On Tue, Jul 26, 2016 at 3:47 PM, Paul Warren <paul.warren98 at gmail.com>
wrote:> Hi,
>
> New to the list, I am trying to setup data encryption, I currently have SSL
> encryption up and running thanks to the help of kshlm. When I enable the
> option features.encryption on, I unmount and try to remount my client and
> get the following error.
>
> [2016-07-26 09:47:17.792417] E [crypt.c:4307:master_set_master_vol_key]
> 0-data-crypt: FATAL: can not open file with master key
> [2016-07-26 09:47:17.792448] E [MSGID: 101019] [xlator.c:428:xlator_init]
> 0-data-crypt: Initialization of volume 'data-crypt' failed, review
your
> volfile again
>
>
> We are running Centos 6.7 and glusterfs-3.7.11-1.el6.x86_64
> with the client being centos 7.2 using glusterfs to mount the share.
I hope you are using the client packages provided by the community and
not the ones that come in the CentOS repo.
The client packages that come with the CentOS repo are repackaged
versions of the RHGS product. They might not be completely compatible
with the community packages.
>
> I've done some googling looking for a answer but I can't seem to
find much
> regarding how data encryption works / errors etc. I would have assumed I
> just need to generate a key for the client. But I can't find much info
about
> this.
>
> I was following
>
http://www.gluster.org/community/documentation/index.php/Features/disk-encryption
> - but this doesn't exist any more.
The feature spec page at [1] has the information required. Section 6.2
has information on generating the key, and section 7 shows how to
enable and use encryption.
Let us know if this works, and if you have suggestions for improvement.
[1]:
https://github.com/gluster/glusterfs-specs/blob/master/done/GlusterFS%203.5/Disk%20Encryption.md
>
> Thanks
> Paul
>
>
> _______________________________________________
> Gluster-users mailing list
> Gluster-users at gluster.org
> http://www.gluster.org/mailman/listinfo/gluster-users