[Gluster-users] Has anyone used encrypted filesystems with Gluster?

James purpleidea at gmail.com
Fri Sep 14 00:57:55 UTC 2012


On Thu, 2012-09-13 at 14:42 -0700, Joshua Baker-LePain wrote:
> On Thu, 13 Sep 2012 at 2:30pm, Whit Blauvelt wrote
> 
> > This may be crazy, but has anyone used filesystem encryption (e.g. LUX)
> > under Gluster? Or integrated encryption with Gluster in some other way?
> >
> > There's a certain demand to encrypt some of our storage, in case the
> > hypothetical bad guy breaks into the server room and walks out with the
> > servers. Is this a case where we can have encryption's advantages _or_
> > Gluster's? Or is there a practical way to have both?
> 
> I haven't, but given that Gluster runs on top of a standard FS, I don't 
> see any reason why this wouldn't work.  Rather than just Gluster on top of 
> ext3/4/XFS, it would be Gluster on top of ext3/4/XFS on top of an 
> LUKS encrypted partition.
> 
> The main stumbling block I see isn't Gluster related at all, it's simply 
> how to do an unattended boot of a system with an encrypted partition...
Generally in this scenario, the best solution is to have an un-encrypted
root partition and a separate /data partition for gluster in this
scenario. If you need to reboot your machine, you'll naturally have to
enter a password before the data is available again, but the machine
will be "up".

HTH,
James

> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://supercolony.gluster.org/pipermail/gluster-users/attachments/20120913/38de80f1/attachment.sig>


More information about the Gluster-users mailing list