Hi folks, I'm currently rethinking the filesystem structure of my file server. My current setup is as follows:
DM Raid 10 (4x3TiB) -> Luks -> Ext4 At the moment the Raid 10 costs 50% of available memory, in future, I'd like to use Raid5 which would only costs 25% in my case. But more important: I'd also like to use ZFS on linux as I experienced it to be rock solid on Linux. (Had really good experience with ZFS together with Proxmox, damn, ZFS really rocks!). But the problem's in the details: Encryption... In my opinion, encryption is not optional, it is mandatory. Afaik, ZFS has its own encryption mechanisms which are currently not supported on Linux. So what would be the best way to go? First solution: DM-Raid -> Luks -> ZFS Pro: Known to work Con: ZFS actually comes with it's own (probably more efficient) Raid system called RaidZ which will not be used in this setup Second solution: 4xLuks -> ZFS Pro: Now it's possible to use RaidZ Con: 4x independent crypto which is a performance killer (especially as my box doesn't suport AES-NI...) Other solutions, like using EncFS is inconvenient as zfs features like file history would not work any longer. Any suggestions? Does anyone already have an encrypted ZFS setup on Linux and would like to share experience? If blocks on my physical disk fail or are corrupted, would these errors be propagated through block layers DM Raid and Luks upwards to ZFS so that resilvering will work? Cheers Ralf
