Block Storage volume type assignment provides scheduling to a specific back-end, and can be used to specify actionable information for a back-end storage device.
This example creates a volume type called LUKS and provides configuration information for the storage system to encrypt or decrypt the volume.
Source your admin credentials:
$ source admin-openrc.sh
Create the volume type:
$ cinder type-create LUKS +--------------------------------------+-------+ | ID | Name | +--------------------------------------+-------+ | e64b35a4-a849-4c53-9cc7-2345d3c8fbde | LUKS | +--------------------------------------+-------+
Mark the volume type as encrypted and provide the necessary details. Use
--control_location
to specify where encryption is performed:front-end
(default) orback-end
.$ cinder encryption-type-create --cipher aes-xts-plain64 --key_size 512 \ --control_location front-end LUKS nova.volume.encryptors.luks.LuksEncryptor +--------------------------------------+-------------------------------------------+-----------------+----------+------------------+ | Volume Type ID | Provider | Cipher | Key Size | Control Location | +--------------------------------------+-------------------------------------------+-----------------+----------+------------------+ | e64b35a4-a849-4c53-9cc7-2345d3c8fbde | nova.volume.encryptors.luks.LuksEncryptor | aes-xts-plain64 | 512 | front-end | +--------------------------------------+-------------------------------------------+-----------------+----------+------------------+
Support for creating the volume type in the OpenStack dashboard (horizon) exists today, however support for tagging the type as encrypted and providing the additional information needed is still in review.