On 21/12/2018 09:28, Daniel P. Berrangé wrote:
On Thu, Dec 20, 2018 at 04:57:41PM -0500, John Ferlan wrote:
On 12/20/18 11:56 AM, lejeczek wrote:
hi everyone,
do we get to encrypt lvm pools in/with libvirt?
The pool or the volumes?
I'm on Centos 7.x but see mention of it, not even on the net.
I have no idea which libvirt version is in Centos versions, but support
was added in libvirt 3.9.0 (Nov. 2017) via commit 2518fd3b6a with a
followup commit 9b837963 for libvirt 4.5.0 (June 2018) to "further
clarify" that only LUKS encryption is supported.
Or in other words - can guests(lxc I'm thinking of) run off ecrypted lvm
where at least the part when dev gets luksOpened is taken care of by
libvirt?
It should work with the appropriate secret and volume being used.
Only for the QEMU driver. AFAIR, we never wired up any luks support
into the LXC driver.
With LXC it does not look, did not look good at all, but I had hope. A
while ago I filed this: https://bugzilla.redhat.com/show_bug.cgi?id=1641381
I cannot start lxc containers even off not encrypted lvm volumes.
Regards,
Daniel
_______________________________________________
libvirt-users mailing list
libvirt-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvirt-users