On Mar 25, 2014, at 3:30 PM, Carlos Espejo <[email protected]> wrote:
> Anybody running their PostgreSQL server from a ecryptfs container? What are
> the common production setups out there? What are the drawbacks that people
> have experienced with their solution?
We run postgres on XFS on lvm volumes put on top of cloud block devices
encrypted with LUKS. It feels like a lot of layers, but it lets us add more
encrypted disk space on the fly very easily (especially since I've got all this
config set up in a chef cookbook). It seems to work just fine. I haven't done
any testing, but I am pretty sure that it adds latency. But hey, if you need
crypto, you need it. :-)
We currently store the keys to LUKS encrypted with the host's private
chef key as a host attribute in the chef-server so that the key data at rest
would be safe, and we have an init script that the cookbook installs early in
the boot sequence that gets/decrypts the keys from chef, starts crypto up, and
mounts the filesystems before postgres starts up. We've got some plans to
improve this, but it's a heck of a lot better than storing them locally, and a
heck of a lot cheaper than a real HSM.
Another option that we liked and tested out, but discarded because of
cost, was Gazzang. They have a really slick setup. Pretty much plug n play,
and work really well in the cloud, which is where we are.
The one thing that I have run into that was a problem with doing this
on a loopback device mapped to a file on a host rather than directly on a real
block device. We did this on some cassandra servers, and pretty quickly began
seeing corruption. We never figured out where the problem was, but it was a
real pain to deal with. I'd avoid doing that.
Hope that helps. Have fun!
-tspencer
--
Sent via pgsql-general mailing list ([email protected])
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
