technofab/zfs-localpv
1
0
Fork 0
mirror of https://github.com/TECHNOFAB11/zfs-localpv.git synced 2025-12-12 06:20:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

feat(ZFSPV): adding encryption in ZFSVolume CR (#6)

Browse source 
Adding support for enabling encryption using a custom key. 

Also, adding support to inherit the properties from ZPOOL
which are not listed in the storage class, ZFS driver will
not pass default values while creating the volume. Those
properties will be inherited from the ZPOOL.

we can use the encryption option in storage class 
```
apiVersion: storage.k8s.io/v1
kind: StorageClass
metadata:
  name: openebs-zfspv
allowVolumeExpansion: true
parameters:
  blocksize: "4k"
  compression: "on"
  dedup: "on"
  thinprovision: "yes"
  encryption: "on"
  keyformat: "raw"
  keylocation: "file:///home/keys/key"
  poolname: "zfspv-pool"
provisioner: openebs.io/zfs
```

Just a note, the key file should be mounted inside the node-agent container so that we can use that file while provisioning the volume. keyformat can be raw, hex or passphrase.

Signed-off-by: Pawan <pawan@mayadata.io>
This commit is contained in:
Pawan Prakash Sharma 2019-10-15 22:51:48 +05:30 committed by Kiran Mova
parent cc6ff6c520
commit 0218dacea0
7 changed files with 288 additions and 68 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pkg/driver/controller.go
View file

@ -73,6 +73,9 @@ func (cs *controller) CreateVolume(
bs := req.GetParameters()["blocksize"]
compression := req.GetParameters()["compression"]
dedup := req.GetParameters()["dedup"]
encr := req.GetParameters()["encryption"]
kf := req.GetParameters()["keyformat"]
kl := req.GetParameters()["keylocation"]
pool := req.GetParameters()["poolname"]
tp := req.GetParameters()["thinprovision"]
@ -82,6 +85,9 @@ func (cs *controller) CreateVolume(
WithBlockSize(bs).
WithPoolName(pool).
WithDedup(dedup).
WithEncryption(encr).
WithKeyFormat(kf).
WithKeyLocation(kl).
WithThinProv(tp).
WithCompression(compression).Build()