On Wed, Apr 09, 2014 at 02:16:34PM -0700, Ken Tanzer wrote:
> > Any thoughts on how to pull this off for PostgreSQL stored data?
> >
> > I looked at this a while ago because I have clients who might require this
> in the future. ISTM you should be able to have your PG data directory
> stored on an encrypted filesystem. I believe this will decrease
> performance, but I have no idea by how much.
FWIW, I have several databases running on encrypted filesystems. The
performance difference is negligable *if* you have hardware
acceleration for your encryption, which most modern processors have.
Essentially, the processor can encrypt/decrypt data so much faster than
the cost of reading/writing to disk, you don't notice the difference.
There's surely a difference, but if this means you meet your
requirements it's an excellent solution.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> He who writes carelessly confesses thereby at the very outset that he does
> not attach much importance to his own thoughts.
-- Arthur Schopenhauer