Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty -  Liberty - 

 Initial configuration

Configuration changes need to be made to any nodes running the cinder-volume or nova-compute server.

Steps to update cinder-volume servers:

  1. Edit the /etc/cinder/cinder.conf file to use Key management service as follows:

    1. Look for the [keymgr] section.

    2. Enter a new line directly below [keymgr] with the following: api_class=cinder.keymgr.barbican.BarbicanKeyManager


      Use a '#' prefix to comment out the line in this section that begins with 'fixed_key'.

  2. Restart cinder-volume.

Update nova-compute servers:

  1. Repeat the same steps above to set up the Key management service by editing /etc/nova/nova.conf

  2. Restart nova-compute.

Follow the instructions in the OpenStack Admin User Guide under the heading Create an encrypted volume type or alternatively, see the section called “Create an encrypted volume type” in this manual to do this via the command line.

Create an encrypted volume by typing the command:

$ cinder create --name encryptedVolume --volume-type LUKS 1

For alternate instructions and details, including the console output, see the the section called “Create an encrypted volume” in this document.

Questions? Discuss on
Found an error? Report a bug against this page

loading table of contents...