Libvirt: Native LUKS file and host device decryption by QEMU
QEMU 2.6 and Libvirt 2.2.0 allow LUKS files and host block devices to be
decrypted natively by QEMU. This spec outlines the required changes to utilise
this new functionality within the Libvirt Nova virt driver and the possible
benefits associated with doing so.
Blueprint information
- Status:
- Complete
- Approver:
- Matt Riedemann
- Priority:
- Low
- Drafter:
- Lee Yarwood
- Direction:
- Approved
- Assignee:
- Lee Yarwood
- Definition:
- Approved
- Series goal:
- Accepted for queens
- Implementation:
-
Implemented
- Milestone target:
-
queens-rc1
- Started by
- Matt Riedemann
- Completed by
- Matt Riedemann
Related branches
Related bugs
Sprints
Whiteboard
Gerrit topic: https:/
Addressed by: https:/
Libvirt: Native LUKS file and host device decryption by QEMU
Addressed by: https:/
libvirt: Introduce disk encryption config classes
Where are we at with this series? I know Lee was re-assigned for some other things for awhile, so is anyone else going to pick this up because it's getting late for Pike (we're 3 weeks from feature freeze). -- mriedem 20170707
Work on this has stalled for Pike so I'm deferring it to Queens when maybe Lee will have more time to come back to it. -- mriedem 20170725
Addressed by: https:/
Libvirt: Native LUKS file and host device decryption by QEMU
Re-approved for Queens. -- mriedem 20171003
Gerrit topic: https:/
Addressed by: https:/
WIP libvirt: Use QEMU's native LUKS support
Addressed by: https:/
libvirt: Refactor encryptor attach and detach calls
Addressed by: https:/
DNM: Test LM with encrypted volumes
Addressed by: https:/
Add release note for QEMU native LUKS decryption
Addressed by: https:/
libvirt: Add missing encryption_
Addressed by: https:/
libvirt: Collocate encryptor and volume driver calls
Addressed by: https:/
DNM: Test LM with encrypted volumes
Addressed by: https:/
DNM: Test LM with encrypted volumes
