VMware Tanzu Encrypted Volumes Pending

th3count · February 15, 2024, 8:45pm

I’m running Portworx Essentials (v3.1) on a VMware Tanzu cluster (Kube v1.24.9) and I cannot get any of the encrypted storage classes to work.

If I deploy a PVC with a non-encrypted portworx storage class it works and I can see the volume/reps in the pxctl.

If I deploy a PVC with a portworx storage class with secure=true it hangs indefinitely with no pod logs showing any errors. In pxctl I can see the failed volume, but if I try and delete it it times out as well. Doesn’t matter if its a CSI backed storage class or either.

Spec was generated through Portworx spec generator and secret is setup with Azure Key Vault. The AKV works because I can see portworx generate the cluster wide secret entry and no errors there.

Is it possible this is a bug or a limit of the Essentials license?

tetrus · February 15, 2024, 9:08pm

I am also having this issue. Looking for any insights if its an essentials limitation. When analyzing the license list with pxctl I can see BYOK data encryption is enabled.

Topic		Replies	Views
Encrypted Volume PVC pending Portworx Volumes pvc	8	1314	October 14, 2021
Canont create encrypted volume: Key not found Portworx on Kubernetes	2	1059	February 6, 2021
portworx essential 2.6.3installed but volumes in pending state Portworx on Kubernetes	1	547	June 29, 2021
PVC stuck in pending because of i/o timeout during PVC provisioning Portworx on Kubernetes pvc	6	3147	October 11, 2022
Portworx installation failed Portworx Essentials install	1	24	October 2, 2024

VMware Tanzu Encrypted Volumes Pending

Related Topics