Does the linode-block-storage-retain StorageClass encrypt at rest?
I'm using k8s and cannot find any documentation about encryption at rest. Does anyone know if linode implements any encryption for data at rest for volumes attached to a linode k8s cluster?
3 Replies
✓ Best Answer
Kubernetes (K8S or K3S) installed on Linodes does support encryption at rest, but LKE does not at this time. In order to do so, you would want to use notation like this:
apiVersion: apiserver.config.k8s.io/v1
kind: EncryptionConfiguration
resources:
- resources:
- secrets
providers:
- aescbc:
keys:
- name: secretkey1
secret: <ENCODED SECRET>
- identity: {}
We have some information about htis within our Kubernetes Security Best-Practice page, but more information could be found without Kubernetes' documentation:
I submitted a feature request on your behalf though since encryption at rest would be great for us to implement.
Thanks, would be a great feature (and selling point) for linode k8s. :)
I couldn't find any info here: Kubernetes Security Best-Practice ,but thanks for the reply!