-
Notifications
You must be signed in to change notification settings - Fork 550
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Chart ceph-csi-cephfs
doesn't support encryption
#4470
Comments
I'd be happy to help fixing this by using the RBD chart as reference for missing config. Let me know if you would like that! |
@acolombier looks reasonable to fix this, as |
Hey @acolombier, |
I have started working on the chart changes, but I would need some time to test it. Unfortunately, I still need to sort out kernel version as I would need a 6.6+ to test my usecase (fscrypt + cephfs for mount) which is likely going to take me a few more days. If you get the chance to get something together faster, please do! 😃 |
We are in the same boat then 😃 |
This issue has been automatically marked as stale because it has not had recent activity. It will be closed in a week if no further activity occurs. Thank you for your contributions. |
PR currently waiting for review |
Describe the bug
The helm chart
ceph-csi-cephfs
doesn't support encryption out of the box.configmap/read
permission and POD_NAMESPACE envvar to read config directly (not sure this is still the way to go)Environment details
quay.io/cephcsi/cephcsi:v3.10.2
3.10.2
N/D
fuse
orkernel
. for rbd itskrbd
orrbd-nbd
) :rbd-nbd
1.26
17.2.7 quincy (stable)
Steps to reproduce
Steps to reproduce the behavior:
storageClass
Actual results
The PVC cannot be created due to missing envvar
POD_NAMESPACE
. Once added, it creates it, but the nodeplugin cannot mount it due envvar and configmap access denied.Expected behavior
The PVC gets created and can be mounted by nodeplugin.
Logs
Omitted
Additional context
N/A
The text was updated successfully, but these errors were encountered: