[Gluster-users] Has anyone used encrypted filesystems with Gluster?
purpleidea at gmail.com
Fri Sep 14 00:57:55 UTC 2012
On Thu, 2012-09-13 at 14:42 -0700, Joshua Baker-LePain wrote:
> On Thu, 13 Sep 2012 at 2:30pm, Whit Blauvelt wrote
> > This may be crazy, but has anyone used filesystem encryption (e.g. LUX)
> > under Gluster? Or integrated encryption with Gluster in some other way?
> > There's a certain demand to encrypt some of our storage, in case the
> > hypothetical bad guy breaks into the server room and walks out with the
> > servers. Is this a case where we can have encryption's advantages _or_
> > Gluster's? Or is there a practical way to have both?
> I haven't, but given that Gluster runs on top of a standard FS, I don't
> see any reason why this wouldn't work. Rather than just Gluster on top of
> ext3/4/XFS, it would be Gluster on top of ext3/4/XFS on top of an
> LUKS encrypted partition.
> The main stumbling block I see isn't Gluster related at all, it's simply
> how to do an unattended boot of a system with an encrypted partition...
Generally in this scenario, the best solution is to have an un-encrypted
root partition and a separate /data partition for gluster in this
scenario. If you need to reboot your machine, you'll naturally have to
enter a password before the data is available again, but the machine
will be "up".
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 836 bytes
Desc: This is a digitally signed message part
More information about the Gluster-users