Store encryption metadata with individual volumes

Registered by hadi esiely on 2015-01-27

Encryption metadata is currently associated with (encrypted) volume types, which forces
snapshots, clones, and backups to all share the same volume type as the original volume. This
requirement, which is really an implementation artifact, leads to numerous special cases and
needless complexity.
This proposed change copies the encryption metadata from an encrypted volume type when a
volume is created. The encryption metadata is then stored with snapshots, clones, backups, etc.,
but there is no need to retain the original volume's type.
A side benefit of this change is the ability to modify the default encryption metadata (cipher, key
size, etc.) for a volume type since it will not affect existing volumes of that type. Currently
volume types cannot be updated or deleted once an encrypted volume has been created.

Blueprint information

Status:
Not started
Approver:
Sean McGinnis
Priority:
Medium
Drafter:
hadi esiely
Direction:
Needs approval
Assignee:
hadi esiely
Definition:
Approved
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

<thingee> 2015-02-14: I don't think this will have a good chance in Kilo since it's so late. Also I think this kind of thing needs a Cinder spec.

Gerrit topic: https://review.openstack.org/#q,topic:bp/volume-encryption-metadata,n,z

Addressed by: https://review.openstack.org/152284
    Store volume encryption metadata on each volume

Addressed by: https://review.openstack.org/154538
    blueprint volume-encryption-metadata

Addressed by: https://review.openstack.org/168177
    Add test case for volume_encryption_metadata_get

Addressed by: https://review.openstack.org/168179
    Remove unnecessary checks for encrypted types

Addressed by: https://review.openstack.org/176050
    Add volume encryption metadata spec

Addressed by: https://review.openstack.org/213826
    Correct comment to be consistent with code

Addressed by: https://review.openstack.org/213827
    Refactor to remove duplicate code

Addressed by: https://review.openstack.org/213828
    Remove unused function volume_type_encryption_get

Addressed by: https://review.openstack.org/213829
    Clean up volume_type_update method

Addressed by: https://review.openstack.org/213835
    Store volume encryption metadata with volumes

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.