From efb966ad649621b0dc051223c16a79fc0783f33c Mon Sep 17 00:00:00 2001
From: Bruce Benjamin <bruce.benjamin@jhuapl.edu>
Date: Fri, 2 Feb 2018 15:11:58 -0500
Subject: [PATCH] docs: Add booting from an encrypted volume

Now that the instructions for booting from a volume
have been migrated to nova, the instructions for
booting from an encrypted volume can be added as
well.

This commit adds instructions for how to import an
image into an encrypted volume.

Closes-Bug: 1701614

Change-Id: Ida4cf70a7e53fd37ceeadb5629e3221072219689
---
 .../user/launch-instance-from-volume.rst      | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/doc/source/user/launch-instance-from-volume.rst b/doc/source/user/launch-instance-from-volume.rst
index e7448e0ad306..e16e931a126c 100644
--- a/doc/source/user/launch-instance-from-volume.rst
+++ b/doc/source/user/launch-instance-from-volume.rst
@@ -259,6 +259,44 @@ the volume to boot an instance.
 
       $ openstack volume create --image IMAGE_ID --size SIZE_IN_GB bootable_volume
 
+   .. note::
+
+      A bootable encrypted volume can also be created by adding the
+      `-–type ENCRYPTED_VOLUME_TYPE` parameter to the volume create command:
+
+   .. code-block:: console
+
+      $ openstack volume create --type ENCRYPTED_VOLUME_TYPE --image IMAGE_ID --size SIZE_IN_GB bootable_volume
+      +---------------------+--------------------------------------+
+      | Field               | Value                                |
+      +---------------------+--------------------------------------+
+      | attachments         | []                                   |
+      | availability_zone   | nova                                 |
+      | bootable            | false                                |
+      | consistencygroup_id | None                                 |
+      | created_at          | 2017-06-13T18:59:57.626872           |
+      | description         | None                                 |
+      | encrypted           | True                                 |
+      | id                  | ded57a86-5b51-43ab-b70e-9bc0f91ef4ab |
+      | multiattach         | False                                |
+      | name                | bootable_volume                      |
+      | properties          |                                      |
+      | replication_status  | None                                 |
+      | size                | 1                                    |
+      | snapshot_id         | None                                 |
+      | source_volid        | None                                 |
+      | status              | creating                             |
+      | type                | LUKS                                 |
+      | updated_at          | None                                 |
+      | user_id             | 459ae34ffcd94edab0c128ed616bb19f     |
+      +---------------------+--------------------------------------+
+
+
+   This requires an encrypted volume type, which must be created ahead of
+   time by an admin.  See
+   `Create an encrypted volume type <https://docs.openstack.org/horizon/latest/admin/manage-volumes.html#create-an-encrypted-volume-type>`_
+   in the OpenStack Horizon Administration Guide.
+
 #. Create a VM from previously created bootable volume. The volume is not
    deleted when the instance is terminated.