openstack
/
octavia
Code Issues Proposed changes
octavia/elements/certs-ramfs
History
Michael Johnson 4007d56b3e Limit cryptsetup key RAM usage 
This patch limits cryptsetup to 256MB of RAM during the amphora
startup. Recent distros have changed to LUKS2 with Argon2
key derivation which defaults to using up to 1GB of RAM.
Typically our amphora are built with only 1GB of RAM for the whole
system.

Change-Id: I018e36f69a9c0b48a6651a01cc9a64abfc04d4de
Story: 2005837
Task: 33606
 		2019-06-06 15:10:36 -07:00
..
init-scripts Limit cryptsetup key RAM usage 2019-06-06 15:10:36 -07:00
post-install.d Use cryptsetup/LUKS for encrypted ramfs 2017-02-14 10:37:45 +00:00
README.rst Use cryptsetup/LUKS for encrypted ramfs 2017-02-14 10:37:45 +00:00
element-deps Use cryptsetup/LUKS for encrypted ramfs 2017-02-14 10:37:45 +00:00
package-installs.yaml Use cryptsetup/LUKS for encrypted ramfs 2017-02-14 10:37:45 +00:00
svc-map Use cryptsetup/LUKS for encrypted ramfs 2017-02-14 10:37:45 +00:00

README.rst

Element to setup an encrypted ramfs to store the TLS certificates and keys.

Enabling this element will mean that the amphora can no longer recover from a reboot.