protosio / protos

GNU Affero General Public License v3.0
9 stars 3 forks source link

Encrypted storage for applications #22

Open nustiueudinastea opened 4 years ago

nustiueudinastea commented 4 years ago

Ideally this should be done per application, using something like encrypted ZFS volumes. If Btrfs gains per-volume encryption, than Btrfs should be used.

nustiueudinastea commented 4 years ago

Another option is to use lvm encrypted volumes. An example Docker plugin that does this: https://github.com/containers/docker-lvm-plugin

nustiueudinastea commented 4 years ago

Apparently ZFS has slow encryption with high impact on CPU usage, which might totally kill the small VMs that Protos is targeting. Monitor how the situation evolves: https://github.com/openzfs/zfs/issues/10066 and https://github.com/openzfs/zfs/pull/9749