Testing volume encryption fails

Hi

I deploy openstack liberty with nfs cinder and barbican key manager. When attaching encrypted volume to instance, in compute host run the command:

sudo nova-rootwrap /etc/nova/rootwrap.conf cryptsetup --batch-mode luksFormat --key-file=- --cipher aes-xts-plain64 --key-size 512 /home/openstack/deployment/lib/nova/mnt/014350d8bf61a4224293d8dd521b6438/volume-ac170625-e126-4f01-b123-55f864125821

After that, it run the command:

sudo nova-rootwrap /etc/nova/rootwrap.conf cryptsetup luksOpen --key-file=- /home/openstack/deployment/lib/nova/mnt/014350d8bf61a4224293d8dd521b6438/volume-ac170625-e126-4f01-b123-55f864125821 volume-ac170625-e126-4f01-b123-55f864125821

The luksOpen does things: original cinder volume file is deleted, and it is a link pointed to the encrypted device.
See: https://bugs.launchpad.net/nova/+bug/1511255

compute host is where cryptsetup is run, so it can read data from volume.

When run command to test: strings /home/openstack/deployment/lib/nova/mnt/014350d8bf61a4224293d8dd521b6438/volume-ac170625-e126-4f01-b123-55f864125821 | grep "Hello"

Result is:

Hello, world (unencrypted /dev/vdb)
Hello, world (encrypted /dev/vdc)

-----------------------------------
Built: 2016-01-10T11:13:36 00:00
git SHA: 2e180b474baadea9df8d9ae5f73a0cf8e150a417
URL: http://docs.openstack.org/liberty/config-reference/content/section_testing_encryption.html
source File: file:/home/jenkins/workspace/openstack-manuals-tox-doc-publishdocs/doc/config-reference/block-storage/section_volume-encryption.xml
xml:id: section_testing_encryption