Trident NFS w/ kerberos | NetApp | Page 1

opal mirage May 5, 2023, 3:18 PM

#

Hi,

a customer of us wants to use trident in their kubernetes cluster. Their requirement is to only use enrcypted protocols.
Is NFS with kerberos possible with the ontap-nas driver?

paper geyser May 9, 2023, 5:24 PM

#

If all that is needed for encrypted NFS is mount options, then specify those in the backend and Trident will take care of it. If more is needed, let us know more specifics.

silk oracle May 12, 2023, 12:55 AM

#

Strongly recommend reading https://www.netapp.com/media/19384-tr-4616.pdf for server and client requirements

runic zenith May 12, 2023, 2:40 PM

#

Another path could be using IPSec which involves building an IPsec tunnel between host and storage . Any other protocol gets encrypted then so you can still use plain nfsv3 so no dependency on Kerberos setup. Watch out on proper expectations as both Kerberized NFS and IPsec have a significant impact on performance .

#Trident NFS w/ kerberos