Testing volume encryption fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OpenStack Compute (nova) |
Invalid
|
Undecided
|
Unassigned | ||
openstack-manuals |
Invalid
|
Undecided
|
Unassigned |
Bug Description
Hi
I deploy openstack liberty with nfs cinder and barbican key manager. When attaching encrypted volume to instance, in compute host run the command:
sudo nova-rootwrap /etc/nova/
After that, it run the command:
sudo nova-rootwrap /etc/nova/
The luksOpen does things: original cinder volume file is deleted, and it is a link pointed to the encrypted device.
See: https:/
compute host is where cryptsetup is run, so it can read data from volume.
When run command to test: strings /home/openstack
Result is:
Hello, world (unencrypted /dev/vdb)
Hello, world (encrypted /dev/vdc)
-------
Built: 2016-01-10T11:13:36 00:00
git SHA: 2e180b474baadea
URL: http://
source File: file:/home/
xml:id: section_
description: | updated |
tags: | added: config-reference |
no longer affects: | nova (Ubuntu) |
Changed in openstack-manuals: | |
status: | New → Invalid |
Changed in nova: | |
status: | New → Invalid |