From: Mark Kampe <mark.kampe@inktank.com>
To: Marcus Sorensen <shadowsor@gmail.com>
Cc: Sage Weil <sage@inktank.com>, James Page <james.page@ubuntu.com>,
Gregory Farnum <greg@inktank.com>,
Peter Reiher <reiher@inktank.com>,
Dustin Kirkland <dustin.kirkland@gazzang.com>,
ceph-devel@vger.kernel.org
Subject: Re: on disk encryption
Date: Thu, 31 Jan 2013 16:04:29 -0800 [thread overview]
Message-ID: <510B068D.8000706@inktank.com> (raw)
In-Reply-To: <CALFpzo5WBnRa=LTVqnqo+iG4FziyCxJxjYVp=tvE=aYJEBw4zw@mail.gmail.com>
Correct.
I wasn't actually involved in this (or any other real) work,
but as I recall the only real trick is how much key management
you want:
Do we want to be able to recover the key if a good disk
is rescued from a destroyed server and added to a new
server?
Do we want to ensure that the keys are not persisted on
the server, so that an entire server can be decommissioned
without having to worry about the data being recovered
by somebody who knows where to look?
If you are willing to keep the key on the server and lose
the data when the server fails, this is trivial. If you
are unwilling to keep the key on the server, or if you need
the disk to remain readable after the server is lost, we
need some third party (like the monitors) to maintain the
keys.
We thought these might be important, so we were looking
at how to get the monitors to keep track of the encryption
keys.
On 01/31/2013 03:42 PM, Marcus Sorensen wrote:
> Yes, anyone could do this now by setting up the OSDs on top of
> dm-crypted disks, correct? This would just automate the process, and
> manage keys for us?
next prev parent reply other threads:[~2013-02-01 0:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-15 11:54 on disk encryption Sage Weil
2012-09-15 12:22 ` Mark Nelson
2012-09-19 1:53 ` Dustin Kirkland
2012-12-10 9:17 ` James Page
2012-12-10 15:53 ` Gregory Farnum
2013-01-22 21:28 ` James Page
[not found] ` <CAEgPQZDqUK+MJTX3Kbpdv3ai4=5rNCrGkxi=ioLt5OzC+zi4+Q@mail.gmail.com>
2013-01-23 0:02 ` Sage Weil
2013-01-23 0:04 ` Sage Weil
2013-01-31 23:42 ` Marcus Sorensen
2013-02-01 0:04 ` Mark Kampe [this message]
2013-02-01 0:16 ` Marcus Sorensen
2013-02-01 0:44 ` Sage Weil
2013-02-01 0:57 ` Neil Levine
2013-02-01 15:37 ` Christian Brunner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=510B068D.8000706@inktank.com \
--to=mark.kampe@inktank.com \
--cc=ceph-devel@vger.kernel.org \
--cc=dustin.kirkland@gazzang.com \
--cc=greg@inktank.com \
--cc=james.page@ubuntu.com \
--cc=reiher@inktank.com \
--cc=sage@inktank.com \
--cc=shadowsor@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.