF encryption).

              sakbas@redhat.com Suleyman Akbas
              rhn-stor-cblum Chris Blum
              None
              Minal Pradeep Makwana Minal Pradeep Makwana
              Daniel Macpherson Daniel Macpherson
              Votes:
              0 Vote for this issue
              Watchers:
              9 Start watching this issue

                Created:
                Updated:
                Resolved: