Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On 24/11/15 07:55 +, Li, Xiaoyan wrote: On Nov 23, 2015 22:34, Daniel P. Berrange wrote: On Mon, Nov 23, 2015 at 07:05:05AM +0100, Philipp Marek wrote: About uploading encrypted volumes to image, there are three options: 1. Glance only keeps non-encrypted images. So when uploading

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On 23/11/15 03:45 +, Li, Xiaoyan wrote: Hi all, More help about volume encryption is needed. About uploading encrypted volumes to image, there are three options: 1. Glance only keeps non-encrypted images. So when uploading encrypted volumes to image, cinder de-crypts the data and upload.

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On Mon, Nov 23, 2015 at 03:45:55AM +, Li, Xiaoyan wrote: > Hi all, > More help about volume encryption is needed. > > About uploading encrypted volumes to image, there are three options: > 1. Glance only keeps non-encrypted images. So when uploading encrypted > volumes to image, cinder

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On Mon, Nov 23, 2015 at 07:05:05AM +0100, Philipp Marek wrote: > > About uploading encrypted volumes to image, there are three options: > > 1. Glance only keeps non-encrypted images. So when uploading encrypted > >volumes to image, cinder de-crypts the data and upload. > > 2. Glance maintain

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On Nov 23, 2015 22:34, Daniel P. Berrange wrote: > On Mon, Nov 23, 2015 at 07:05:05AM +0100, Philipp Marek wrote: >>> About uploading encrypted volumes to image, there are three options: >>> 1. Glance only keeps non-encrypted images. So when uploading > encrypted >>>volumes to image, cinder

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

> About uploading encrypted volumes to image, there are three options: > 1. Glance only keeps non-encrypted images. So when uploading encrypted >volumes to image, cinder de-crypts the data and upload. > 2. Glance maintain encrypted images. Cinder just upload the encrypted >data to image.

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

(1) is what we were working towards. To my mind, it is the right option. (2) Means that you have an encryption key shared between volumes, same as backups currently. It also means you can't share images, which is very limiting. (3) Makes BFV basically useless with encrypted volumes. Given there

[openstack-dev] [cinder][glance]Upload encrypted volumes to images

Hi all, More help about volume encryption is needed. About uploading encrypted volumes to image, there are three options: 1. Glance only keeps non-encrypted images. So when uploading encrypted volumes to image, cinder de-crypts the data and upload. 2. Glance maintain encrypted images. Cinder