On Fri, Jan 11, 2019 at 11:24 AM Sergio A. de Carvalho Jr. <
scarvalh...@gmail.com> wrote:
> Thanks for the answers, guys!
>
> Am I right to assume msgr2 (http://docs.ceph.com/docs/mimic/dev/msgr2/)
> will provide encryption between Ceph daemons as well as between clients and
> daemons?
>
> Does a
Thanks for the answers, guys!
Am I right to assume msgr2 (http://docs.ceph.com/docs/mimic/dev/msgr2/)
will provide encryption between Ceph daemons as well as between clients and
daemons?
Does anybody know if it will be available in Nautilus?
On Fri, Jan 11, 2019 at 8:10 AM Tobias Florek wrote:
Hi,
as others pointed out, traffic in ceph is unencrypted (internal traffic
as well as client traffic). I usually advise to set up IPSec or
nowadays wireguard connections between all hosts. That takes care of
any traffic going over the wire, including ceph.
Cheers,
Tobias Florek
signature.as
>>1) Are RBD connections encrypted or is there an option to use encryption
>>between clients and Ceph? From reading the documentation, I have the
>>impression that the only option to guarantee encryption in >>transit is to
>>force clients to encrypt volumes via dmcrypt. Is there another option?
Hi,
AFAIK, there is no encryption on the wire, either between daemons or
between a daemon and a client
The only encryption available on Ceph is at rest, using dmcrypt (aka
your data are encrypted before being written on disk)
Regards,
On 01/10/2019 07:59 PM, Sergio A. de Carvalho Jr. wrote:
> Hi
