检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Figure 1 Using persistent storage Creating a PVC Creating a PVC to apply for a 100-GB SAS EVS disk To create an encrypted EVS volume, add the paas.storage.io/cryptKeyId field in metadata.annotations. apiVersion: v1 kind: PersistentVolumeClaim metadata: name: pvc-evs namespace:
Secret A secret is a resource object for encrypted storage. You can save the authentication information, certificates, and private keys in a secret, solving the configuration problems of sensitive data such as passwords, tokens, and keys.
Advanced Configuration A secret is a resource object for encrypted storage.
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication.
To create an encrypted EVS volume, add the paas.storage.io/cryptKeyId field to metadata.annotations. To create an encrypted SFS volume, add the paas.storage.io/cryptKeyId, paas.storage.io/cryptAlias, and paas.storage.io/cryptDomainId fields to metadata.annotations.
Configuring a TLS Certificate You can configure annotations to specify the TLS certificate suite of the exporter server for encrypted communication and use the file mounting mode to associate the certificate secret.
This parameter is required only when the storage class is SFS and an encrypted volume needs to be created.