You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
data_mover.py uses qemu to create custom image. At the moment, it is not using the LUKS encryption. Hence, when we import the image, it won't be encrypted. opening this issue so that we add that capability into the data mover.
What does it mean :
Create a LUKS passphrase and use it to encrypt the image
- Gotcha !: This has to be used in clear-text. So, we may need to come up with some mechanism where in it can accept wrapped passphrase ( hereinafter called as : WDEK ) and the code contacts HPCS to get it un-wrapped. This way, we don't have to ask for the clear-text passphrase
Pass that WDEK to terraform
data_mover.py will unwrap and do the operations.
Use the customer_root_key_crn and WDEK in the image.tf
data_mover.pyusesqemuto create custom image. At the moment, it is not using the LUKS encryption. Hence, when we import the image, it won't be encrypted. opening this issue so that we add that capability into the data mover.What does it mean :
Create a LUKS passphrase and use it to encrypt the image
- Gotcha !: This has to be used in clear-text. So, we may need to come up with some mechanism where in it can accept wrapped passphrase ( hereinafter called as : WDEK ) and the code contacts HPCS to get it un-wrapped. This way, we don't have to ask for the clear-text passphrase
Pass that WDEK to terraform
Use the
customer_root_key_crnand WDEK in the image.tf@mjamasri @gaganhegde @anunezde
The text was updated successfully, but these errors were encountered: