Hi everyone, I have some questions about encryption in Ceph.
1) Are RBD connections encrypted or is there an option to use encryption between clients and Ceph? From reading the documentation, I have the impression that the only option to guarantee encryption in transit is to force clients to encrypt volumes via dmcrypt. Is there another option? I know I could encrypt the OSDs but that's not going to solve the problem of encryption in transit.
2) I'm also struggling to understand if communication between Ceph daemons (monitors and OSDs) are encrypted or not. I came across a few references about msgr2 but I couldn't tell if it is already implemented. Can anyone confirm this?
I'm currently starting a new project using Ceph Mimic but if there's something new in this space expected for Nautilus, it would be good to know as well.
Regards,
Sergio
_______________________________________________ ceph-users mailing list ceph-users@xxxxxxxxxxxxxx http://lists.ceph.com/listinfo.cgi/ceph-users-ceph.com
