Cache servers are primarily built for maximum performance and simplicity. The need for at-rest data encryption layer increases latency. Building it yourself increases bug reporting and attack surface.
For these reasons Redis decided not implement it in their core product, while Varnish released it in their enterprise version.
We wanted to try things the other way around : Instead of using a cache software with data encryption, We wanted to try a data encryption software as a cache solution.
So we tried to setup Hashicorp’s Vault with fancy non-recommended settings…
Head of DevOps Strategy
11:20AM - Day 2
03:00PM - Day 1