2021-11-16 21:03:05 |
Peter |
description |
We make use of one of the Cinder drivers so we can have our volumes on a Dell PowerVault storage device.
We use encrypted volumes, and we know that it is currently not possible to manage/import encrypted volumes.
(See here https://bugs.launchpad.net/cinder/+bug/1944577)
This means, if we have an encrypted volume from a previous OpenStack deployment, we cannot get this volume into Cinder in the new deployment.
We are forced to create a new volume, and copy the data.
We simply want to have the option of providing the LUKS encryption key that the encrypted volume uses, when importing/managing a volume.
One use case we would like is that this would probably let us use `cryptsetup` to create and prepopulate an encrypted volume, before OpenStack is even deployed. We have been able to use `cryptsetup open` to decrypt the encrypted volumes and access the data within.
But to be clear, if this only works/supported for encrypted volumes created by Cinder itself, that is fine. |
We make use of one of the Cinder drivers so we can have our volumes on a Dell PowerVault storage device.
We use encrypted volumes, and we know that it is currently not possible to manage/import encrypted volumes.
(See: https://bugs.launchpad.net/cinder/+bug/1944577 https://review.opendev.org/c/openstack/cinder/+/768458)
This means, if we have an encrypted volume from a previous OpenStack deployment, we cannot get this volume into Cinder in the new deployment.
We are forced to create a new volume, and copy the data.
We simply want to have the option of providing the LUKS encryption key that the encrypted volume uses, when importing/managing a volume.
One use case we would like is that this would probably let us use `cryptsetup` to create and prepopulate an encrypted volume, before OpenStack is even deployed. We have been able to use `cryptsetup open` to decrypt the encrypted volumes and access the data within.
But to be clear, if this only works/supported for encrypted volumes created by Cinder itself, that is fine. |
|