Hi, the advent of new features bears the potential to ask new questions :-)
Some I got WRT encryption:
1. Using AES, the data (block) volume occupied in encrypted filesystems will not substantially increase compared to non-encrypted ones, will it? Of course there might be some effects due to padding, but as the block sizes in AES are small compared to GPFS subblock sizes, this will be negligible, correct?
2. When using encryption with small files which could otherwise be stored in inodes, AES-caused padding might reduce the number of inode-storable files, correct? Having said that, the inode space has to be shared with the File Encryption Keys, that reduces the likelihood a small file fits into the inode even with 4k inodes anyway.
3. As only data are encrypted but no metadata: will, if encryption is on and a file can be stored in an inode, the file be encrypted, or treated as "meta data" encryption-wise and not be encrypted?
4. While this is actually a silly and unanswerable question, it has been brought up by a customer (and this species is always right): What is the performance impact of encryption in GPFS (anything from qualified guesses to sound experience or even comparing measurements is welcome)? AFAIK, the encryption/decryption is done on the node opening a file, so in GPFS client environments (using native GPFS mounts that is) this will negligible. However, if NAS-exporting, the GPFS NAS servers can get much more load as they will have to perform the encryption/decrypotion for many clients.
5. While it is said that only data, no metadata are encrypted I have read that directory blocks are encrypted. Now, I've always assumed the directory structure to be part of the metadata so I am seeing a contradiction here - could you please resolve it?
5 is a nice number so I'll stop now :-)