Support encrypted EBS volumes for bootstrapping controllers on AWS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
High
|
Harry Pidcock |
Bug Description
juju bootstrap aws \
--storage-pool name=ebs-encrypted \
--storage-pool type=ebs \
--storage-pool encrypted=true \
--bootstrap-
I just tried running the above to bootstrap a juju controller with and encrypted EBS volume and I checked on my AWS console and it looks like the controler machine still uses a non-encrypted EBS volume.
It looks like the bootstrap-
This feature is important because make the adoption of Juju easier and smoother since organizations wont have to justify the existence of non encrypted EBS volumes to their security teams every review period.
Changed in juju: | |
milestone: | none → 2.9.5 |
status: | New → Triaged |
importance: | Undecided → High |
Changed in juju: | |
assignee: | nobody → Ian Booth (wallyworld) |
status: | Triaged → In Progress |
summary: |
- Support encrypted EBS volumes for bootstrapping controllers on AWS and - other public clouds + Support encrypted EBS volumes for bootstrapping controllers on AWS |
Changed in juju: | |
milestone: | 2.9.5 → 2.9.6 |
Changed in juju: | |
milestone: | 2.9.6 → 2.9.7 |
Changed in juju: | |
assignee: | Ian Booth (wallyworld) → Harry Pidcock (hpidcock) |
Changed in juju: | |
status: | In Progress → Fix Committed |
Changed in juju: | |
status: | Fix Committed → Fix Released |
The doc is not quite correct.
If root disk source refers to a storage pool, then it is supposed to be supported on any provider that can provision block device storage which can be mounted as the root disk of an instance.
The doc is referring to the case where root disk source is not a storage pool name but rather a provider specific datastore or such.