In this video from LUG 2015 in Denver, Sebastien Buisson from Bull Atos presents: Lustre & Kerberos: In Theory and In Practice.
Kerberos is the most famous way to allow safe communications over a non-secure network, by providing authentication and encryption. Plain old lustre.org has a section about Kerberos Lustre setup, and in the past presentations have demonstrated Lustre deployments on Kerberized production clusters. But in 2013 others have related a failed attempt to kerberize Lustre 2.4 exchanges. And even Kerberos support has been removed from official up-to-date Lustre Operations Manual. However, our work on Lustre 2.7 has been beneficial to Lustre Kerberos support. This presentation will show how far Lustre can go in Kerberos security, and what kind of authentication and encryption we can get to work. We will also take an interest in the impact of various Kerberos flavors over performance.