d59e41fb3c
A new microversion 3.70 adds the ability to transfer a volume's encryption key when transferring a volume to another project. When the volume transfer is initiated, the volume's encryption secret is essentially transferred to the cinder service. - The cinder service creates a new encryption_key_id that contains a copy of the volume's encryption secret. - The volume (and its snapshots) is updated with the new encryption_key_id (the one owned by the cinder service). - The volume's original encryption_key_id (owned by the volume's owner) is deleted. When the transfer is accepted, the secret is transferred to the user accepting the transfer. - A new encryption_key_id is generated on behalf of the new user that contains a copy of the volume's encryption secret. - The volume (and its snapshots) is updated with the new encryption_key_id (the one owned by the user). - The intermediate encryption_key_id owned by the cinder service is deleted. When a transfer is cancelled (deleted), the same process is used to transfer ownship back to the user that cancelled the transfer. Implements: blueprint transfer-encrypted-volume Change-Id: I459f06504e90025c9c0b539981d3d56a2a9394c7 |
||
---|---|---|
.. | ||
cinder-manage.rst | ||
cinder-status.rst | ||
cli-cinder-quotas.rst | ||
cli-cinder-scheduling.rst | ||
cli-manage-volumes.rst | ||
cli-set-quotas.rst | ||
index.rst | ||
README.rst |
Cinder CLI Documentation (source/cli)
Introduction:
This directory is intended to hold any documentation that relates to Cinder's Command Line Interface. Note that this directory is intended for basic descriptions of the commands supported, similar to what you would find with a 'man page'. Tutorials or step-by-step guides should go into 'doc/source/admin' or 'doc/source/user' depending on the target audience.
The full spec for organization of documentation may be seen in the OS Manuals Migration Spec <https://specs.openstack.org/openstack/docs-specs/specs/pike/os-manuals-migration.html>.