api-ref: update migration_policy retype note about encrypted volumes

Nova has historically not supported swap volume operations (via cinder volume retype / volume migration) for an in-use encrypted volume. That was recently addressed via nova bug 1739593. However, as of change Ibfa64f18bbd2fb70db7791330ed1a64fe61c1355 in nova, depending on the version of libvirt/qemu on the compute host, a luks-encrypted volume will use native qemu luks decryption. That does not yet support blockRebase operations which are used during swap volume due to https://bugzilla.redhat.com/show_bug.cgi?id=760547. So it's safe to say that for now, a retype which involves a volume migration is not supported for an in-use encrypted volume. Change-Id: I7ce992f51d50d00950d3fc4ebb44b69a31a94787 Related-Bug: #1739593
2018-01-25 13:11:37 -05:00 · 2018-01-25 13:11:37 -05:00 · aff9ca2b37
parent aa58746ec2
commit aff9ca2b37
2 changed files with 10 additions and 2 deletions
--- a/api-ref/source/v2/parameters.yaml
+++ b/api-ref/source/v2/parameters.yaml
@ -1008,6 +1008,9 @@ metadata_items:
  in: body
  required: true
  type: integer
+# NOTE(mriedem): We can update the migration_policy retype note about encrypted
+# in-use volumes not being supported once
+# https://bugzilla.redhat.com/show_bug.cgi?id=760547 is fixed.
 migration_policy:
  description: |
    Specify if the volume should be migrated when it is re-typed.
@ -1016,7 +1019,8 @@ migration_policy:

    .. note:: If the volume is attached to a server instance and will be
      migrated, then by default policy only users with the administrative role
-      should attempt the retype operation.
+      should attempt the retype operation. A retype which involves a migration
+      to a new host for an *in-use* encrypted volume is not supported.
  in: body
  required: false
  type: string
--- a/api-ref/source/v3/parameters.yaml
+++ b/api-ref/source/v3/parameters.yaml
@ -1704,6 +1704,9 @@ metadata_9:
  required: false
  type: object
  min_version: 3.43
+# NOTE(mriedem): We can update the migration_policy retype note about encrypted
+# in-use volumes not being supported once
+# https://bugzilla.redhat.com/show_bug.cgi?id=760547 is fixed.
 migration_policy:
  description: |
    Specify if the volume should be migrated when it is re-typed.
@ -1712,7 +1715,8 @@ migration_policy:

    .. note:: If the volume is attached to a server instance and will be
      migrated, then by default policy only users with the administrative role
-      should attempt the retype operation.
+      should attempt the retype operation. A retype which involves a migration
+      to a new host for an *in-use* encrypted volume is not supported.
  in: body
  required: false
  type: string