Re: luks ecrypted storage poll - lvm - possible?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 21/12/2018 09:28, Daniel P. Berrangé wrote:
On Thu, Dec 20, 2018 at 04:57:41PM -0500, John Ferlan wrote:

On 12/20/18 11:56 AM, lejeczek wrote:
hi everyone,

do we get to encrypt lvm pools in/with libvirt?
The pool or the volumes?

I'm on Centos 7.x but see mention of it, not even on the net.
I have no idea which libvirt version is in Centos versions, but support
was added in libvirt 3.9.0 (Nov. 2017) via commit 2518fd3b6a with a
followup commit 9b837963 for libvirt 4.5.0 (June 2018) to "further
clarify" that only LUKS encryption is supported.

Or in other words - can guests(lxc I'm thinking of) run off ecrypted lvm
where at least the part when dev gets luksOpened is taken care of by
libvirt?
It should work with the appropriate secret and volume being used.
Only for the QEMU driver. AFAIR, we never wired up any luks support
into the LXC driver.

With LXC it does not look, did not look good at all, but I had hope. A while ago I filed this: https://bugzilla.redhat.com/show_bug.cgi?id=1641381

I cannot start lxc containers even off not encrypted lvm volumes.


Regards,
Daniel


_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users




[Index of Archives]     [Virt Tools]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux