Hello everyone, I am currently working on the design of a ceph cluster, and i was asking myself some question regarding the security of the cluster. (Cluster should be deployed using Luminous on Ubuntu 16.04) Technically, we would have HVs exploiting the block storage, but we are in a position where we can't trust the VM that is running, thus, the HV can eventually get compromised, so how can we do to avoid a compromised hypervisor from compromising the safety of the data on the ceph cluster ? Using iscsi ? Using one key-ring per hypervisor ? Anything else ? Regards, Florian. _______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
 |