From 21931c544cfc7a856571197704fe6a25df58a21c Mon Sep 17 00:00:00 2001 From: Andrew Schoen Date: Mon, 22 Jan 2018 10:53:40 -0600 Subject: [PATCH] docs for creating encrypted OSDs with the lvm scenario Signed-off-by: Andrew Schoen --- docs/source/osds/scenarios.rst | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/docs/source/osds/scenarios.rst b/docs/source/osds/scenarios.rst index b3cd1994d..f77f5bfa4 100644 --- a/docs/source/osds/scenarios.rst +++ b/docs/source/osds/scenarios.rst @@ -176,6 +176,9 @@ mappings for devices to be deployed. It is a list of dictionaries which expects a volume name and a volume group for logical volumes, but can also accept a partition in the case of ``filestore`` for the ``journal``. +This scenario supports encrypting your OSDs by setting ``dmcrypt: True``. If set, +all OSDs defined in ``lvm_volumes`` will be encrypted. + The ``data`` key represents the logical volume name, raw device or partition that is to be used for your OSD data. The ``data_vg`` key represents the volume group name that your ``data`` logical volume resides on. This key is required for purging of OSDs @@ -231,6 +234,18 @@ For example, a configuration to use the ``lvm`` osd scenario would look like:: journal: journal-lv1 journal_vg: vg2 +For example, a configuration to use the ``lvm`` osd scenario with encryption would look like:: + + osd_objectstore: filestore + osd_scenario: lvm + dmcrypt: True + lvm_volumes: + - data: data-lv1 + data_vg: vg1 + journal: journal-lv1 + journal_vg: vg2 + crush_device_class: foo + ``bluestore`` ^^^^^^^^^^^^^