I am not sure if encryption is fully working with NFS. I see one issue
still in OPEN state i.e.
https://bugzilla.redhat.com/show_bug.cgi?id=1065639
Thanks,
Santosh
On 06/19/2014 03:38 AM, Mark Lewis wrote:
Hello
I've looked around as much as possible, but I want to tread carefully.
I've created a couple of gluster volumes and before I do a
gluster volume set <Vol> encryption.master-key /path/to/key
for each, I need to plan properly and decide the path. Given the key
only needs to be in place during the mount operation, there are a
number of ways I can think of approaching this matter but I don't like
them. I don't think it's safe to keep the keys on the servers local
to the data in case the box(es) are rooted.
I will basically have any number of VMs running concurrently, and they
will each be wanting to access a different encrypted gluster volume
over the network. Each will have been given the master key for the
corresponding volume (although as I'm in the process of building out
the platform, it doesn't have to be that way. I wanna do it right
first time though obviously).
What's the best practice?
Thanks IA
Mark
_______________________________________________
Gluster-users mailing list
[email protected]
http://supercolony.gluster.org/mailman/listinfo/gluster-users
_______________________________________________
Gluster-users mailing list
[email protected]
http://supercolony.gluster.org/mailman/listinfo/gluster-users
