Re: [libvirt-users] luks ecrypted storage poll - lvm - possible?
On Thu, Dec 20, 2018 at 04:57:41PM -0500, John Ferlan wrote:
On 12/20/18 11:56 AM, lejeczek wrote:
> hi everyone,
>
> do we get to encrypt lvm pools in/with libvirt?
The pool or the volumes?
>
> I'm on Centos 7.x but see mention of it, not even on the net.
I have no idea which libvirt version is in Centos versions, but support
was added in libvirt 3.9.0 (Nov. 2017) via commit 2518fd3b6a with a
followup commit 9b837963 for libvirt 4.5.0 (June 2018) to "further
clarify" that only LUKS encryption is supported.
>
> Or in other words - can guests(lxc I'm thinking of) run off ecrypted lvm
> where at least the part when dev gets luksOpened is taken care of by
> libvirt?
It should work with the appropriate secret and volume being used.
Only for the QEMU driver. AFAIR, we never wired up any luks support
into the LXC driver.
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|