Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support to ec2 provider for encrypted root disks, kms, gp3, io2, throughput. #13101

Merged
merged 1 commit into from
Jun 23, 2021
Merged

Add support to ec2 provider for encrypted root disks, kms, gp3, io2, throughput. #13101

merged 1 commit into from
Jun 23, 2021

Conversation

hpidcock
Copy link
Member

@hpidcock hpidcock commented Jun 23, 2021
edited
Loading

Adds support to EC2 provider for:

  • Encrypted root disks
  • KMS key selection for encrypted disks via "kms-key-id" key
  • Add support for GP3 and IO2 volume types
  • Add support for "throughput" key on GP3 volumes

QA steps

juju bootstrap aws \
  --storage-pool name=ebs-encrypted \
  --storage-pool type=ebs \
  --storage-pool encrypted=true \
  --storage-pool kms-key-id="arn:aws:kms:us-east-1:<snip>" \
  --storage-pool volume-type=gp3 \
  --storage-pool throughput=500M \
  --bootstrap-constraints="root-disk-source=ebs-encrypted"

Documentation changes

Updates required for AWS documentation in storage docs.
https://discourse.charmhub.io/t/use-juju-storage/1079

Bug reference

https://bugs.launchpad.net/juju/+bug/1931139

benhoyt
benhoyt approved these changes Jun 23, 2021
View reviewed changes
Copy link
Contributor

@benhoyt benhoyt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks really good. Approved, but just a question or two.

provider/ec2/ebs_test.go Outdated Show resolved Hide resolved
provider/ec2/ebs.go
EBS_IOPS = "iops"

// EBS_Throughput is the max transfer troughput for gp3 volumes.
EBS_Throughput = "throughput"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can someone get a list of these options or help on them using the CLI? I'm guessing not, but wondering how people would find out about them (before we update the docs).

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, we need to work on this with config v2 :)
These things really should dynamically be exposed based on context (model/controller/cloud).

@hpidcock hpidcock force-pushed the aws-encrypted-ebs branch from bfe6abd to af373fc Compare June 23, 2021 06:00
@hpidcock
Copy link
Member Author

$$merge$$

@jujubot jujubot merged commit 87cc371 into juju:2.9 Jun 23, 2021
@hpidcock
Copy link
Member Author

Support encrypted volumes on EC2

@manadart manadart mentioned this pull request Jun 25, 2021
Merged
jujubot added a commit that referenced this pull request Jun 28, 2021
@jujubot
Merge pull request #13109 from manadart/2.9-into-develop
5d0776d 
#13109

Merge from 2.9 to bring forward:
- #13103 from manadart/2.9-lxd-spec-assignment
- #13105 from ycliuhw/fix/lp-1929904
- #13106 from SimonRichardson/update-http-dep
- #13100 from tlm/model-operator-29-upgrade
- #13102 from manadart/2.9-lxd-with-proxy
- #13099 from SimonRichardson/updating-packaging-dep
- #13096 from ycliuhw/lp-1927656
- #13101 from hpidcock/aws-encrypted-ebs
- #13073 from tlm/LP1930798-juju-2.9-k8s-upgrade-2
- #13078 from hmlanigan/sidecar-charm-via-bundle
- #13098 from achilleasa/2.9-logsink-error-if-persisting-logs-to-db-fails
- #13091 from wallyworld/use-aws-sdk-v2
- #13095 from jujubot/increment-to-2.9.7

Conflicts:
- caas/kubernetes/provider/export_test.go
- cmd/juju/application/deployer/bundlehandler.go
- cmd/juju/application/deployer/deployer.go
- core/bundle/changes/handlers.go
- core/charm/computedseries.go
- go.mod
- go.sum
- scripts/win-installer/setup.iss
- snap/snapcraft.yaml
- version/version.go
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benhoyt benhoyt benhoyt approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@hpidcock @benhoyt @jujubot