)]}'
{"specs/xena/approved/ephemeral-encryption.rst":[{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":43,"context_line":"Use Cases"},{"line_number":44,"context_line":"---------"},{"line_number":45,"context_line":""},{"line_number":46,"context_line":"* As a user I want to request that all of my ephemeral storage is encrypted"},{"line_number":47,"context_line":"  at rest through the selection of a specific flavor or image."},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"* As a user I want to be able to pick how my ephemeral storage is encrypted"}],"source_content_type":"text/x-rst","patch_set":2,"id":"bb5e1ea6_b967acea","line":46,"range":{"start_line":46,"start_character":35,"end_line":46,"end_character":62},"updated":"2021-03-30 19:13:21.000000000","message":"this include the swap disk too right.\n\nso its the root disk, swap disk if present and any addtion ephemeral disks(there can be several) that an instnace may have.\n\nare we also including the config dirve? for both iso and vfat formats?","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":43,"context_line":"Use Cases"},{"line_number":44,"context_line":"---------"},{"line_number":45,"context_line":""},{"line_number":46,"context_line":"* As a user I want to request that all of my ephemeral storage is encrypted"},{"line_number":47,"context_line":"  at rest through the selection of a specific flavor or image."},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"* As a user I want to be able to pick how my ephemeral storage is encrypted"}],"source_content_type":"text/x-rst","patch_set":2,"id":"490031f2_208c152b","line":46,"range":{"start_line":46,"start_character":35,"end_line":46,"end_character":62},"in_reply_to":"475dd4ec_865d515a","updated":"2021-05-25 11:01:15.000000000","message":"+1","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":43,"context_line":"Use Cases"},{"line_number":44,"context_line":"---------"},{"line_number":45,"context_line":""},{"line_number":46,"context_line":"* As a user I want to request that all of my ephemeral storage is encrypted"},{"line_number":47,"context_line":"  at rest through the selection of a specific flavor or image."},{"line_number":48,"context_line":""},{"line_number":49,"context_line":"* As a user I want to be able to pick how my ephemeral storage is encrypted"}],"source_content_type":"text/x-rst","patch_set":2,"id":"475dd4ec_865d515a","line":46,"range":{"start_line":46,"start_character":35,"end_line":46,"end_character":62},"in_reply_to":"bb5e1ea6_b967acea","updated":"2021-03-30 20:17:24.000000000","message":"Yup we can include anything that\u0027s local/ephemeral on the compute.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":76,"context_line":"   if an image is encrypted at rest within the Glance service. They only relate"},{"line_number":77,"context_line":"   to how ephemeral storage will be encrypted at rest when used by a"},{"line_number":78,"context_line":"   provisioned instance within Nova."},{"line_number":79,"context_line":""},{"line_number":80,"context_line":"   Separate image properties have been documented in the"},{"line_number":81,"context_line":"   `Glance image encryption`_ and `Cinder image encryption`_ specs to cover"},{"line_number":82,"context_line":"   how images can be encrypted at rest within Glance."}],"source_content_type":"text/x-rst","patch_set":2,"id":"dd8417f6_9cd9ce39","line":79,"updated":"2021-03-30 19:13:21.000000000","message":"good clarifcation","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":76,"context_line":"   if an image is encrypted at rest within the Glance service. They only relate"},{"line_number":77,"context_line":"   to how ephemeral storage will be encrypted at rest when used by a"},{"line_number":78,"context_line":"   provisioned instance within Nova."},{"line_number":79,"context_line":""},{"line_number":80,"context_line":"   Separate image properties have been documented in the"},{"line_number":81,"context_line":"   `Glance image encryption`_ and `Cinder image encryption`_ specs to cover"},{"line_number":82,"context_line":"   how images can be encrypted at rest within Glance."}],"source_content_type":"text/x-rst","patch_set":2,"id":"5079d4c8_2b04d38f","line":79,"in_reply_to":"dd8417f6_9cd9ce39","updated":"2021-03-30 20:17:24.000000000","message":"Ack","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":89,"context_line":""},{"line_number":90,"context_line":"* ``hw:ephemeral_encryption``"},{"line_number":91,"context_line":"* ``hw_ephemeral_encryption``"},{"line_number":92,"context_line":""},{"line_number":93,"context_line":"The above will enable ephemeral storage encryption for an instance but does not"},{"line_number":94,"context_line":"control the encryption format used or the associated options. For this the"},{"line_number":95,"context_line":"following flavor extra specs, image properties and configurables will be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"476f1fd5_ba15be91","line":92,"updated":"2021-03-30 19:13:21.000000000","message":"if these two conflcit this shoudl be an excption but either should be sufficnet to enable this if the other is not present.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":89,"context_line":""},{"line_number":90,"context_line":"* ``hw:ephemeral_encryption``"},{"line_number":91,"context_line":"* ``hw_ephemeral_encryption``"},{"line_number":92,"context_line":""},{"line_number":93,"context_line":"The above will enable ephemeral storage encryption for an instance but does not"},{"line_number":94,"context_line":"control the encryption format used or the associated options. For this the"},{"line_number":95,"context_line":"following flavor extra specs, image properties and configurables will be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"90b7f383_c8383ab3","line":92,"in_reply_to":"476f1fd5_ba15be91","updated":"2021-03-30 20:17:24.000000000","message":"Yup that\u0027s the approach I took in the PoC code.\n\nhttps://review.opendev.org/c/openstack/nova/+/764486/3/nova/virt/hardware.py","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":89,"context_line":""},{"line_number":90,"context_line":"* ``hw:ephemeral_encryption``"},{"line_number":91,"context_line":"* ``hw_ephemeral_encryption``"},{"line_number":92,"context_line":""},{"line_number":93,"context_line":"The above will enable ephemeral storage encryption for an instance but does not"},{"line_number":94,"context_line":"control the encryption format used or the associated options. For this the"},{"line_number":95,"context_line":"following flavor extra specs, image properties and configurables will be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"97a903e9_ad90c4e9","line":92,"in_reply_to":"90b7f383_c8383ab3","updated":"2021-05-25 11:01:15.000000000","message":"+1","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":105,"context_line":"requested an additional host configurable will be used to provide a default"},{"line_number":106,"context_line":"format per compute, this will initially default to ``luks``:"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"* ``[ephemeral_storage_encryption]/default_format``"},{"line_number":109,"context_line":""},{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"}],"source_content_type":"text/x-rst","patch_set":2,"id":"e002927b_ac46a43d","line":108,"updated":"2021-03-30 19:13:21.000000000","message":"if we do this can we store this in the instance system metadata table like we are now doing for machine type.\n\nthis is so we dont need to send this info over the wire or otherwise store it for move operationes.\n\nwe really dont want to allow the encyrption format to cahnge due to a hard reboot after a move operation since presumable it will not be possibel for qemu to read the data if it chagne form plain to luks for example.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":105,"context_line":"requested an additional host configurable will be used to provide a default"},{"line_number":106,"context_line":"format per compute, this will initially default to ``luks``:"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"* ``[ephemeral_storage_encryption]/default_format``"},{"line_number":109,"context_line":""},{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ec4e0e95_0284a7e8","line":108,"in_reply_to":"e002927b_ac46a43d","updated":"2021-03-30 20:17:24.000000000","message":"This is going to be stored per disk within the BlockDeviceMapping record.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":105,"context_line":"requested an additional host configurable will be used to provide a default"},{"line_number":106,"context_line":"format per compute, this will initially default to ``luks``:"},{"line_number":107,"context_line":""},{"line_number":108,"context_line":"* ``[ephemeral_storage_encryption]/default_format``"},{"line_number":109,"context_line":""},{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"}],"source_content_type":"text/x-rst","patch_set":2,"id":"e63b4739_35615da1","line":108,"in_reply_to":"ec4e0e95_0284a7e8","updated":"2021-05-25 11:01:15.000000000","message":"yep saw that later that works for me i guess.\nalthough if its not going to be allowed to change per bdm its not strictly required to store it in each bdm.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"},{"line_number":112,"context_line":"user from within the instance it shouldn\u0027t have any real impact."},{"line_number":113,"context_line":""},{"line_number":114,"context_line":"The format will be provided as a string that maps to a"},{"line_number":115,"context_line":"``BlockDeviceEncryptionFormatTypeField`` oslo.versionedobjects field value:"},{"line_number":116,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"2fdb4ceb_876cb209","line":113,"updated":"2021-03-30 19:13:21.000000000","message":"yep agreed provide we record it and fix it for the lifetime of the instance.\n\nthat said im not against allowing it to change on a resize but if we intend to support that\nwe will need to add code to do the conversion. if not then we should check this on resize and block it.\n\nsimilar for rebuild. a rebuild will not change host so its not a concern that the host config value coudl change however a rebuild does not destroy datat in addtional ephermal storage just the root disk.\nif the imave metadata value was to change form plain to luks we would have to either re-encrypt the existing disks with the new format or block that rebuild at the api.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"},{"line_number":112,"context_line":"user from within the instance it shouldn\u0027t have any real impact."},{"line_number":113,"context_line":""},{"line_number":114,"context_line":"The format will be provided as a string that maps to a"},{"line_number":115,"context_line":"``BlockDeviceEncryptionFormatTypeField`` oslo.versionedobjects field value:"},{"line_number":116,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"5b8fb2cc_cbe1f17e","line":113,"in_reply_to":"2fdb4ceb_876cb209","updated":"2021-03-30 20:17:24.000000000","message":"I\u0027m not sure how we can allow the format to change during a resize without an in-place conversion between encryption formats. As I\u0027ll say again below I\u0027d rather block this during resize and only allow during a rebuild where we throw data away anyway.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"},{"line_number":112,"context_line":"user from within the instance it shouldn\u0027t have any real impact."},{"line_number":113,"context_line":""},{"line_number":114,"context_line":"The format will be provided as a string that maps to a"},{"line_number":115,"context_line":"``BlockDeviceEncryptionFormatTypeField`` oslo.versionedobjects field value:"},{"line_number":116,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"aae268b7_dd7ae476","line":113,"in_reply_to":"5b8fb2cc_cbe1f17e","updated":"2021-05-25 11:01:15.000000000","message":"lets confirm if we do throw away the data on rebuild first i dont think we do beyond the root disk which we reimage.\n\ni have nto tried this personally but lets confrim and eithe block in both cases if its preserved or allow if its erased today for rebuild.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"0701e4095a45f08330c15328511100d8d5daf0cc","unresolved":false,"context_lines":[{"line_number":110,"context_line":"This could lead to requests against different clouds resulting in a different"},{"line_number":111,"context_line":"ephemeral encryption format being used but as this is transparent to the end"},{"line_number":112,"context_line":"user from within the instance it shouldn\u0027t have any real impact."},{"line_number":113,"context_line":""},{"line_number":114,"context_line":"The format will be provided as a string that maps to a"},{"line_number":115,"context_line":"``BlockDeviceEncryptionFormatTypeField`` oslo.versionedobjects field value:"},{"line_number":116,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"a34bbf3e_ef9f7d9c","line":113,"in_reply_to":"aae268b7_dd7ae476","updated":"2021-05-26 16:21:10.000000000","message":"this has been adresseed","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":129,"context_line":"    initially only be populated when ephemeral encryption is used but could"},{"line_number":130,"context_line":"    easily be used for encrypted volumes as well in the future."},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"``encryption_secret_uuid``"},{"line_number":133,"context_line":"    As the name suggests this will contain the UUID of the associated"},{"line_number":134,"context_line":"    encryption secret for the disk. The type of secret used here will be"},{"line_number":135,"context_line":"    specific to the encryption format and virt driver used, it should not be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"0f9af8fd_8fb28816","line":132,"range":{"start_line":132,"start_character":2,"end_line":132,"end_character":24},"updated":"2021-03-30 19:13:21.000000000","message":"do we have a depency on barbical for secret storage.\nif so it woudl be good to state that.\n\nlibvirt keystorage would not be suffient in this case as we need a way to store the key across host reboots and move operations. ideally we would not store this in novas db hence the suggestion to use barbican.\n\nif we do use barbican for the key storage im not sure why this need to be virt driver dependnent.\nsure the type of key i.e. symetric or asymetric may differ but we could handel this generically in a virt driver indepent way even if the key generation and usage was virt driver specific the storage could be common.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":129,"context_line":"    initially only be populated when ephemeral encryption is used but could"},{"line_number":130,"context_line":"    easily be used for encrypted volumes as well in the future."},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"``encryption_secret_uuid``"},{"line_number":133,"context_line":"    As the name suggests this will contain the UUID of the associated"},{"line_number":134,"context_line":"    encryption secret for the disk. The type of secret used here will be"},{"line_number":135,"context_line":"    specific to the encryption format and virt driver used, it should not be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"cc7f5dfe_3f89e31e","line":132,"range":{"start_line":132,"start_character":2,"end_line":132,"end_character":24},"in_reply_to":"0f9af8fd_8fb28816","updated":"2021-03-30 20:17:24.000000000","message":"Yes this requires some form of key manager but it isn\u0027t specific to Barbican, just the Castellan interface. I can call that out here.\n\nThis is just the secret UUID, the actual creation, format and storage of the secret will be left to the virt drivers. I don\u0027t want to make this generic and force them all to use a specific symmetric/asymmetric/passphrase key of key if it doesn\u0027t make sense for their encryption format. In other words I\u0027d like to avoid the mess we currently have with cinder where it always creates an asymmetric key even when the key isn\u0027t used to encrypted anything with certain encryption formats such as LUKS.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":129,"context_line":"    initially only be populated when ephemeral encryption is used but could"},{"line_number":130,"context_line":"    easily be used for encrypted volumes as well in the future."},{"line_number":131,"context_line":""},{"line_number":132,"context_line":"``encryption_secret_uuid``"},{"line_number":133,"context_line":"    As the name suggests this will contain the UUID of the associated"},{"line_number":134,"context_line":"    encryption secret for the disk. The type of secret used here will be"},{"line_number":135,"context_line":"    specific to the encryption format and virt driver used, it should not be"}],"source_content_type":"text/x-rst","patch_set":2,"id":"05eb03b4_2ee60ae3","line":132,"range":{"start_line":132,"start_character":2,"end_line":132,"end_character":24},"in_reply_to":"cc7f5dfe_3f89e31e","updated":"2021-05-25 11:01:15.000000000","message":"ok yes if you can add a note that would be nice but your right it does not have to be barbarian specifically. ack on the key format not bing generic. we should try to ensure that the storage of the key is tied to the vm lifetime however so that if we evacuate and we are on shared stroage like nfs we can still decyprt the disk on the far side so we shoudl avoid storigng the key on the host using libvirt for example.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":148,"context_line":"    A simple unversioned dict of strings containing encryption options specific"},{"line_number":149,"context_line":"    to the virt driver implementation, underlying hypervisor and format being"},{"line_number":150,"context_line":"    used."},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"Populate ephemeral encryption BlockDeviceMapping attributes during build"},{"line_number":153,"context_line":"-------------------------------------------------------------------------"},{"line_number":154,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"611d36df_14ba6e6b","line":151,"updated":"2021-03-30 19:13:21.000000000","message":"i was expecting to store this and the format in the instance system metadata but i guess the bdms also works.\n\nthe bdms are a semi public data stucture though so it would be possibel for users to configure differnt encryption formats per local or cinder volume if we use the bdm. is that somethign we intend to support.\n\ni could technically also enable encyption without the extra spec.\n\nfor example i can create a vm with a root disk a swap disk and a local ephemral volume with bdm like this as par of server create.\n\n\"block_device_mapping_v2\": [{\n    \"boot_index\": \"0\",\n    \"uuid\": \"ac408821-c95a-448f-9292-73986c790911\",\n    \"source_type\": \"image\",\n    \"volume_size\": \"25\",\n    \"destination_type\": \"local\",\n    \"delete_on_termination\": true,\n    \"tag\": \"disk1\",\n    \"encrypted\": true,\n    \"encryption_format\":\"plain\",\n    \"disk_bus\": \"scsi\"},\n    {source_type\": \"blank\",\n    \"guest_format\": \"swap\",\n    \"volume_size\": \"25\",\n    \"destination_type\": \"local\",\n    \"delete_on_termination\": true,\n    \"tag\": \"disk2\",\n    \"encrypted\": true,\n    \"encryption_format\":\"luks\"\n    \"disk_bus\": \"scsi\"},\n    {\"source_type\": \"blank\",\n     \"guest_format\": \"ext4\",\n    \"volume_size\": \"25\",\n    \"destination_type\": \"local\",\n    \"delete_on_termination\": true,\n    \"tag\": \"disk3\",\n    \"disk_bus\": \"scsi\"}\n]\n\nin this case i have a plain encypted root disk\na luks encypted swap disk and a unencyped ephmeral disk.\n\nthat flexablity might be nice but it increase the complexity of what we have to implement and test.\n\nspecifying the bdms like this is completely legal to do with the server create api \nhttps://docs.openstack.org/api-ref/compute/?expanded\u003dcreate-server-detail#create-server\n\nand its used to implement the nova boot --epmeral --epmemeral logic  that allow\nflavor with epmeral storage to be booted with multipel ephemeral disk as long as they dont\nexcced the total amount in the flavour.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":148,"context_line":"    A simple unversioned dict of strings containing encryption options specific"},{"line_number":149,"context_line":"    to the virt driver implementation, underlying hypervisor and format being"},{"line_number":150,"context_line":"    used."},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"Populate ephemeral encryption BlockDeviceMapping attributes during build"},{"line_number":153,"context_line":"-------------------------------------------------------------------------"},{"line_number":154,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"e59f7732_57dd9072","line":151,"in_reply_to":"611d36df_14ba6e6b","updated":"2021-03-30 20:17:24.000000000","message":"API BDMs !\u003d BlockDeviceMapping objects\n\nI\u0027m not looking to support any form of ephemeral encryption tweaking in the API BDMs, only via the image and flavor defined interfaces I\u0027ve set out above. The BlockDeviceMapping object changes are just used to track various encryption attributes per disk.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":148,"context_line":"    A simple unversioned dict of strings containing encryption options specific"},{"line_number":149,"context_line":"    to the virt driver implementation, underlying hypervisor and format being"},{"line_number":150,"context_line":"    used."},{"line_number":151,"context_line":""},{"line_number":152,"context_line":"Populate ephemeral encryption BlockDeviceMapping attributes during build"},{"line_number":153,"context_line":"-------------------------------------------------------------------------"},{"line_number":154,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"3e61944f_a63687a9","line":151,"in_reply_to":"e59f7732_57dd9072","updated":"2021-05-25 11:01:15.000000000","message":"ok good to know i thought they were related but if not thats fine it simplifies things.\n\nim fine with just supporting image an flaovr by the way just was not cleart that teh bdms we can pass form the api are not the object you are usign to store\nthe values in the db.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":161,"context_line":""},{"line_number":162,"context_line":"The ``encryption_format`` attribute will also take its\u0027 value from the image or"},{"line_number":163,"context_line":"flavor if provided. Any differences or conflicts between the image and flavor"},{"line_number":164,"context_line":"for this will raise a ``409 Conflict`` error being raised by the API."},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Use ``COMPUTE_EPHEMERAL_ENCRYPTION`` compatibility traits"},{"line_number":167,"context_line":"---------------------------------------------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"829f840d_0f5ab4dd","line":164,"updated":"2021-03-30 19:13:21.000000000","message":"+1 i mentioned this above when they were defiend but good to see that here.\nwill it also return a 409 if there is a conflcit between the bdm and the flaor/image values\ni think the answer shoudl be yes in both cases but just want to check.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":161,"context_line":""},{"line_number":162,"context_line":"The ``encryption_format`` attribute will also take its\u0027 value from the image or"},{"line_number":163,"context_line":"flavor if provided. Any differences or conflicts between the image and flavor"},{"line_number":164,"context_line":"for this will raise a ``409 Conflict`` error being raised by the API."},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Use ``COMPUTE_EPHEMERAL_ENCRYPTION`` compatibility traits"},{"line_number":167,"context_line":"---------------------------------------------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"f634a38d_1860c5f1","line":164,"in_reply_to":"829f840d_0f5ab4dd","updated":"2021-03-30 20:17:24.000000000","message":"As above I\u0027m not looking to allow any tweaking via the API BDMs.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":161,"context_line":""},{"line_number":162,"context_line":"The ``encryption_format`` attribute will also take its\u0027 value from the image or"},{"line_number":163,"context_line":"flavor if provided. Any differences or conflicts between the image and flavor"},{"line_number":164,"context_line":"for this will raise a ``409 Conflict`` error being raised by the API."},{"line_number":165,"context_line":""},{"line_number":166,"context_line":"Use ``COMPUTE_EPHEMERAL_ENCRYPTION`` compatibility traits"},{"line_number":167,"context_line":"---------------------------------------------------------"}],"source_content_type":"text/x-rst","patch_set":2,"id":"db7d9d65_4b05b231","line":164,"in_reply_to":"f634a38d_1860c5f1","updated":"2021-05-25 11:01:15.000000000","message":"ack","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":184,"context_line":""},{"line_number":185,"context_line":""},{"line_number":186,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKS``"},{"line_number":187,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2``"},{"line_number":188,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_PLAIN``"},{"line_number":189,"context_line":""},{"line_number":190,"context_line":"These traits will only be used alongside the ``COMPUTE_EPHEMERAL_ENCRYPTION``"}],"source_content_type":"text/x-rst","patch_set":2,"id":"48fde740_cd09e170","line":187,"range":{"start_line":187,"start_character":4,"end_line":187,"end_character":39},"updated":"2021-03-30 19:13:21.000000000","message":"since your addign a trait for this\n\ndo we need hw:ephemeral_encryption_format\u003dluks to differenciate between the two or is it explcitly v1\n\nif it is may i suggest that we use luksv1 and luksv2 instead of luks so we can do a direct mapping form the format to the extra spec.\n\nwe currently cannot ask for \"COMPUTE_EPHEMERAL_ENCRYPTION_LUKS or COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2\" in the placment allocation candiates api.\nhttps://docs.openstack.org/api-ref/placement/?expanded\u003dlist-allocation-candidates-detail#allocation-candidates\n\nby default all traits are anded to gether and we have forbdine traits with ! for negration\nbut we do not have a disjunction operattor with which we can implement or, we also dont have any_of or similar so i think we need to use luksv1 and luksv2 instead of luks for the format if we want to have 3 traits.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":184,"context_line":""},{"line_number":185,"context_line":""},{"line_number":186,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKS``"},{"line_number":187,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2``"},{"line_number":188,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_PLAIN``"},{"line_number":189,"context_line":""},{"line_number":190,"context_line":"These traits will only be used alongside the ``COMPUTE_EPHEMERAL_ENCRYPTION``"}],"source_content_type":"text/x-rst","patch_set":2,"id":"b8bc0fe4_3222a72f","line":187,"range":{"start_line":187,"start_character":4,"end_line":187,"end_character":39},"in_reply_to":"48fde740_cd09e170","updated":"2021-03-30 20:17:24.000000000","message":"COMPUTE_EPHEMERAL_ENCRYPTION_LUKS was going to map to LUKSv1 and COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2 to LUKSv2 so we shouldn\u0027t end up in a situation where we are asking for both?","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":9708,"name":"Balazs Gibizer","display_name":"gibi","email":"gibizer@gmail.com","username":"gibi"},"change_message_id":"58e548c8246b2c4ae978de8e4bf2cbac0d01a75e","unresolved":true,"context_lines":[{"line_number":184,"context_line":""},{"line_number":185,"context_line":""},{"line_number":186,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKS``"},{"line_number":187,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2``"},{"line_number":188,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_PLAIN``"},{"line_number":189,"context_line":""},{"line_number":190,"context_line":"These traits will only be used alongside the ``COMPUTE_EPHEMERAL_ENCRYPTION``"}],"source_content_type":"text/x-rst","patch_set":2,"id":"284f61ad_ba340382","line":187,"range":{"start_line":187,"start_character":4,"end_line":187,"end_character":39},"in_reply_to":"b8bc0fe4_3222a72f","updated":"2021-04-14 11:56:31.000000000","message":"OK, so at L114 we need to add luskv1 and luskv2 explicitly. Then those are directly mapped to traits and we don\u0027t need any OR operations between these traits.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":184,"context_line":""},{"line_number":185,"context_line":""},{"line_number":186,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKS``"},{"line_number":187,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2``"},{"line_number":188,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_PLAIN``"},{"line_number":189,"context_line":""},{"line_number":190,"context_line":"These traits will only be used alongside the ``COMPUTE_EPHEMERAL_ENCRYPTION``"}],"source_content_type":"text/x-rst","patch_set":2,"id":"ffed3cbc_6493da3a","line":187,"range":{"start_line":187,"start_character":4,"end_line":187,"end_character":39},"in_reply_to":"b8bc0fe4_3222a72f","updated":"2021-05-25 11:01:15.000000000","message":"correct but on line 115 ish you said the encryption formate feild types would be\n\n* ``plain`` for the plain dm-crypt format\n* ``luks``  for the LUKSv1 format\n\nyou did not mention a luksv2","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"0701e4095a45f08330c15328511100d8d5daf0cc","unresolved":false,"context_lines":[{"line_number":184,"context_line":""},{"line_number":185,"context_line":""},{"line_number":186,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKS``"},{"line_number":187,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2``"},{"line_number":188,"context_line":"* ``COMPUTE_EPHEMERAL_ENCRYPTION_PLAIN``"},{"line_number":189,"context_line":""},{"line_number":190,"context_line":"These traits will only be used alongside the ``COMPUTE_EPHEMERAL_ENCRYPTION``"}],"source_content_type":"text/x-rst","patch_set":2,"id":"111fbc09_73a075c9","line":187,"range":{"start_line":187,"start_character":4,"end_line":187,"end_character":39},"in_reply_to":"ffed3cbc_6493da3a","updated":"2021-05-26 16:21:10.000000000","message":"this is the only point im still not sure on\nare we going to have \nCOMPUTE_EPHEMERAL_ENCRYPTION_LUKSV1 or not?\n\nfor consitency i would prefer us to have\nCOMPUTE_EPHEMERAL_ENCRYPTION_LUKSV1 and COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2\ninstead of \nCOMPUTE_EPHEMERAL_ENCRYPTION_LUKS and COMPUTE_EPHEMERAL_ENCRYPTION_LUKSV2","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":294,"context_line":"                \"address\": \"0:0\","},{"line_number":295,"context_line":"                \"serial\": \"12352423\","},{"line_number":296,"context_line":"                \"path\": \"/dev/vda\","},{"line_number":297,"context_line":"                \"encrypted\": \"True\""},{"line_number":298,"context_line":"            },"},{"line_number":299,"context_line":"            {"},{"line_number":300,"context_line":"                \"type\": \"disk\","}],"source_content_type":"text/x-rst","patch_set":2,"id":"91ff3466_379d4c2f","line":297,"range":{"start_line":297,"start_character":15,"end_line":297,"end_character":35},"updated":"2021-03-30 19:13:21.000000000","message":"do you also want to report the format used?\ni think that might be nic to have if you are using a public cloud and the flaovr and image dont set one.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":9708,"name":"Balazs Gibizer","display_name":"gibi","email":"gibizer@gmail.com","username":"gibi"},"change_message_id":"58e548c8246b2c4ae978de8e4bf2cbac0d01a75e","unresolved":false,"context_lines":[{"line_number":294,"context_line":"                \"address\": \"0:0\","},{"line_number":295,"context_line":"                \"serial\": \"12352423\","},{"line_number":296,"context_line":"                \"path\": \"/dev/vda\","},{"line_number":297,"context_line":"                \"encrypted\": \"True\""},{"line_number":298,"context_line":"            },"},{"line_number":299,"context_line":"            {"},{"line_number":300,"context_line":"                \"type\": \"disk\","}],"source_content_type":"text/x-rst","patch_set":2,"id":"4c9c7c11_b39425df","line":297,"range":{"start_line":297,"start_character":15,"end_line":297,"end_character":35},"in_reply_to":"097aff0e_9d316633","updated":"2021-04-14 11:56:31.000000000","message":"I agree with Lee here.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":294,"context_line":"                \"address\": \"0:0\","},{"line_number":295,"context_line":"                \"serial\": \"12352423\","},{"line_number":296,"context_line":"                \"path\": \"/dev/vda\","},{"line_number":297,"context_line":"                \"encrypted\": \"True\""},{"line_number":298,"context_line":"            },"},{"line_number":299,"context_line":"            {"},{"line_number":300,"context_line":"                \"type\": \"disk\","}],"source_content_type":"text/x-rst","patch_set":2,"id":"384b972d_594b6aee","line":297,"range":{"start_line":297,"start_character":15,"end_line":297,"end_character":35},"in_reply_to":"097aff0e_9d316633","updated":"2021-05-25 11:01:15.000000000","message":"ok i can by that it might still be nice to have but not required.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":294,"context_line":"                \"address\": \"0:0\","},{"line_number":295,"context_line":"                \"serial\": \"12352423\","},{"line_number":296,"context_line":"                \"path\": \"/dev/vda\","},{"line_number":297,"context_line":"                \"encrypted\": \"True\""},{"line_number":298,"context_line":"            },"},{"line_number":299,"context_line":"            {"},{"line_number":300,"context_line":"                \"type\": \"disk\","}],"source_content_type":"text/x-rst","patch_set":2,"id":"097aff0e_9d316633","line":297,"range":{"start_line":297,"start_character":15,"end_line":297,"end_character":35},"in_reply_to":"91ff3466_379d4c2f","updated":"2021-03-30 20:17:24.000000000","message":"No, that\u0027s transparent to the user and not something they need to be aware of outside of their original flavor and image choice IMHO.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":309,"context_line":""},{"line_number":310,"context_line":"This should also be extended to cover disks provided by encrypted volumes but"},{"line_number":311,"context_line":"this is obviously out of scope for this implementation."},{"line_number":312,"context_line":""},{"line_number":313,"context_line":"Block resize between flavors with different hw:ephemeral_encryption settings"},{"line_number":314,"context_line":"----------------------------------------------------------------------------"},{"line_number":315,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"46fb0558_212230e4","line":312,"updated":"2021-03-30 19:13:21.000000000","message":"yep i agree. it should not be part of the minium viable product but i would not be against tracking that in this spec if you found time to do it. e.g. we could have a follow up to this spec if you found time to do that as part of this work to not it has or has not been done.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":309,"context_line":""},{"line_number":310,"context_line":"This should also be extended to cover disks provided by encrypted volumes but"},{"line_number":311,"context_line":"this is obviously out of scope for this implementation."},{"line_number":312,"context_line":""},{"line_number":313,"context_line":"Block resize between flavors with different hw:ephemeral_encryption settings"},{"line_number":314,"context_line":"----------------------------------------------------------------------------"},{"line_number":315,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"ceff3b85_4514c271","line":312,"in_reply_to":"46fb0558_212230e4","updated":"2021-03-30 20:17:24.000000000","message":"Yup, it should be pretty trivial to add this for volumes if I have time in Xena.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":318,"context_line":"(one enabled, another disabled or formats etc) would cause us to convert this"},{"line_number":319,"context_line":"data in place. This isn\u0027t trivial and so for this initial implementation"},{"line_number":320,"context_line":"resizing between flavors that differ will be blocked."},{"line_number":321,"context_line":""},{"line_number":322,"context_line":"Provide a migration path from the legacy implementation"},{"line_number":323,"context_line":"-------------------------------------------------------"},{"line_number":324,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"4c288ea0_4c5eef8a","line":321,"updated":"2021-03-30 19:13:21.000000000","message":"ack. this answers one of my previous questions.\ni think you need to also make a statement about rebuild and evacuate.\n\nevacuate for the case wehre teh value comes form the host but i think now that i have read more you intend to store the value of the encuyption used in teh bdms so that it does not change for the lifetime\nrebuild is needed as a rebuild should only update the root disk and should not destory or update other ephemeral disks but the same format convertion issue applies there so i assume rebuild between different formats is not allowed.\n\nnot that i think about it have you considerd how this will work with rescuse and snapshots.\nfor rescue we would need to ignore the encuption format of rescue image when generating the xml for the vms other disks. so we would only use the image prop value for the rescure disk iteslf and use the vaule in teh bdms for the rest. as such i think rescue is fine but it woudl be good to not it here.\n\nfor snapshot will the snapshot be encyupted in glance and will the formant tbe sotred in the snapshot image metadata.\n\nfor shelve we still will ahve the bdm in the db so technially we dont have to store it in the snapshot imave but we can. for normall snapshots its tricky.\n\nthey only look a the root disk. if im using epemernal disk encuption i woudl kind of liek my snapshots to be encypted too. that siad this extra spec is not ment to alter the sotrage format in glance/cinder so i assume we would just store the info unencyped in glance/cinder.\n\nim not sure what the correct approch is here but i think it woudl be good to document it in the spec whatever we do.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":318,"context_line":"(one enabled, another disabled or formats etc) would cause us to convert this"},{"line_number":319,"context_line":"data in place. This isn\u0027t trivial and so for this initial implementation"},{"line_number":320,"context_line":"resizing between flavors that differ will be blocked."},{"line_number":321,"context_line":""},{"line_number":322,"context_line":"Provide a migration path from the legacy implementation"},{"line_number":323,"context_line":"-------------------------------------------------------"},{"line_number":324,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"187c2acd_08ffcda7","line":321,"in_reply_to":"40b2a04f_a4817184","updated":"2021-05-25 11:01:15.000000000","message":"ok so if we have a flavor with an addtional epmeral disk that is destroyed on rebuild cool\nit woudl be nice if that was mentioned in the api ref but if you have confrimed that it works for me.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":true,"context_lines":[{"line_number":318,"context_line":"(one enabled, another disabled or formats etc) would cause us to convert this"},{"line_number":319,"context_line":"data in place. This isn\u0027t trivial and so for this initial implementation"},{"line_number":320,"context_line":"resizing between flavors that differ will be blocked."},{"line_number":321,"context_line":""},{"line_number":322,"context_line":"Provide a migration path from the legacy implementation"},{"line_number":323,"context_line":"-------------------------------------------------------"},{"line_number":324,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"74b2ad06_9c8ddf25","line":321,"in_reply_to":"4c288ea0_4c5eef8a","updated":"2021-03-30 20:17:24.000000000","message":"I wasn\u0027t aware that ephemeral data persists through rebuilds tbh, I\u0027ll have to check that out and update this if it is the case.\n\nI\u0027m not sure what your point is with regards to rescue. The instance will have it\u0027s disks decrypted and attached as normal during either a stable or unstable device rescue.\n\nI\u0027ve missed snapshots out of the spec thus far, I\u0027ll need to think about this and likely add a section to cover it. At the moment for volumes we end up dumping a load of block_device_mapping metadata into Glance that we could do here. I\u0027d like to avoid the Cinder approach of using specific name spaced properties to capture encryption attributes. Anyway as I said, I\u0027ll revisit this in a respin in the next week.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":9708,"name":"Balazs Gibizer","display_name":"gibi","email":"gibizer@gmail.com","username":"gibi"},"change_message_id":"58e548c8246b2c4ae978de8e4bf2cbac0d01a75e","unresolved":true,"context_lines":[{"line_number":318,"context_line":"(one enabled, another disabled or formats etc) would cause us to convert this"},{"line_number":319,"context_line":"data in place. This isn\u0027t trivial and so for this initial implementation"},{"line_number":320,"context_line":"resizing between flavors that differ will be blocked."},{"line_number":321,"context_line":""},{"line_number":322,"context_line":"Provide a migration path from the legacy implementation"},{"line_number":323,"context_line":"-------------------------------------------------------"},{"line_number":324,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"fbfc11ed_3da2c26b","line":321,"in_reply_to":"74b2ad06_9c8ddf25","updated":"2021-04-14 11:56:31.000000000","message":"hm, I\u0027ve just tried the rebuild with an ephemeral disk and as far as I see the ephemeral disk was recreated too.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"fb40bfc183e04f22865a7140659a8ceb9dcf249a","unresolved":false,"context_lines":[{"line_number":318,"context_line":"(one enabled, another disabled or formats etc) would cause us to convert this"},{"line_number":319,"context_line":"data in place. This isn\u0027t trivial and so for this initial implementation"},{"line_number":320,"context_line":"resizing between flavors that differ will be blocked."},{"line_number":321,"context_line":""},{"line_number":322,"context_line":"Provide a migration path from the legacy implementation"},{"line_number":323,"context_line":"-------------------------------------------------------"},{"line_number":324,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"40b2a04f_a4817184","line":321,"in_reply_to":"fbfc11ed_3da2c26b","updated":"2021-05-25 10:14:31.000000000","message":"Yup finally getting back to this and as expected resize persists ephemeral disk data while rebuilds do not. Marking this as resolved.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":344,"context_line":""},{"line_number":345,"context_line":"The legacy implementation within the libvirt virt driver will be deprecated for"},{"line_number":346,"context_line":"removal in a future release once the ability to migrate is in place."},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"Alternatives"},{"line_number":349,"context_line":"------------"},{"line_number":350,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"88b85100_562093ca","line":347,"updated":"2021-03-30 19:13:21.000000000","message":"+1","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":false,"context_lines":[{"line_number":344,"context_line":""},{"line_number":345,"context_line":"The legacy implementation within the libvirt virt driver will be deprecated for"},{"line_number":346,"context_line":"removal in a future release once the ability to migrate is in place."},{"line_number":347,"context_line":""},{"line_number":348,"context_line":"Alternatives"},{"line_number":349,"context_line":"------------"},{"line_number":350,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"dd8514c2_88705341","line":347,"in_reply_to":"88b85100_562093ca","updated":"2021-03-30 20:17:24.000000000","message":"Ack","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"6bd37a221514f5f80f7f1c4f93bb1944bef57798","unresolved":true,"context_lines":[{"line_number":368,"context_line":""},{"line_number":369,"context_line":"* Attempts to rebuild between images that differ in their ephemeral encryption"},{"line_number":370,"context_line":"  options will be allowed."},{"line_number":371,"context_line":""},{"line_number":372,"context_line":"* The metadata API will be changed to allow users to determine if their"},{"line_number":373,"context_line":"  ephemeral storage is encrypted as discussed above."},{"line_number":374,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"eec98c0b_5bab7449","line":371,"updated":"2021-03-30 19:13:21.000000000","message":"im not sure it should be.\nif the instance has addtional ephmeral disk (not swap disks) then i think this should be blocked.\n\nother wise sure we can nuke the swap disk trivally so if its noly a root disk and swap this is fine.\n\nif you have an addtional epmeral disk then a rebuild shoudl not erase it or the config drive.\n\nnot the config drive can store files that are to be injected which are not stored anywere else.\nso we shoudl avoid recreating it if we can.\n\nwe delibvertaly ignore that fact for cross cell resize so maybe that is fine?\nfile injection is deprecated anyway but until we do a min version bump its still allowed.\n\nthere is nothing about this spec that prevents me form using the old server create microversion that still allows file injection.\n\nspecificlly im refering to server personalities\nAvailable until version 2.56\n\nthe personality  files which are injefcted into the vm are only stored in the config drive.\nhttps://github.com/openstack/nova/blob/34c5df7b2b8c7eebbfc8aa0bc3edba501dddcb61/nova/api/metadata/base.py#L191-L194","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":11604,"name":"sean mooney","email":"smooney@redhat.com","username":"sean-k-mooney"},"change_message_id":"ae886ce5bc1df79bcc02b65c32dab9cb48a70815","unresolved":false,"context_lines":[{"line_number":368,"context_line":""},{"line_number":369,"context_line":"* Attempts to rebuild between images that differ in their ephemeral encryption"},{"line_number":370,"context_line":"  options will be allowed."},{"line_number":371,"context_line":""},{"line_number":372,"context_line":"* The metadata API will be changed to allow users to determine if their"},{"line_number":373,"context_line":"  ephemeral storage is encrypted as discussed above."},{"line_number":374,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"727ba8bb_92a4f3ef","line":371,"in_reply_to":"1440b876_95bfadaf","updated":"2021-05-25 11:01:15.000000000","message":"im not sure either.\n\non the one hand it can contain injected files(that is deprected but still a thing) that may have sensitive info in it on the other hand you shoudl no use that feature so im ok with just stating we will not encypet them explictly in the spec.\n\nencypted swap i think has merrit form a secuirty point fo view as does addtional epmemeral disks\nsince both are read write.\n\nit would be nice if you did not need a new micro version for this.\ni would just state the config drive is out os scope but addtional epmeral disk and swap will be encypted.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"fb40bfc183e04f22865a7140659a8ceb9dcf249a","unresolved":false,"context_lines":[{"line_number":368,"context_line":""},{"line_number":369,"context_line":"* Attempts to rebuild between images that differ in their ephemeral encryption"},{"line_number":370,"context_line":"  options will be allowed."},{"line_number":371,"context_line":""},{"line_number":372,"context_line":"* The metadata API will be changed to allow users to determine if their"},{"line_number":373,"context_line":"  ephemeral storage is encrypted as discussed above."},{"line_number":374,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"1440b876_95bfadaf","line":371,"in_reply_to":"b91ab757_76d7cd04","updated":"2021-05-25 10:14:31.000000000","message":"As above I think we are good here. I\u0027m not even sure that we should encrypt the config drives tbh.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"},{"author":{"_account_id":10135,"name":"Lee Yarwood","display_name":"Lee Yarwood","email":"lyarwood@redhat.com","username":"lyarwood"},"change_message_id":"c543c16c9358d422abb0edfdceb561f087e59fbe","unresolved":true,"context_lines":[{"line_number":368,"context_line":""},{"line_number":369,"context_line":"* Attempts to rebuild between images that differ in their ephemeral encryption"},{"line_number":370,"context_line":"  options will be allowed."},{"line_number":371,"context_line":""},{"line_number":372,"context_line":"* The metadata API will be changed to allow users to determine if their"},{"line_number":373,"context_line":"  ephemeral storage is encrypted as discussed above."},{"line_number":374,"context_line":""}],"source_content_type":"text/x-rst","patch_set":2,"id":"b91ab757_76d7cd04","line":371,"in_reply_to":"eec98c0b_5bab7449","updated":"2021-03-30 20:17:24.000000000","message":"As above I\u0027ll have to check this out and think about it some more.\n\nFor the personality files I wonder if that warrants slapping this behind a specific microversion bump to avoid any of that weirdness.","commit_id":"ecc68ee5655b428a0b70756dd08bddc6ad7e303d"}]}