Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty - 

 Create an encrypted volume

Use the OpenStack dashboard (horizon), or the cinder command to create volumes just as you normally would. For an encrypted volume use the LUKS tag, for unencrypted leave the LUKS tag off.

  1. Source your admin credentials:

    $ source admin-openrc.sh
  2. Create an unencrypted 1 GB test volume:

    $ cinder create --display-name 'unencrypted volume' 1
    +--------------------------------+--------------------------------------+
    |            Property            |                Value                 |
    +--------------------------------+--------------------------------------+
    |          attachments           |                  []                  |
    |       availability_zone        |                 nova                 |
    |            bootable            |                false                 |
    |           created_at           |      2014-08-10T01:24:03.000000      |
    |          description           |                 None                 |
    |           encrypted            |                False                 |
    |               id               | 081700fd-2357-44ff-860d-2cd78ad9c568 |
    |            metadata            |                  {}                  |
    |              name              |          unencrypted volume          |
    |     os-vol-host-attr:host      |              controller              |
    | os-vol-mig-status-attr:migstat |                 None                 |
    | os-vol-mig-status-attr:name_id |                 None                 |
    |  os-vol-tenant-attr:tenant_id  |   08fdea76c760475f82087a45dbe94918   |
    |              size              |                  1                   |
    |          snapshot_id           |                 None                 |
    |          source_volid          |                 None                 |
    |             status             |               creating               |
    |            user_id             |   7cbc6b58b372439e8f70e2a9103f1332   |
    |          volume_type           |                 None                 |
    +--------------------------------+--------------------------------------+
  3. Create an encrypted 1 GB test volume:

    $ cinder create --display-name 'encrypted volume' --volume-type LUKS 1
    +--------------------------------+--------------------------------------+
    |            Property            |                Value                 |
    +--------------------------------+--------------------------------------+
    |          attachments           |                  []                  |
    |       availability_zone        |                 nova                 |
    |            bootable            |                false                 |
    |           created_at           |      2014-08-10T01:24:24.000000      |
    |          description           |                 None                 |
    |           encrypted            |                 True                 |
    |               id               | 86060306-6f43-4c92-9ab8-ddcd83acd973 |
    |            metadata            |                  {}                  |
    |              name              |           encrypted volume           |
    |     os-vol-host-attr:host      |              controller              |
    | os-vol-mig-status-attr:migstat |                 None                 |
    | os-vol-mig-status-attr:name_id |                 None                 |
    |  os-vol-tenant-attr:tenant_id  |   08fdea76c760475f82087a45dbe94918   |
    |              size              |                  1                   |
    |          snapshot_id           |                 None                 |
    |          source_volid          |                 None                 |
    |             status             |               creating               |
    |            user_id             |   7cbc6b58b372439e8f70e2a9103f1332   |
    |          volume_type           |                 LUKS                 |
    +--------------------------------+--------------------------------------+

Notice the encrypted parameter; it will show True/False. The option volume_type is also shown for easy review.

[Note]Note

Due to the issue that some of the volume drivers do not set 'encrypted' flag, attaching of encrypted volumes to a virtual guest will fail, because OpenStack Compute service will not run encryption providers.

Questions? Discuss on ask.openstack.org
Found an error? Report a bug against this page

loading table of contents...