mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-09 16:00:22 +00:00
rbd: make sure csi rbd pv encryption defaulting to luks2 version
Fixes: #https://github.com/ceph/ceph-csi/issues/1564 As per release notes this new version is compatible with previous version of LUKS. https://www.saout.de/pipermail/dm-crypt/2017-December/005771.html Signed-off-by: Humble Chirammal <hchiramm@redhat.com>
This commit is contained in:
parent
0b5da6a127
commit
36ee8b2240
@ -3,7 +3,7 @@
|
||||
## Proposal
|
||||
|
||||
Subject of this proposal is to add support for encryption of RBD volumes in
|
||||
Ceph-CSI.
|
||||
Ceph-CSI with type LUKS version 2.
|
||||
|
||||
Some but not all the benefits of this approach:
|
||||
|
||||
|
@ -25,7 +25,7 @@ import (
|
||||
|
||||
// LuksFormat sets up volume as an encrypted LUKS partition.
|
||||
func LuksFormat(devicePath, passphrase string) (stdout, stderr []byte, err error) {
|
||||
return execCryptsetupCommand(&passphrase, "-q", "luksFormat", "--hash", "sha256", devicePath, "-d", "/dev/stdin")
|
||||
return execCryptsetupCommand(&passphrase, "-q", "luksFormat", "--type", "luks2", "--hash", "sha256", devicePath, "-d", "/dev/stdin")
|
||||
}
|
||||
|
||||
// LuksOpen opens LUKS encrypted partition and sets up a mapping.
|
||||
|
Loading…
Reference in New Issue
Block a user