[dm-crypt] KISS (was disappearing luks header and other mysteries)

Sven Eschenberg sven at whgl.uni-frankfurt.de
Sat Sep 20 02:29:43 CEST 2014


Well, it is not THAT easy.

If you want resilience/availability, you'll need RAID. Now what do you put
ontop of the RAID when you need to slice it? Put a disklabel/partition on
top of it and stick with a static setup or use LVM which can span multiple
RAIDs (and types) supports snapshotting etc. . Depending on your needs and
usage you will end up with LVM in the end. If you want encryption, you'll
need a crypto layer (or you put it in the FS alongside volume slicing).
Partitions underaneath the RAID, not necessary if the RAID implementation
can subslice physical devices and arrange for different levels on the same
disk. Except unfortunately, when you need a bootloader.

I don't see any alternative which would be KISS enough, except merging the
layers to avoid collissions due to stacking order etc. . Simple usage and
debugging for the user, but the actual single merged layer would be
anything but KISS.

Regards

-Sven

On Tue, September 16, 2014 10:07, Arno Wagner wrote:
> On Tue, Sep 16, 2014 at 08:39:45 CEST, Heinz Diehl wrote:
>> On 16.09.2014, Boylan, Ross wrote:
>>
>> > 1. Partition
>> > 2. RAID
>> > 3. LVM
>> > 4. LUKS
>>
>> > That is decidedly too many. KISS is not even in the building
>> > anymore with that.
>>
>> It is. Every single process does one thing. The problem is that most
>> of the distributions out there automatically install LVM. In my case,
>> I always chose four primary partitions manually, because they fit my
>> needs and are simple to manage, while not adding more complexity than
>> neccessary (/, /boot, /home, swap).
>
> The primary indicator that it is too complex is that debugging
> this fails. There is siome modern "engineering" faction that
> likes to pile up complexity until things start to fail. This is
> a symptom.
>
> Arno
> --
> Arno Wagner,     Dr. sc. techn., Dipl. Inform.,    Email: arno at wagner.name
> GnuPG: ID: CB5D9718  FP: 12D6 C03B 1B30 33BB 13CF  B774 E35C 5FA1 CB5D
> 9718
> ----
> A good decision is based on knowledge and not on numbers. -- Plato
>
> If it's in the news, don't worry about it.  The very definition of
> "news" is "something that hardly ever happens." -- Bruce Schneier
> _______________________________________________
> dm-crypt mailing list
> dm-crypt at saout.de
> http://www.saout.de/mailman/listinfo/dm-crypt
>




More information about the dm-crypt mailing list