Configure a new node pool to use Ephemeral OS disks. az aks create -name myAKSCluster -resource-group myResourceGroup -s StandardDS3v2 -aks-custom-headers EnableEphemeralOSDisktrue. I'd like to rise a feature request to allow encrypting the OS disk with customer-managed key. Use the -aks-custom-headers flag to set Ephemeral OS as the OS disk type for the new cluster. Managed Azure Disk, Azure Files)Ĭurrently the only way for customers that use AKS with a customer-managed keys encryption is set up a new cluster, migrate all data and retest which is very inconvenient. In the end of this step you will have AKS cluster and Storage account in resource group. For choosing placement of Ephemeral OS disk, select OS cache placement or Temp disk placement. it's still possible to create a StorageClass and use customer-managed keys to encrypt a storage ( i.e. ephemeral-storage: 119716326407 hugepages-1Gi: 0 hugepages-2Mi: 0. In the Azure portal, you can choose to use ephemeral disks when deploying a virtual machine or virtual machine scale sets by opening the Advanced section of the Disks tab. that will always set up nodes with OS disks (and its caches) encrypted with a platform-managed key for customers that use customer-managed keys, the only solution is to set up a new cluster and select platform-managed keys.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |