[openstack-dev] [cinder][glance]Upload encrypted volumes to images
Li, Xiaoyan
xiaoyan.li at intel.com
Mon Nov 23 03:45:55 UTC 2015
Hi all,
More help about volume encryption is needed.
About uploading encrypted volumes to image, there are three options:
1. Glance only keeps non-encrypted images. So when uploading encrypted volumes to image, cinder de-crypts the data and upload.
2. Glance maintain encrypted images. Cinder just upload the encrypted data to image.
3. Just prevent the function to upload encrypted volumes to images.
Option 1 No changes needed in Glance. But it may be not safe. As we decrypt the data, and upload it to images.
Option 2 This imports encryption to Glance which needs to manage the encryption metadata.
Please add more if you have other suggestions. How do you think which one is preferred.
Appreciate for your help.
Best wishes
Lisa
More information about the OpenStack-dev
mailing list