hickeng
commented
7 years ago @akshayl This is a prime example of where vTPM would come in, or integration with the 6.5 VM encryption capability.
Open douggie opened 7 years ago
hickeng
commented
7 years ago @akshayl This is a prime example of where vTPM would come in, or integration with the 6.5 VM encryption capability.
akshayl
commented
7 years ago Yup, makes sense!
hickeng
commented
7 years ago @pdaigle Hey Patrick - just a ping to put this on your radar if it never got mentioned via other means.
Manouchehri
commented
6 years ago @hickeng It would be great to have encryption per VMDK/volume. e.g. a public static web server container probably doesn't need everything in / encrypted, but it would be great to have a small separate encrypted volume with private SSL keys.
User statement: As a customer of VIC, I would like to set ensure my data on docker volumes is encrypted at rest.
Details: Containers can be run in data centres managed by a 3rd party where it might be possible for the physical disks to be removed, in the event the physical disks are removed or recycled, it would be reassuring to know the data is unusable as it as been encrypted, possibly via the leveraging the widely used LUKS encryption.
Acceptance criteria: Ability to specify an volume from a volume store with docker run -v but also ensure that the volume is encrypted at rest.