mirror of
https://github.com/ceph/ceph-csi.git
synced 2025-06-13 02:33:34 +00:00
Reduce encryption KMS configuration SC parameters
* moves KMS type from StorageClass into KMS configuration itself * updates omapval used to identify KMS to only it's ID without the type why? 1. when using multiple KMS configurations (not currently supported) automated parsing of kms configuration will be failing because some entries in configs won't comply with the requested type 2. less options are needed in the StorageClass and less data used to identify the KMS Signed-off-by: Vasyl Purchel vasyl.purchel@workday.com Signed-off-by: Andrea Baglioni andrea.baglioni@workday.com
This commit is contained in:
Vasyl Purchel
committed by
mergify[bot]
mergify[bot]
parent
1695c6965d
commit
669dc4536f
@ -44,11 +44,9 @@ parameters:
|
||||
# A string is expected here, i.e. “true”, not true.
|
||||
# encrypted: "true"
|
||||
|
||||
# Use external key management system for encryption passphrases
|
||||
# encryptionKMS: vault
|
||||
|
||||
# String representing KMS configuration. Should be unique and match ID in
|
||||
# KMS ConfigMap. The ID is only used for correlation to config map entry.
|
||||
# Use external key management system for encryption passphrases by specifying
|
||||
# a unique ID matching KMS ConfigMap. The ID is only used for correlation to
|
||||
# config map entry.
|
||||
# encryptionKMSID: <kms-config-id>
|
||||
reclaimPolicy: Delete
|
||||
allowVolumeExpansion: true
|
||||
|
||||
Reference in New Issue
Block a user