Initial configuration

Liberty - Liberty - Liberty - Liberty - Liberty - Liberty - Liberty - Liberty -

Configuration changes need to be made to any nodes running the cinder-volume or nova-compute server.

Steps to update cinder-volume servers:

Edit the /etc/cinder/cinder.conf file to use Key management service as follows:
1. Look for the [keymgr] section.
2. Enter a new line directly below [keymgr] with the following: api_class=cinder.keymgr.barbican.BarbicanKeyManager
  Note
  Use a '#' prefix to comment out the line in this section that begins with 'fixed_key'.
Restart cinder-volume.

	Note
Use a '#' prefix to comment out the line in this section that begins with 'fixed_key'.

Update nova-compute servers:

Repeat the same steps above to set up the Key management service by editing /etc/nova/nova.conf
Restart nova-compute.

Follow the instructions in the OpenStack Admin User Guide under the heading Create an encrypted volume type or alternatively, see the section called “Create an encrypted volume type” in this manual to do this via the command line.

Create an encrypted volume by typing the command:

$ cinder create --name encryptedVolume --volume-type LUKS 1

For alternate instructions and details, including the console output, see the the section called “Create an encrypted volume” in this document.