Bug 1041298

Summary: [RFE][nova]: KMIP Client for volume encryption key management
Product: Red Hat OpenStack Reporter: RHOS Integration <rhos-integ>
Component: RFEsAssignee: RHOS Maint <rhos-maint>
Status: CLOSED UPSTREAM QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: unspecifiedCC: markmc, yeylon
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
URL: https://blueprints.launchpad.net/nova/+spec/kmip-client-for-volume-encryption
Whiteboard: upstream_milestone_none upstream_status_unknown upstream_definition_obsolete
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-03-19 16:55:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description RHOS Integration 2013-12-12 14:16:57 UTC 
Cloned from launchpad blueprint https://blueprints.launchpad.net/nova/+spec/kmip-client-for-volume-encryption.

Description:

The volume encryption blueprint and specification describe a key manager interface that allows different types of key managers to be used. This blueprint proposes to use the defined key management interface to communicate with a key manager that supports the OASIS Key Management Interoperability Protocol (KMIP). Any KMIP Key Manager that supports the defined interfaces will be able to manage the encryption keys used in the volume encryption feature. This approach of adding a KMIP client to OpenStack provides a secure key management option for the volume encryption keys while also allowing OpenStack integration into KMIP compliant enterprise key management systems which are already managing keys for other systems and applications.

Specification URL (additional information):

https://wiki.openstack.org/wiki/KMIPclient