> Am 17.11.21 um 20:14 schrieb Marc: > >> a good choice. It lacks RBD encryption and read leases. But for us > >> upgrading from N to O or P is currently not > >> > > what about just using osd encryption with N? > > > That would be Data at Rest encryption only. The keys for the OSDs are > stored on the mons. Data is transferred unencrypted over the wire. > > RBD encryption takes place in the client. >
Very very nice security policy you have! _______________________________________________ ceph-users mailing list -- ceph-users@ceph.io To unsubscribe send an email to ceph-users-le...@ceph.io
