[OpenIndiana-discuss] ZFS Encryption for MySQL data store
Andy Lubel
alubel at gmail.com
Wed Jan 18 15:06:26 UTC 2012
I didn't think oi had zfs encryption?
On Jan 18, 2012, at 9:59, Mark Creamer <whitetr6 at gmail.com> wrote:
> I'd like to get a better understanding (or have someone correct me where
> I'm wrong) about using ZFS encryption for a particular zfs filesystem.
>
> The idea is to create a zfs file system for a MySQL database to use to
> store its datafiles since the database contains potentially sensitive
> information. The server we would do this on already has several zfs
> filesystems used for other purposes.
>
> So if I create a new filesystem, and set encryption to on, these are the
> caveats as I understand them:
>
> 1. I can snapshot and zfs send | zfs receive to a separate physical backup
> server for archival storage, and as long as the receiving file system is
> also set to encryption=on, the replicated data would remain encrypted with
> the same passphrase
> 2. In order for the server to mount this filesystem on boot, someone would
> need to be available to enter the passphrase - otherwise the file system
> would remain unmounted, meaning MySQL could not use it
>
> Are these two things correct? If so, is there a better solution for Item
> #2, such that remotely rebooting the server would allow MySQL to start and
> be able to use the file system?
>
> --
> Mark
> _______________________________________________
> OpenIndiana-discuss mailing list
> OpenIndiana-discuss at openindiana.org
> http://openindiana.org/mailman/listinfo/openindiana-discuss
More information about the OpenIndiana-discuss
mailing list