Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support CCE 1.19.8 Worker Node Data Disk Encryption #1109

Closed
iitsDelbruegger opened this issue Jun 7, 2021 · 1 comment · Fixed by #1117
Closed

Support CCE 1.19.8 Worker Node Data Disk Encryption #1109

iitsDelbruegger opened this issue Jun 7, 2021 · 1 comment · Fixed by #1117
Labels
enhancement SDK Requires SDK changes
Milestone
v1.24.1

Comments

@iitsDelbruegger
Copy link

One of the features of CCE 1.19 is the disk encryption of worker nodes: https://open-telekom-cloud.com/de/support/release-notes/cloud-container-engine/release-kubernetes-1-19

However, I cannot find a way to activate this cool new feature in Terraform when creating a CCE node: https://registry.terraform.io/providers/opentelekomcloud/opentelekomcloud/latest/docs/resources/cce_node_v3
@iitsDelbruegger
Copy link
Author

A small remark: It does not have to be as simple as in the UI - using Terraform, I am comfortable to create agency, KMS key, etc by hand. I guess I just need a Terraform way to configure the CCE Node data disk to utilize the encryption id.

@outcatcher outcatcher added the SDK Requires SDK changes label Jun 7, 2021
@outcatcher outcatcher added this to the v1.24.1 milestone Jun 7, 2021
@lego963 lego963 mentioned this issue Jun 10, 2021
Merged
otc-zuul bot pushed a commit to opentelekomcloud/gophertelekomcloud that referenced this issue Jun 10, 2021
@lego963
[CCE] Add possibility to encrypt data volumes (#174)
237b441 
[CCE] Add possibility to encrypt data volumes

What this PR does / why we need it
Add possibility to set data volume metadata for encryption with KMS
Which issue this PR fixes
Refers to: opentelekomcloud/terraform-provider-opentelekomcloud#1109
=== RUN   TestNodes
--- PASS: TestNodes (731.13s)
=== RUN   TestNodes/TestNodeLifecycle
    --- PASS: TestNodes/TestNodeLifecycle (341.20s)
PASS

Process finished with the exit code 0

Reviewed-by: None <None>
Reviewed-by: Anton Sidelnikov <None>
Reviewed-by: Anton Kachurin <katchuring@gmail.com>
@lego963 lego963 mentioned this issue Jun 10, 2021
Merged
4 tasks
@otc-zuul otc-zuul bot closed this as completed in #1117 Jun 11, 2021
otc-zuul bot pushed a commit that referenced this issue Jun 11, 2021
@lego963
[CCE] Add possibility to encrypt data volumes (#1117)
8ff1113 
[CCE] Add possibility to encrypt data volumes

Summary of the Pull Request
Add new field kms_id in data_volumes spec to perform encryption with KMS
Resolves: #1109
PR Checklist

 Refers to: #1109
 Tests added/passed.
 Documentation updated.
 Schema updated.

Acceptance Steps Performed
=== RUN   TestAccCCENodesV3Basic
--- PASS: TestAccCCENodesV3Basic (734.55s)
=== RUN   TestAccCCENodesV3EncryptedVolume
--- PASS: TestAccCCENodesV3EncryptedVolume (1686.42s)
PASS


Process finished with the exit code 0

Reviewed-by: Anton Sidelnikov <None>
Reviewed-by: None <None>
Reviewed-by: Anton Kachurin <katchuring@gmail.com>
Reviewed-by: Rodion Gyrbu <fpsoff@outlook.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement SDK Requires SDK changes
Projects
None yet
Milestone
v1.24.1
Development

Successfully merging a pull request may close this issue.

[CCE] Add possibility to encrypt data volumes opentelekomcloud/terraform-provider-opentelekomcloud
2 participants
@outcatcher @iitsDelbruegger