On Mon, 26 Oct 2009 10:05:52 +0100, Tomasz Chmielewski <mangoo at wpkg.org> wrote: > Jeffery Soo wrote: >> I'm using glusterfs 2.07 and I'm trying to secure it. I'm using it on a >> switch that is connected to the internet. >> I've tried using stunnel but it uses like 90% of CPU on both client and >> server. It also reduces throughput by 3-4x. >> >> Is there any better way or translator that will be available soon to >> secure and encrypt the connection, or is glusterfs really meant to be >> used only on a private internal switch? > > I don't think there is any usable translator for that. > > You can try running it over an IPsec or OpenVPN tunnel. > > If you run glusterfs over internet, you might also consider enabling > compression in the VPN tunnel; this could technically increase your > throughput. http://gluster.com/community/documentation/index.php/Translators/encryption/rot-13 ROT-13 is a toy translator that can "encrypt" and "decrypt" file contents using the ROT-13 algorithm. ROT-13 is a trivial algorithm that rotates each alphabet by thirteen places. Thus, 'A' becomes 'N', 'B' becomes 'O', and 'Z' becomes 'M'. It goes without saying that you shouldn't use this translator if you need _real_ encryption (a future release of GlusterFS will have real encryption translators). so its an upcoming feature. Why dont use GRE or ssh?