<div dir="ltr"><div>I agree with your comments on BTRFS, it's exactly why I've never bothered with it, as it wasn't getting me anything. I want to be rid of using mdraid and luks for a native solution, but replacing layers for no or negligible benefit.</div><div><br></div><div>Last I had rebuilt my laptop, arch supported encryption, but not at boot time, but seems it might be possible now. I need to dig some more, but saw this with some quick poking around today. <a href="https://wiki.alpinelinux.org/wiki/Root_on_ZFS_with_native_encryption">https://wiki.alpinelinux.org/wiki/Root_on_ZFS_with_native_encryption</a></div><div><br></div><div>Gives me some hope arch might, but might look beyond arch too. I've had a lot of issues with arch in the past few years, particularly updates/upgrades, so I'm back to contemplating my choice in religion, er linux.</div><div><br></div><div>-mb</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Jun 23, 2021 at 9:55 PM Matthew Crews via PLUG-discuss <<a href="mailto:plug-discuss@lists.phxlinux.org">plug-discuss@lists.phxlinux.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 6/23/21 5:18 PM, Michael Butash via PLUG-discuss wrote:<br>
> Saw this today, talking about encryption under zfs under linux. Anyone<br>
> using it here that can comment on experience using it yet for personal<br>
> or at scale?<br>
> <br>
> <a href="https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/" rel="noreferrer" target="_blank">https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/</a><br>
> <<a href="https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/" rel="noreferrer" target="_blank">https://arstechnica.com/gadgets/2021/06/a-quick-start-guide-to-openzfs-native-encryption/</a>><br>
> <br>
> I use a combination of mdraid+luks+lvm+ext4/jfs, and would really love<br>
> for this to be one thing, ala ZFS or BTRFS. Yes I could google my arse<br>
> off to look, but looking for some trusted opinion here.<br>
<br>
I've used ZFS and BTRFS under Linux, though I haven't tried native ZFS<br>
encryption yet. I have used both ZFS and BTRFS under LUKS encryption too.<br>
<br>
Both BTRFS and ZFS work so much nicer than mdraid when it comes to<br>
spanning across multiple disks (though beware that BTRFS still isn't<br>
production safe for RAID5/RAID6).<br>
<br>
If you want to use a multi-disk storage array, ZFS and BTRFS are both<br>
superior options to MDRAID.<br>
<br>
However ZFS is just straight better and easier to maintain than BTRFS,<br>
especially now that native encryption is a thing (something BTRFS sorely<br>
lacks).<br>
<br>
<br>
<br>
Here is my disk topology for my 4 disk RAID10 setup under BTRFS.<br>
<br>
Disk 1 - LUKS - Btrfs --\ /--Btrfs subvolume<br>
| |<br>
Disk 2 - LUKS - Btrfs --| |--Btrfs subvolume<br>
|--- Btrfs volume --|<br>
Disk 3 - LUKS - Btrfs --| |--Btrfs subvolume<br>
| |<br>
Disk 4 - LUKS - Btrfs --/ \--Btrfs subvolume<br>
<br>
To be honest, it is a pain in the arse to mount an encrypted BTRFS<br>
volume this way. You need to unencrypt all four drives first, and then<br>
you need to mount it. But at least once its mounted, the subvolumes are<br>
already set up.<br>
<br>
If I need to replace a drive (and I've had to replace drives) it is also<br>
a pain in the arse due to having to deal with both Luks and BTRFS.<br>
<br>
Encrypted ZFS would simplify this setup enormously.<br>
<br>
When I need to replace my drives, I will be switching from BTRFS to ZFS.<br>
<br>
<br>
-Matt<br>
---------------------------------------------------<br>
PLUG-discuss mailing list - <a href="mailto:PLUG-discuss@lists.phxlinux.org" target="_blank">PLUG-discuss@lists.phxlinux.org</a><br>
To subscribe, unsubscribe, or to change your mail settings:<br>
<a href="https://lists.phxlinux.org/mailman/listinfo/plug-discuss" rel="noreferrer" target="_blank">https://lists.phxlinux.org/mailman/listinfo/plug-discuss</a></blockquote></div>