-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-9.2.0.z
-
None
-
No
-
Low
-
rhel-sst-virtualization-storage
-
ssg_virtualization
-
8
-
False
-
-
None
-
None
-
None
-
None
-
-
x86_64
-
None
What were you trying to do that didn't work?
Based off BZ 2318252:
Spawning a VM using a encrypted bootable volume leads to ERROR state. The message from libvirt shows LUKS version 2 is not supported.
Nova and Cinder has dependencies on libvirt and qemu to allow this before it may be encoded into Openstack.
This is a request for LUKS2 support in qemu
What is the impact of this issue to you?
unable to create a VM using LUKS2 encryption.
Please provide the package NVR for which the bug is seen:
libvirt 9.0.0-10.5.el9_2.x86_64
How reproducible is this bug?:
very
Steps to reproduce
1. Create secret order key (LUKS passphrase)
2. Get the secret reference from the secret order key ( this will be used as cinder_encryption_key_id )
3. Create the key for encrypted image
4. Create encrypted image
5. Store encrypted image
6. Define Encrypted volume type
7. Create Encrypted Bootable volume
8. Create a VM using Encrypted Bootable volume
Expected results
LUKS2 encrypted volume gets attached and instance boots successfully.
Actual results
'nova.exception.RescheduledException: Build of instance xxxxxx was re-scheduled: internal error: process exited while connecting to monitor: 2024-10-11T05:53:15.334130Z qemu-kvm: -blockdev {"node-name":"libvirt-1-format","read-only":false,"discard":"unmap","cache":
{"direct":false,"no-flush":false},"driver":"luks","key-secret":"libvirt-1-format-encryption-secret0","file":"libvirt-1-storage"}: LUKS version 2 is not supported\n'
- blocks
-
RHEL-65526 [RFE] support for LUKS2 in libvirt
- Planning
- clones
-
RHEL-65526 [RFE] support for LUKS2 in libvirt
- Planning