Lot of people run Kubernetes on AWS and need to use encrypted EBS volumes for security and compliace.
I will lay down the steps below in order to use it.
- Create a storage class
- Create a PersistentVolume (or dynamically provisoned PersistentVolumeClaim) using the storage class
- Create a pod to use the PersistentVolumeClaim
1. Create a storage class
You must create a storage class that can be used for creating a PV/PVC.
Create a file encrypted-gp2.yaml with below contents.
|
|
2. Create a PersistentVolume or a dynamically provisioned PersistentVolumeClaim
Let’s create a dynamically provisioned PersistentVolumeClaim.
Create a file encrypted-pvc.yaml with below contents.
|
|
3. Create a pod to use the PVC
|
|
That is all you need to use encrypted EBS volumes with Kubernetes on AWS.