How to get all containers to use encrypted swap


I am trying to ensure encryption at rest for all of my containers. So for example I have a database container which makes use of an encrypted volume for its data partition. I also want to be sure that whatever might be swapped (from any of the containers) is also never stored unencrypted. Is it sufficient to ensure that the lxd host machine is using an encrypted swap … asked differently, do the containers make use of the swap provided from the host?


Yes, AFAIK the swap is managed by the host.

Thanks. That is what I thought but good to have confirmation.