On Tue, Jan 30, 2018 at 16:09:50 +0100, Tomasz Pala wrote: >> BCP for over a >> decade has been to put multipathing at the bottom, then crypto, then >> software RAID, than LVM, and then whatever filesystem you're using. > > Really? Let's enumerate some caveats of this: > > - crypto below software RAID means double-encryption (wasted CPU), > > - RAID below LVM means you're stuck with the same RAID-profile for all > the VGs. What if I want 3-way RAID1+0 for crucial data, RAID1 for > system and RAID0 for various system caches (like ccache on software > builder machine) or transient LVM-level snapshots. > > - RAID below filesystem means loosing btrfs-RAID extra functionality, > like recovering data from different mirror when CRC mismatch happens, > > - crypto below LVN means encrypting everything, including data that is > not sensitive - more CPU wasted,
And, what is much worse - encrypting everything using the same secret. BIG show-stopper. I would shred such BCP as ineffective and insecure for both, data integrity and confidentiality. > - RAID below LVM means no way to use SSD acceleration of part of the HDD > space using MD write-mostly functionality. -- Tomasz Pala <go...@pld-linux.org> -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
