I am not sure if encryption is fully working with NFS. I see one
issue still in OPEN state i.e.
https://bugzilla.redhat.com/show_bug.cgi?id=1065639
Thanks,
Santosh
On 06/19/2014 03:38 AM, Mark Lewis
wrote:
Hello
I’ve
looked around as much as possible, but I want to tread
carefully. I’ve created a couple of gluster volumes and
before I do a
gluster
volume set <Vol> encryption.master-key /path/to/key
for each, I need to plan properly
and decide the path. Given the key only needs to be in place
during the mount operation, there are a number of ways I can
think of approaching this matter but I don’t like them. I
don’t think it’s safe to keep the keys on the servers local to
the data in case the box(es) are rooted.
I will basically have any number of
VMs running concurrently, and they will each be wanting to
access a different encrypted gluster volume over the network.
Each will have been given the master key for the
corresponding volume (although as I’m in the process of
building out the platform, it doesn’t have to be that way. I
wanna do it right first time though obviously).
What’s the best practice?
Thanks IA
Mark
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users
|
_______________________________________________
Gluster-users mailing list
Gluster-users@xxxxxxxxxxx
http://supercolony.gluster.org/mailman/listinfo/gluster-users
