From 09ad89b7eecd6ea654a17690996c2ec4a63dd31e Mon Sep 17 00:00:00 2001 From: Sofia Enriquez Date: Thu, 6 Aug 2020 18:13:24 +0000 Subject: [PATCH] Doc note warning about retyping unencrypted/encrypted volume MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit As suggested in 662b8210aab8e08bdddbf30e2b21ae357f3be32e and discussed at Victoria PTG[1] it would be nice to have a notes warning users to don’t try this. [1] https://wiki.openstack.org/wiki/CinderVictoriaPTGSummary#Sizing_encrypted_volumes Change-Id: I3fd514126dbdf56d4d4d8e423e98e462238c683f Partial-Bug: #1687880 --- api-ref/source/v2/volumes-v2-volumes-actions.inc | 5 +++++ api-ref/source/v3/volumes-v3-volumes-actions.inc | 5 +++++ .../configuration/block-storage/volume-encryption.rst | 9 +++++++++ 3 files changed, 19 insertions(+) diff --git a/api-ref/source/v2/volumes-v2-volumes-actions.inc b/api-ref/source/v2/volumes-v2-volumes-actions.inc index 691d4436bba..fb222f3b2e8 100644 --- a/api-ref/source/v2/volumes-v2-volumes-actions.inc +++ b/api-ref/source/v2/volumes-v2-volumes-actions.inc @@ -405,6 +405,11 @@ Policy defaults enable only users with the administrative role or the owner of the volume to perform this operation. Cloud providers can change these permissions through the policy configuration file. +Retyping an unencrypted volume to the same size encrypted volume will most +likely fail. Even though the volume is the same size as the source volume, the +encrypted volume needs to store additional encryption information overhead. +This results in the new volume not being large enough to hold all data. + Response codes -------------- diff --git a/api-ref/source/v3/volumes-v3-volumes-actions.inc b/api-ref/source/v3/volumes-v3-volumes-actions.inc index 009b1c05156..935a0f4c6c1 100644 --- a/api-ref/source/v3/volumes-v3-volumes-actions.inc +++ b/api-ref/source/v3/volumes-v3-volumes-actions.inc @@ -461,6 +461,11 @@ Policy defaults enable only users with the administrative role or the owner of the volume to perform this operation. Cloud providers can change these permissions through the policy configuration file. +Retyping an unencrypted volume to the same size encrypted volume will most +likely fail. Even though the volume is the same size as the source volume, the +encrypted volume needs to store additional encryption information overhead. +This results in the new volume not being large enough to hold all data. + Response codes -------------- diff --git a/doc/source/configuration/block-storage/volume-encryption.rst b/doc/source/configuration/block-storage/volume-encryption.rst index b46c5f9b560..f15940b5b74 100644 --- a/doc/source/configuration/block-storage/volume-encryption.rst +++ b/doc/source/configuration/block-storage/volume-encryption.rst @@ -218,3 +218,12 @@ sections. In the above example you see that the search returns the string written to the unencrypted volume, but not the encrypted one. + +Known Issues +~~~~~~~~~~~~ + +Retyping an unencrypted volume to the same size encrypted volume will +most likely fail. Even though the volume is the same size as the source +volume, the encrypted volume needs to store additional encryption +information overhead. This results in the new volume not being large +enough to hold all data.