Libvirt managed storage volume encryption of a volume on 'logical' storage pool
2
I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).
# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes
Any example? See http://libvirt.org/formatstorageencryption.html
My current (plaintext) volume and pool.
[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>
[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>
lvm encryption luks libvirt
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
add a comment |
2
I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).
# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes
Any example? See http://libvirt.org/formatstorageencryption.html
My current (plaintext) volume and pool.
[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>
[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>
lvm encryption luks libvirt
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11
add a comment |
2
2
2
I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).
# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes
Any example? See http://libvirt.org/formatstorageencryption.html
My current (plaintext) volume and pool.
[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>
[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>
lvm encryption luks libvirt
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).
# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes
Any example? See http://libvirt.org/formatstorageencryption.html
My current (plaintext) volume and pool.
[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>
[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>
lvm encryption luks libvirt
lvm encryption luks libvirt
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
edited Feb 25 '17 at 17:12
jirib
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
asked Feb 25 '17 at 16:10
jiribjirib
1,002712
1,002712
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11
add a comment |
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11
add a comment |
1 Answer
1
active
oldest
votes
0
Sorry, I have no enough reputation to comment, can only post like this.
I know we can use qemu-img command to create a luks image file as VM disk.
However, I really want to use libvirt volume command to do same thing on LVM.
Do you have any new findings on this topic?
Thanks.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f347545%2flibvirt-managed-storage-volume-encryption-of-a-volume-on-logical-storage-pool%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
0
Sorry, I have no enough reputation to comment, can only post like this.
I know we can use qemu-img command to create a luks image file as VM disk.
However, I really want to use libvirt volume command to do same thing on LVM.
Do you have any new findings on this topic?
Thanks.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
Sorry, I have no enough reputation to comment, can only post like this.
I know we can use qemu-img command to create a luks image file as VM disk.
However, I really want to use libvirt volume command to do same thing on LVM.
Do you have any new findings on this topic?
Thanks.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
0
0
0
Sorry, I have no enough reputation to comment, can only post like this.
I know we can use qemu-img command to create a luks image file as VM disk.
However, I really want to use libvirt volume command to do same thing on LVM.
Do you have any new findings on this topic?
Thanks.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Sorry, I have no enough reputation to comment, can only post like this.
I know we can use qemu-img command to create a luks image file as VM disk.
However, I really want to use libvirt volume command to do same thing on LVM.
Do you have any new findings on this topic?
Thanks.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 mins ago
zhaorongzhaorong
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
answered 3 mins ago
zhaorongzhaorong
11
answered 3 mins ago
zhaorongzhaorong
11
11
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
draft saved
draft discarded
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
draft saved
draft discarded
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f347545%2flibvirt-managed-storage-volume-encryption-of-a-volume-on-logical-storage-pool%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
PS: I really want it to be managed by libvirt, no typical OS scenario.
– jirib
Feb 25 '17 at 16:11