Libvirt managed storage volume encryption of a volume on 'logical' storage pool












2















I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).



# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes


Any example? See http://libvirt.org/formatstorageencryption.html



My current (plaintext) volume and pool.



[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1                                                                                                                                                  
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>

[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>









share|improve this question

























  • PS: I really want it to be managed by libvirt, no typical OS scenario.

    – jirib
    Feb 25 '17 at 16:11
















2















I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).



# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes


Any example? See http://libvirt.org/formatstorageencryption.html



My current (plaintext) volume and pool.



[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1                                                                                                                                                  
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>

[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>









share|improve this question

























  • PS: I really want it to be managed by libvirt, no typical OS scenario.

    – jirib
    Feb 25 '17 at 16:11














2












2








2








I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).



# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes


Any example? See http://libvirt.org/formatstorageencryption.html



My current (plaintext) volume and pool.



[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1                                                                                                                                                  
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>

[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>









share|improve this question
















I can't figure out how to make encrypted storage volume (managed by libvirt) for a volume which sits on 'logical' pool type (ie. on LVM).



# virsh vol-create ocz-5ef92v58m9be7jo9 /tmp/in
error: Failed to create vol from /tmp/in
error: unsupported configuration: storage pool does not support encrypted volumes


Any example? See http://libvirt.org/formatstorageencryption.html



My current (plaintext) volume and pool.



[root@host2 ~]# virsh vol-dumpxml --pool ocz-5ef92v58m9be7jo9 win1                                                                                                                                                  
<volume type='block'>
<name>win1</name>
<key>c4f8Of-XYnj-YwA7-VUDe-y7BI-AEr1-S84NWT</key>
<source>
<device path='/dev/sda3'>
<extent start='0' end='32212254720'/>
</device>
</source>
<capacity unit='bytes'>32212254720</capacity>
<allocation unit='bytes'>32212254720</allocation>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9/win1</path>
<permissions>
<mode>0600</mode>
<owner>0</owner>
<group>6</group>
<label>system_u:object_r:fixed_disk_device_t:s0</label>
</permissions>
<timestamps>
<atime>1488029824.526381599</atime>
<mtime>1488029824.526381599</mtime>
<ctime>1488029824.526381599</ctime>
</timestamps>
</target>
</volume>

[root@host2 ~]# virsh pool-dumpxml ocz-5ef92v58m9be7jo9
<pool type='logical'>
<name>ocz-5ef92v58m9be7jo9</name>
<uuid>64607ea8-f2a2-4c9c-9d48-0d7f32486b2d</uuid>
<capacity unit='bytes'>111388131328</capacity>
<allocation unit='bytes'>32212254720</allocation>
<available unit='bytes'>79175876608</available>
<source>
<device path='/dev/sda3'/>
<name>ocz-5ef92v58m9be7jo9</name>
<format type='lvm2'/>
</source>
<target>
<path>/dev/ocz-5ef92v58m9be7jo9</path>
</target>
</pool>






lvm encryption luks libvirt






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Feb 25 '17 at 17:12







jirib

















asked Feb 25 '17 at 16:10









jiribjirib

1,002712




1,002712













  • PS: I really want it to be managed by libvirt, no typical OS scenario.

    – jirib
    Feb 25 '17 at 16:11



















  • PS: I really want it to be managed by libvirt, no typical OS scenario.

    – jirib
    Feb 25 '17 at 16:11

















PS: I really want it to be managed by libvirt, no typical OS scenario.

– jirib
Feb 25 '17 at 16:11





PS: I really want it to be managed by libvirt, no typical OS scenario.

– jirib
Feb 25 '17 at 16:11










1 Answer
1






active

oldest

votes


















0














Sorry, I have no enough reputation to comment, can only post like this.



I know we can use qemu-img command to create a luks image file as VM disk.



However, I really want to use libvirt volume command to do same thing on LVM.



Do you have any new findings on this topic?



Thanks.





share








New contributor




zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.




















    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f347545%2flibvirt-managed-storage-volume-encryption-of-a-volume-on-logical-storage-pool%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    Sorry, I have no enough reputation to comment, can only post like this.



    I know we can use qemu-img command to create a luks image file as VM disk.



    However, I really want to use libvirt volume command to do same thing on LVM.



    Do you have any new findings on this topic?



    Thanks.





    share








    New contributor




    zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.

























      0














      Sorry, I have no enough reputation to comment, can only post like this.



      I know we can use qemu-img command to create a luks image file as VM disk.



      However, I really want to use libvirt volume command to do same thing on LVM.



      Do you have any new findings on this topic?



      Thanks.





      share








      New contributor




      zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.























        0












        0








        0







        Sorry, I have no enough reputation to comment, can only post like this.



        I know we can use qemu-img command to create a luks image file as VM disk.



        However, I really want to use libvirt volume command to do same thing on LVM.



        Do you have any new findings on this topic?



        Thanks.





        share








        New contributor




        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.










        Sorry, I have no enough reputation to comment, can only post like this.



        I know we can use qemu-img command to create a luks image file as VM disk.



        However, I really want to use libvirt volume command to do same thing on LVM.



        Do you have any new findings on this topic?



        Thanks.






        share








        New contributor




        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.








        share


        share






        New contributor




        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.









        answered 8 mins ago









        zhaorongzhaorong

        11




        11




        New contributor




        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.





        New contributor





        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






        zhaorong is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
        Check out our Code of Conduct.






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f347545%2flibvirt-managed-storage-volume-encryption-of-a-volume-on-logical-storage-pool%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            CARDNET

            Boot-repair Failure: Unable to locate package grub-common:i386

            濃尾地震