2.0 KiB
2.0 KiB
Cinder volume encryption support
https://blueprints.launchpad.net/heat/+spec/cinder-volume-encryption
Provides support for encrypted cinder volume creation.
Problem description
Cinder provide encrypted volume creation by using encrypted volume type as described in below wiki page: http://docs.openstack.org/juno/config-reference/content/section_volume-encryption.html
Proposed change
Add new contrib heat resource plugin for creating the encrypted volume type OS::Cinder::EncryptedVolumeType with following properties:
provider (required)
- description: The class that provides encryption support. For example, nova.volume.encryptors.luks.LuksEncryptor.
- type: string
cipher (optional)
- description: The encryption algorithm or mode. For example, aes-xts-plain64
- type: string
key_size (optional)
- description: Size of encryption key, in bits. For example, 128 or 256.
- type: integer
control_location (optional)
- default: front-end
- allowed-values: front-end, back-end.
- description: Notional service where encryption is performed.
- type: string
type (required)
- description: Name or id of volume type (OS::Cinder::VolumeType)
- type: string
This resource needs following actions:
- create
- delete
Alternatives
None.
Implementation
Assignee(s)
- Primary assignee:
-
Kanagaraj Manickam (kanagaraj-manickam)
Milestones
- Target Milestone for completion:
-
liberty-1
Work Items
- Add new contrib resource plugin as described in the solution section
- Add test cases for new resource plugin
- Add required functional test cases to validate the resource.
Dependencies
None