Cinder

  1. Bug #1951163
  2. Activity log

Activity log for bug #1951163

Date Who What changed Old value New value Message
2021-11-16 21:00:23 Peter bug added bug
2021-11-16 21:03:05 Peter description We make use of one of the Cinder drivers so we can have our volumes on a Dell PowerVault storage device. We use encrypted volumes, and we know that it is currently not possible to manage/import encrypted volumes. (See here https://bugs.launchpad.net/cinder/+bug/1944577) This means, if we have an encrypted volume from a previous OpenStack deployment, we cannot get this volume into Cinder in the new deployment. We are forced to create a new volume, and copy the data. We simply want to have the option of providing the LUKS encryption key that the encrypted volume uses, when importing/managing a volume. One use case we would like is that this would probably let us use `cryptsetup` to create and prepopulate an encrypted volume, before OpenStack is even deployed. We have been able to use `cryptsetup open` to decrypt the encrypted volumes and access the data within. But to be clear, if this only works/supported for encrypted volumes created by Cinder itself, that is fine. We make use of one of the Cinder drivers so we can have our volumes on a Dell PowerVault storage device. We use encrypted volumes, and we know that it is currently not possible to manage/import encrypted volumes. (See: https://bugs.launchpad.net/cinder/+bug/1944577 https://review.opendev.org/c/openstack/cinder/+/768458) This means, if we have an encrypted volume from a previous OpenStack deployment, we cannot get this volume into Cinder in the new deployment. We are forced to create a new volume, and copy the data. We simply want to have the option of providing the LUKS encryption key that the encrypted volume uses, when importing/managing a volume. One use case we would like is that this would probably let us use `cryptsetup` to create and prepopulate an encrypted volume, before OpenStack is even deployed. We have been able to use `cryptsetup open` to decrypt the encrypted volumes and access the data within. But to be clear, if this only works/supported for encrypted volumes created by Cinder itself, that is fine.
2021-11-17 00:13:00 Sofia Enriquez cinder: importance Undecided Medium
2021-11-17 00:13:23 Sofia Enriquez tags encryption import volume