On Mon, Apr 25, 2016 at 04:28:17PM +, Coffman, Joel M. wrote:
> Based on the comments to the RBD encryption change [1], it looks
> like there will be a new direction for ephemeral disk encryption
> (embedding it in QEMU directly). I assume LVM will work the same
> way when the time comes. Will
Based on the comments to the RBD encryption change [1], it looks like there
will be a new direction for ephemeral disk encryption (embedding it in QEMU
directly). I assume LVM will work the same way when the time comes. Will there
be a migration path for the existing ephemeral disk encryption su
> example above) is encrypted, and everything written to the underlying disk
> is also encrypted. Try searching for the text in the underlying device –
> you shouldn't be able to find it.
>
> Joel
>
>
> From: Chris Buccella
> Reply-To: "openstack-dev@lists.
onday, April 11, 2016 at 1:06 PM
To:
"openstack-dev@lists.openstack.org<mailto:openstack-dev@lists.openstack.org>"
mailto:openstack-dev@lists.openstack.org>>
Subject: [openstack-dev] [nova] Encrypted Ephemeral Storage
I've been looking into using encrypted ephemeral stor
I've been looking into using encrypted ephemeral storage with LVM. With the
[ephemeral_storage_encryption] and [keymgr] sections to nova.conf, I get an
LVM volume with "-dmcrypt" is appended to the volume name, but otherwise
see no difference; I can still grep for text inside the volume.
Upon read