This document proposes adding support for the Key Management Interoperability Protocol (KMIP) as a backend for RGW's Server-Side Encryption with S3-Managed Keys (SSE-S3).
This feature will mirror the functionality of the existing HashiCorp Vault Transit backend, allowing a KMIP server to manage bucket-level Key Encryption Keys (KEKs) while RGW manages the creation and lifecycle of per-object Data Encryption Keys (DEKs).
| { | |
| "datasource": { | |
| "uid": "$datasource" | |
| }, | |
| "fieldConfig": { | |
| "defaults": { | |
| "custom": { | |
| "drawStyle": "line", | |
| "lineInterpolation": "linear", | |
| "barAlignment": 0, |
| { | |
| "data": [ | |
| { | |
| "traceID": "6916d4661b0a749cafec1ceb5c0fc162", | |
| "spans": [ | |
| { | |
| "traceID": "6916d4661b0a749cafec1ceb5c0fc162", | |
| "spanID": "07242f218080c279", | |
| "operationName": "op-request-created", | |
| "references": [], |
| { | |
| "data": [ | |
| { | |
| "traceID": "44fceb10bb5c3566b79501afece6e190", | |
| "spans": [ | |
| { | |
| "traceID": "44fceb10bb5c3566b79501afece6e190", | |
| "spanID": "54767bf47741f910", | |
| "operationName": "list_buckets tx0000018465e2f8689e2c7-00643cc416-11a0-my-store", | |
| "references": [], |
$ minikube stop && minikube delete && minikube start --force --cpus="6" -b kubeadm --kubernetes-version="v1.24.3" --driver="kvm2" --extra-config="kubelet.cgroup-driver=systemd"
We'll use Jaeger Operator for this, uses webhooks to validate Jaeger custom
| #/bin/bash | |
| minikube start --force --memory="4096" --cpus="2" -b kubeadm --kubernetes-version="v1.19.2" --driver="kvm2" --feature-gates="BlockVolume=true,CSIBlockVolume=true,VolumeSnapshotDataSource=true,ExpandCSIVolumes=true" | |
| #folder for ceph info | |
| minikube ssh "sudo mkdir -p /mnt/vda1/var/lib/rook;sudo ln -s /mnt/vda1/var/lib/rook /var/lib/rook" | |
| #adding a disk | |
| sudo -S qemu-img create -f raw /var/lib/libvirt/images/minikube-box-vm-disk-80G 80G | |
| virsh -c qemu:///system attach-disk minikube --source /var/lib/libvirt/images/minikube-box-vm-disk-80G --target vdb --cache none |
| ### RECORD 1 >>> smithi016 <<< (1649679554.001) (Mon Apr 11 17:49:14 2022) ### | |
| # CPU[HYPER] SUMMARY (INTR, CTXSW & PROC /sec) | |
| # User Nice Sys Wait IRQ Soft Steal Guest NiceG Idle CPUs Intr Ctxsw Proc RunQ Run Avg1 Avg5 Avg15 RunT BlkT | |
| 2 0 0 0 0 0 0 0 0 97 8 433 835 0 1739 0 1.42 1.00 0.48 1 0 | |
| # DISK SUMMARY (/sec) | |
| #KBRead RMerged Reads SizeKB KBWrite WMerged Writes SizeKB | |
| 0 0 0 0 2067 0 11 187 |
| ``` | |
| #!/bin/bash | |
| set -ex | |
| echo "===setup clusters ===" | |
| MON=1 OSD=1 MGR=1 MDS=0 RGW=0 ../src/mstart.sh primary --short -n -d -o " | |
| mirroring_debug_snap_copy_delay = 9876 | |
| debug rbd = 20 | |
| debug rbd_mirror = 30 | |
| rbd_default_features = 61" --without-dashboard |
| ``` | |
| #!/bin/bash | |
| set -x | |
| rbdpool=data | |
| rbdimage=a1 | |
| east=primary | |
| west=secondary | |
| rbdimagefeatures="--image-feature layering --image-feature exclusive-lock --image-feature object-map --image-feature fast-diff" |
| ``` | |
| #!/bin/bash | |
| set -ex | |
| echo "===setup clusters ===" | |
| MON=1 OSD=1 MGR=1 MDS=0 RGW=0 ../src/mstart.sh primary --short -n -d -o " | |
| mirroring_debug_snap_copy_delay = 9876 | |
| debug rbd = 20 | |
| debug rbd_mirror = 30 | |
| rbd_default_features = 61" --without-dashboard |