Hi all, with regard to LUKS; should it placed before LVM or after? Any recommendations? TRIM command fully supported through all layers etc? -- Leon
I recommend having LUKS be "under" LVM. the layers would be: /dev/sda -> partition (/dev/sda1) -> LUKS (/dev/sda1_crypt) -> LVM physical volume -> volume group -> logical volume -> filesystem The layers described above are how the Ubuntu installer sets up an encrypted LVM filesystem. As far as I know, TRIM is passed through LUKS and the LVM layers if it's available in the hardware. Sincerely, Jason --------------------------------------------------------------------------- Jason Edgecombe | Linux Administrator UNC Charlotte | The William States Lee College of Engineering 9201 University City Blvd. | Charlotte, NC 28223-0001 Phone: 704-687-1943 jwedgeco at uncc.edu | http://engr.uncc.edu | Facebook --------------------------------------------------------------------------- If you are not the intended recipient of this transmission or a person responsible for delivering it to the intended recipient, any disclosure, copying, distribution, or other use of any of the information in this transmission is strictly prohibited. If you have received this transmission in error, please notify me immediately by reply e-mail or by telephone at 704-687-1943. Thank you. On Tue, Jun 16, 2020 at 1:42 PM Leon Fauster via CentOS <centos at centos.org> wrote:> Hi all, > > with regard to LUKS; should it placed before LVM or after? Any > recommendations? TRIM command fully supported through all layers etc? > > -- > Leon > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos >
Erick Perez - Quadrian Enterprises
2020-Jun-16 21:07 UTC
[CentOS] LUKS layer / best practice
Also, if you want to use deduplication (via VDO) then you must remember to "dedupe then encrypt" Storage > LUKS > VDO > LVM old but good reference to: https://access.redhat.com/articles/2106521 On Tue, Jun 16, 2020 at 3:00 PM Jason Edgecombe <jwedgeco at uncc.edu> wrote:> > I recommend having LUKS be "under" LVM. the layers would be: > /dev/sda -> partition (/dev/sda1) -> LUKS (/dev/sda1_crypt) -> LVM physical > volume -> volume group -> logical volume -> filesystem > > The layers described above are how the Ubuntu installer sets up an > encrypted LVM filesystem. As far as I know, TRIM is passed through LUKS and > the LVM layers if it's available in the hardware. > > Sincerely, > Jason > > --------------------------------------------------------------------------- > Jason Edgecombe | Linux Administrator > UNC Charlotte | The William States Lee College of Engineering > 9201 University City Blvd. | Charlotte, NC 28223-0001 > Phone: 704-687-1943 > jwedgeco at uncc.edu | http://engr.uncc.edu | Facebook > --------------------------------------------------------------------------- > If you are not the intended recipient of this transmission or a person > responsible for delivering it to the intended recipient, any disclosure, > copying, distribution, or other use of any of the information in this > transmission is strictly prohibited. If you have received this transmission > in error, please notify me immediately by reply e-mail or by telephone at > 704-687-1943. Thank you. > > > On Tue, Jun 16, 2020 at 1:42 PM Leon Fauster via CentOS <centos at centos.org> > wrote: > > > Hi all, > > > > with regard to LUKS; should it placed before LVM or after? Any > > recommendations? TRIM command fully supported through all layers etc? > > > > -- > > Leon > > _______________________________________________ > > CentOS mailing list > > CentOS at centos.org > > https://lists.centos.org/mailman/listinfo/centos > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos-- --------------------- Erick Perez Quadrian Enterprises S.A. - Panama, Republica de Panama Skype chat: eaperezh WhatsApp IM: +507-6675-5083 ---------------------