Discussion in 'all things UNIX' started by lotuseclat79, Mar 27, 2014.
LVM on dm-crypt/LUKS on Linux RAID is awesome
No I'll know what this is about!
Is that the proper layering? How do you add/replace drives if LVM is running on top of LUKS?
(I've never looked much into disk encryption...)
What does replace mean? If you're talking about replacing one of the drives, then it's similar to if they weren't encrypted: open up the container and start the process again.
I came up to a similar question when I needed to re-install my system. I just did:
# cryptsetup open /dev/sda2 lvm
# mount /dev/mapper/system-root /mnt
# mount /dev/sda1 /mnt/boot
# swap on /dev/mapper/system-swap
# mount /dev/mapper/system-home /mnt/home
There you have it. Now you can proceed with installation.
In this case, it's Linux software RAID that's dealing with the physical HDDs. If one of them dies, the array is degraded. You just shut down, replace the failed HDD, and boot. Then you wait while the array is rebuilt. You can follow progress in the Disk Utility GUI.
During this process, it's not even necessary for the LUKS partition to be decrypted.
There's an additional complication if you also put /boot on a RAID array. Unless you allow booting from a degraded array, you'll need to boot from a LiveCD for rebuilding the RAID arrays.
LVM is useful here in two ways. First, is that all of your partitions except /boot are decrypted at boot by the same LUKS passphrase. Second, it's very easy to enlarge /swap or /root, add a new partition, etc.
Separate names with a comma.