On 09/06/2013 04:14 PM, Benjamin, Bruce P. wrote: > We request that volume encryption [1] be granted an exception to the > feature freeze for Havana-3. Volume encryption [2] provides a usable > layer of protection to user data as it is transmitted through a network > and when it is stored on disk. The main patch [2] has been under review > since the end of May and had received two +2s in mid-August. > Subsequently, support was requested for booting from encrypted volumes > and integrating a working key manager [3][4] as a stipulation for > acceptance, and both these requests have been satisfied within the past > week. The risk of disruption to deployments from this exception is > minimal because the volume encryption feature is unused by default. > Note that the corresponding Cinder support for this feature has already > been approved, so acceptance into Nova will keep this code from becoming > abandoned. Thank you for your consideration. > > > > The APL Development Team > > > > [1] https://blueprints.launchpad.net/nova/+spec/encrypt-cinder-volumes > > [2] https://review.openstack.org/#/c/30976/ > > [3] https://review.openstack.org/#/c/45103/ > > [4] https://review.openstack.org/#/c/45123/
Thanks for all of your hard work on this! It sounds to me like the code was ready to go aside from the issues you mentioned above, which have now been addressed. I think the feature provides a lot of value and has fairly low risk if we get it merged ASAP, since it's off by default. The main risk is around the possibility of security vulnerabilities. Hopefully good review (both from a code and security perspective) can mitigate that risk. This feature has been in the works for a while and has very good documentation on the blueprint, so I take it that it has been vetted by a number of people already. It would be good to get ACKs on this point in this thread. I would be good with the exception for this, assuming that: 1) Those from nova-core that have reviewed the code are still happy with it and would do a final review to get it merged. 2) There is general consensus that the simple config based key manager (single key) does provide some amount of useful security. I believe it does, just want to make sure we're in agreement on it. Obviously we want to improve this in the future. Again, thank you very much for all of your work on this (both technical and non-technical)! -- Russell Bryant _______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev