Exactly. This is a big issue. I'm wondering how globally distributed handle this type of issue. How storages replicate between two countrys, like Brazil and China, in a secure manner?
On Wed, Oct 15, 2014 at 3:06 PM, Pete Zaitcev <zait...@redhat.com> wrote: > On Wed, 17 Sep 2014 15:16:22 -0300 > Gui Maluf <guimal...@gmail.com> wrote: > > > Replicas are copied between storage nodes and swift presume all storage > > nodes are running in a secure network. Taking any scenario of a Globally > > Distributed OpenStack Swift Cluster > > < > https://swiftstack.com/blog/2012/09/16/globally-distributed-openstack-swift-cluster/ > >, > > how could nodes replicates through Regions, or even between zones, using > > VPN, SSL or any secure/encrypted way? > > I'm afraid there's no other practical way but create VPNs between > datacenters and tunnel your back-end Swift traffic. Although it > could be possible to use SSL (with minimal changes), there's no > authentication or authorization in Swift back-end services. > If you let attackers on your replication network, it's game over. > > -- Pete > -- *guilherme* \n \t *maluf*
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
