Has anyone tried using encrypted ephemeral storage for nova?
I setup nova to use LVM as it's backend and added the
[ephemeral_storage_encryption] and [keymgr] sections to nova.conf. Upon
booting a new instance, the instance volume is named as if it's encrypted
("-dmcrypt" is appended to the volume name), but it is not encrypted. No
errors in the logs.
Looking at the source code, I don't see "cryptsetup luksFormat" being
called anywhere.
Is this feature half-baked, or am I misunderstanding how it's supposed to
work?
I'm running Kilo.
Thanks,
-Chris
_______________________________________________
OpenStack-operators mailing list
[email protected]
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-operators
