[SOLVED] Software RAID 1 + LUKS - which order?

Kernels & Hardware, configuring network, installing services

[SOLVED] Software RAID 1 + LUKS - which order?

Postby KingBongo » 2017-09-24 15:15

Hi. I have been looking around for the following issue but could not find a satisfying answers anywhere.

The task is the following: I want to create an encrypted LUKS software RAID 1 (I don't trust hardware RAIDs) out of two physical disks. Which is the best order to do it? As I see it there are two options

1. RAID -> LUKS -> FS

2. LUKS (one disk first?) -> RAID (create with one disk missing and then add missing disk to raid to get same password?) -> FS

Am I wrong? I read somewhere that somebody thought that it is always advisable to encrypt individual disks to minimize problems in case of (for example) a disk failure, which would imply case 2. In other cases people say otherwise. What is correct?

I have a few more questions:
A. What happens when you try to mount the raid in either case? Will you get asked for a password automatically? Which situation is smoothest?
B. What happens in case of a disk failure in either case? Which situation is easier to deal with?

If someone would explain this to me I would be happy. A step-wise explanation of how I should do it would really be great.
Last edited by KingBongo on 2017-09-25 12:58, edited 1 time in total.
KingBongo
 
Posts: 53
Joined: 2010-10-14 13:39

Re: Software RAID 1 + LUKS - which order?

Postby p.H » 2017-09-24 17:25

RAID -> LUKS -> (LVM) -> filesystems

LVM allows to create multiple logical volumes in one single encrypted volume, ie with one passphrase to type.
KingBongo wrote:I read somewhere that somebody thought that it is always advisable to encrypt individual disks to minimize problems in case of (for example) a disk failure

Nonsense with RAID.

KingBongo wrote:A. What happens when you try to mount the raid in either case?

You do not mount the RAID. You assemble a RAID array. You mount a filesystem.

KingBongo wrote:B. What happens in case of a disk failure in either case? Which situation is easier to deal with?

RAID -> LUKS : you replace the failed disk and add it to the RAID array. The RAID rebuilds a mirror or the remaining disk regardless of the RAID array's contents.

LUKS -> RAID : you replace the failed disk, create a new LUKS volume on it and add it to the RAID array. The RAID rebuilds (and so on). One more step than above.
p.H
 
Posts: 177
Joined: 2017-09-17 07:12

Re: Software RAID 1 + LUKS - which order?

Postby KingBongo » 2017-09-25 02:21

p.H:
thank you, Thank You, THANK YOU! :)
KingBongo
 
Posts: 53
Joined: 2010-10-14 13:39


Return to System configuration

Who is online

Users browsing this forum: No registered users and 4 guests

fashionable