From 18402076e3d6dbe65e95aab4adf1e8a7dbada906 Mon Sep 17 00:00:00 2001 From: Chris Lu Date: Tue, 24 Mar 2020 18:55:56 -0700 Subject: [PATCH] Updated FAQ (markdown) --- FAQ.md | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/FAQ.md b/FAQ.md index 5d63e59..8fe323e 100644 --- a/FAQ.md +++ b/FAQ.md @@ -20,15 +20,17 @@ Yes. ### My data is safe? What about bit-rot protection? Is there any encryption? -Your data is safe! SeaweedFS data is all append-only and create less stress to the disks, especially SSDs with a limited number of write cycles. SeaweedFS can maximumly reduce writes to the same SSD cell, thus increase its lifespan. +* **SSD friendly**: SeaweedFS data is all append-only and create less stress to the disks, especially SSDs with a limited number of write cycles. SeaweedFS can maximumly reduce writes to the same SSD cell, thus increase its lifespan. -Entries on volume servers are CRC checked for any possible changes on server side and accessible via Etag. For Filer and S3 APIs, the files are also checked via MD5 Etag. +* **Bitrot Protection**:Entries on volume servers are CRC checked for any possible changes on server side and accessible via Etag. For Filer and S3 APIs, the files are also checked via MD5 Etag. -Filer can run in AES256 encryption mode, with the encryption keys stored in filer meta data store. So the volume server can safely run anywhere, remote or on cloud. See [[Filer Data Encryption]] +* **Replication**: Each file can have its own replication strategy. Erasure encoding not only saves space, but also can tolerate loss of 4 shards of data. -Between all the components, i.e., master, volume server, filer, and clients, SSL/TLS can be enabled for all the communications. JWT can be enabled to securely allow any client to upload data to volume servers. See [[Security Overview]] +* **Encryption**: Filer can run in AES256 encryption mode, with the encryption keys stored in filer meta data store. So the volume server can safely run anywhere, remote or on cloud. See [[Filer Data Encryption]] -For [[Amazon S3 API]], the credentials can be checked and access control can be enforced. +* **Secure Connection**: Between all the components, i.e., master, volume server, filer, and clients, SSL/TLS can be enabled for all the communications. JWT can be enabled to securely allow any client to upload data to volume servers. See [[Security Overview]] + +* **Access Control**: For [[Amazon S3 API]], the credentials can be checked and access control can be enforced. ### How is it optimized for small files? How small is small files?