zfs encryption + boot + world + dog

Stephen Partington cryptworks at gmail.com
Thu Jun 24 07:29:37 MST 2021


I would +1 the zfs arrangement on this configuration as well. I am still
rather new to zfs filesystems, but my VM host is really happy with zfs. My
configuration using zraid and a pair of SSD's for storage tiering has been
very nice as a balance.

For a laptop that may meet your needs, I would suggest looking into the
Thinkpad T51g. 8 core CPU, Nvidia 2070 or 2080 graphics (nice to have
performance graphics without having to deal with Quadro prices), 4 SODIMM
slots, 2 thunderbolt, 1USBc connected to the GPU, 2 M.2 slots, a
fingerprint sensor, and various workstation extras. Let me know if you have
any questions as I happen to have one.

On Wed, Jun 23, 2021 at 9:55 PM Matthew Crews via PLUG-discuss <
plug-discuss at lists.phxlinux.org> wrote:

> On 6/23/21 5:18 PM, Michael Butash via PLUG-discuss wrote:
> > Saw this today, talking about encryption under zfs under linux.  Anyone
> > using it here that can comment on experience using it yet for personal
> > or at scale?
> >
> >
> https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/
> > <
> https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/
> >
> >
> > I use a combination of mdraid+luks+lvm+ext4/jfs, and would really love
> > for this to be one thing, ala ZFS or BTRFS.  Yes I could google my arse
> > off to look, but looking for some trusted opinion here.
>
> I've used ZFS and BTRFS under Linux, though I haven't tried native ZFS
> encryption yet. I have used both ZFS and BTRFS under LUKS encryption too.
>
> Both BTRFS and ZFS work so much nicer than mdraid when it comes to
> spanning across multiple disks (though beware that BTRFS still isn't
> production safe for RAID5/RAID6).
>
> If you want to use a multi-disk storage array, ZFS and BTRFS are both
> superior options to MDRAID.
>
> However ZFS is just straight better and easier to maintain than BTRFS,
> especially now that native encryption is a thing (something BTRFS sorely
> lacks).
>
>
>
> Here is my disk topology for my 4 disk RAID10 setup under BTRFS.
>
> Disk 1 - LUKS - Btrfs --\                   /--Btrfs subvolume
>                         |                   |
> Disk 2 - LUKS - Btrfs --|                   |--Btrfs subvolume
>                         |--- Btrfs volume --|
> Disk 3 - LUKS - Btrfs --|                   |--Btrfs subvolume
>                         |                   |
> Disk 4 - LUKS - Btrfs --/                   \--Btrfs subvolume
>
> To be honest, it is a pain in the arse to mount an encrypted BTRFS
> volume this way. You need to unencrypt all four drives first, and then
> you need to mount it. But at least once its mounted, the subvolumes are
> already set up.
>
> If I need to replace a drive (and I've had to replace drives) it is also
> a pain in the arse due to having to deal with both Luks and BTRFS.
>
> Encrypted ZFS would simplify this setup enormously.
>
> When I need to replace my drives, I will be switching from BTRFS to ZFS.
>
>
> -Matt
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> https://lists.phxlinux.org/mailman/listinfo/plug-discuss



-- 
A mouse trap, placed on top of your alarm clock, will prevent you from
rolling over and going back to sleep after you hit the snooze button.

Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.phxlinux.org/pipermail/plug-discuss/attachments/20210624/2030b45c/attachment.html>


More information about the PLUG-discuss mailing list