error when attempting to mark drive type as encrypted
Hi All
i am trying to set up drive encryption for lvm
so far we have followed
Initial configuration
Configuration changes need to be made to any nodes running the cinder-volume or nova-compute services.
Update cinder-volume servers:
Edit the /etc/cinder/cinder.conf file and add or update the value of the option fixed_key in the [keymgr] section:
[keymgr]
Fixed key returned by key manager, specified in hex (string
value)
fixed_key = 0000000000000000000000000000000000000000000000000000000000000000 Restart cinder-volume.
Update nova-compute servers:
Edit the /etc/nova/nova.conf file and add or update the value of the option fixed_key in the [keymgr] section (add a keymgr section as shown if needed):
[keymgr]
Fixed key returned by key manager, specified in hex (string
value)
fixed_key = 0000000000000000000000000000000000000000000000000000000000000000 Restart nova-compute.
when we run this cinder encryption-type-create --cipher aes-xts-plain64 --key_size 256 --control_location front-end lvm nova.volume.encryptors.luks.LuksEncryptor
we get the error
ERROR: Policy doesn't allow volume_extension:volume_type_encryption to be performed. (HTTP 403) (Request-ID: req-2fc9f4cd-c334-4540-9db6-545e693466ae)
Can someone point us in the correct direction to enable drive encryption
thanks
Hi
Does any one have any idea how to enable LUKS volumes in cinder?
any documentation would be greatly received
thanks