[openstack-dev] [Cinder] encryption is not supported in ceph volume

Hi all, I created an encryption type, and create a volume in Ceph with the volume type. cinder encryption-type-create But failed to attach it to a VM. The error message shows that no device_path in connection_info. ^[[01;31m2015-07-30 05:55:57.117 TRACE oslo_messaging.rpc.dispatcher

Re: [openstack-dev] [cinder] Proposing Gorka Eguileor for core

On Aug 14, 2015 03:13, Mike Perez wrote: It gives me great pleasure to nominate Gorka Eguileor for Cinder core. Gorka's contributions to Cinder core have been much apprecated: https://review.openstack.org/#/q/owner:%22Gorka+Eguileor%22+project:o penstack/cinder,p,0035b6410002dd11 60/90

[openstack-dev] [cinder]Cinder creates encrypted volume from image

Hi all, Currently when cinder creates a volume with an encrypted volume type from an image(which is unencrypted), it just reads data from image, and writes them Into the volume. As a result the encrypted volume contains unencrypted data, and Nova fails to boot from the volume.

[openstack-dev] [cinder]Review request for data transfer between encrypted volumes and images

Hi, @Jay, As talked with you in IRC, I have updated the patches which fix the bug in Cinder about creating encrypted volumes from images, and uploading encrypted volumes to images. Please help to review. https://review.openstack.org/#/c/216567/ https://review.openstack.org/#/c/217557/ Also

Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick

Thank you, Ben. I agree with you, and just to clear the cinder operations which needs to decrypt volumes in following. On Dec 3, 2015 05:01, Ben Swartzlander wrote: > On 11/30/2015 09:04 AM, Coffman, Joel M. wrote: >> >> >> On 11/25/15, 11:33 AM, "Ben Swartzlander" >

Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick

From: Coffman, Joel M. [mailto:joel.coff...@jhuapl.edu] Sent: Thursday, December 3, 2015 2:07 AM To: openstack-dev@lists.openstack.org Subject: Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick From: "duncan.tho...@gmail.com"

Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick

n 12/03/2015 07:40 AM, Duncan Thomas wrote: > > On 3 December 2015 at 11:14, Li, Xiaoyan <xiaoyan...@intel.com > > <mailto:xiaoyan...@intel.com>> wrote: > > > > Just to clear the data operations cinder needs to touch plaintext > > data are: > >

[openstack-dev] [cinder] Dependencies of snapshots on volumes

Hi all, Currently when deleting a volume, it checks whether there are snapshots created from it. If yes deletion is prohibited. But it allows to extend the volume, no check whether there are snapshots from it. The two behaviors in Cinder are not consistent from my viewpoint. In backend

Re: [openstack-dev] [cinder] Dependencies of snapshots on volumes

On Dec 10, 2015 06:34, Mike Perez wrote: > On 09:27 Dec 09, John Griffith wrote: >> On Tue, Dec 8, 2015 at 9:10 PM, Li, Xiaoyan <xiaoyan...@intel.com> > wrote: > > > >>> As a result, this raises two concerns here: >>> 1. Let such operations be

Re: [openstack-dev] [nova][cinder]Detach a encrypted volume won't cleanup the device patch

Hi, For ISCSIConnector, the path can be recovered by rescan before disconnect_volume: https://github.com/openstack/os-brick/blob/master/os_brick/initiator/connector.py#L835 And for NFS volumes, it leads to following bug: https://bugs.launchpad.net/nova/+bug/1511255 Best wishes Lisa From:

[openstack-dev] [cinder][nova]Move encryptors to os-brick

Hi all, To fix bug [1][2] in Cinder, Cinder needs to use nova/volume/encryptors[3] to attach/detach encrypted volumes. To decrease the code duplication, I raised a BP[4] to move encryptors to os-brick[5]. Once it is done, Nova needs to update to use the common library. This is BP raised.

[openstack-dev] [cinder][glance]Upload encrypted volumes to images

Hi all, More help about volume encryption is needed. About uploading encrypted volumes to image, there are three options: 1. Glance only keeps non-encrypted images. So when uploading encrypted volumes to image, cinder de-crypts the data and upload. 2. Glance maintain encrypted images. Cinder

Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick

Hi, Except creating encrypted volume from images, uploading encrypted volumes to image, as Duncan said there is desire to migrate volumes between encrypted and unencrypted type. https://review.openstack.org/#/c/248593/ And key magagment codes are duplicated in Cinder and Nova:

Re: [openstack-dev] [cinder][nova]Move encryptors to os-brick

keys or upload unencrypted images it needs encryptors. If we can’t provide above functions, I think it will prevent the popular of Cinder encryption usage. Best wishes Lisa From: Li, Xiaoyan [mailto:xiaoyan...@intel.com] Sent: Monday, November 23, 2015 8:57 PM To: OpenStack Development Mailing

Re: [openstack-dev] [cinder][glance]Upload encrypted volumes to images

On Nov 23, 2015 22:34, Daniel P. Berrange wrote: > On Mon, Nov 23, 2015 at 07:05:05AM +0100, Philipp Marek wrote: >>> About uploading encrypted volumes to image, there are three options: >>> 1. Glance only keeps non-encrypted images. So when uploading > encrypted >>>volumes to image, cinder

Re: [openstack-dev] [cinder] Testing Cinder upgrades - c-bak upgrade

@ DuncanT and @dule: I noticed from IRC log that you are discussing about c-bak upgrade, and I am working on this, please see following message. Hope I don't miss anything. As you know, currently c-bak and c-vol are in same nodes. c-bak depends on c-vol service. But it is not necessary that

Re: [openstack-dev] [cinder]restore method while ceph backup backend is used

Hi, Cinder backup service discards excess bytes when restoring based on configuration. https://github.com/openstack/cinder/blob/master/cinder/backup/drivers/ceph.py#L317 https://github.com/openstack/cinder/blob/master/cinder/backup/drivers/ceph.py#L284 Lisa From: 刘庆 [mailto:win...@gmail.com]

Re: [openstack-dev] [cinder] [nova] os-brick privsep failures and an upgrade strategy?

Hi, What is the discussion result of privsep issue? When can we release next os-brick? Best wishes Lisa From: Ivan Kolodyazhny [mailto:e...@e0ne.info] Sent: Wednesday, July 13, 2016 9:55 PM To: OpenStack Development Mailing List (not for usage questions)

Re: [openstack-dev] [gate] [cinder] A current major cause for gate failure - cinder backups

Hi, I noticed that as VolumesBackupsV1Test and VolumesBackupsV2Test use same volume to do backup creation test etc. When creating backup from volume, it needs to attach volume. As both two tests use same volume, they attach the volume at same time, and leads failure. I opened a bug

Re: [openstack-dev] [cinder] [ceilometer]

The new notification reports kinds of capacity information, includes total, free, allocated, provisioned, visual_free. Detailed info please see the following specs: https://review.openstack.org/#/c/192542/2/specs/liberty/cinder-capacity-notifications.rst