On 15-04-2024 16:43, Michael Worsham wrote:
Is there a how-to document available on how to setup
Hashicorp's Vault for Ceph, preferably in a HA state?
See [1] on how to do this on kubernetes.
AFAIK there is no documentation / integration on using Vault with
Cephadm / packages.
Due to some encryption needs, we need to set up LUKS,
OSD encryption AND Ceph bucket encryption as well. Yes, we know there will be a
performance hit, but the encrypt-everything is a hard requirement for our business needs
since we have government and healthcare-related contracts.
You might want to use secure mode for communication between clients /
daemons as well [2].
Gr. Stefan
[1]:
https://rook.io/docs/rook/latest-release/Storage-Configuration/Advanced/key…
[2]:
https://rook.io/docs/rook/latest-release/Storage-Configuration/Advanced/key…