[DRBD-user] DRBD on Encrypted FS

Bill Asher BAsher at fracrack.com
Thu Oct 6 18:06:09 CEST 2011

Note: "permalinks" may not be as permanent as we would like,
direct links of old sources may well be a few messages off.

Noah, no, I was trying to encrypt the file system during install first and found that doesn't work, so now I'm trying to do the encryption after the drbd resource is created, like you said.

Has anyone else done this or know that it works?

Thanks for you response..

-----Original Message-----
From: drbd-user-bounces at lists.linbit.com [mailto:drbd-user-bounces at lists.linbit.com] On Behalf Of Noah Mehl
Sent: Wednesday, October 05, 2011 6:57 PM
To: drbd-user at lists.linbit.com
Subject: Re: [DRBD-user] DRBD on Encrypted FS

Bill,

I would suggest creating a drbd resource, and then using that as the backing for an encrypted PV.  Is that what you're trying to do?

~Noah

On Oct 5, 2011, at 6:24 PM, Bill Asher wrote:

> Today I did a little test to see if I could configure DRBD on encrypted LVs and what I found is it didn't work for me... Because the servers are located in a colo, security for the servers is the main reasoning.
> All seems to go good until I tell DRBD to mirror filerA logical volume(/dev/vg/data) to filerB LV (/dev/vg/data).  I then received errors on the console like this, over and over:
>
> "Block drbd0: open("/dev/vg/data") failed with -16"
>
> I then rebooted to Ubuntu CD to look at the LVs and.. they were all gone. The only thing the partitioner sees is the two partitions I created, one for /boot the other for logical volumes, but all my lvm tables were gone.  I was able to repeat this issue on both my filers.
>
> So my question is..
>
> a) can this even be done, encrypting the filesystem then configureing DRBD
> b) if encryption can be done, is my approach wrong?
>
> Thank you in advance for your time.
>
> NOTE:  This email, including any attached files, is confidential, may be legally privileged, and is solely for the intended recipient(s).  If you received this email in error, please destroy it and notify us immediately by reply email or phone (636-519-7070).  Any unauthorized use, dissemination, disclosure, copying or printing is strictly prohibited.
> _______________________________________________
> drbd-user mailing list
> drbd-user at lists.linbit.com
> http://lists.linbit.com/mailman/listinfo/drbd-user


Scanned for viruses and content by the Tranet Spam Sentinel service.
_______________________________________________
drbd-user mailing list
drbd-user at lists.linbit.com
http://lists.linbit.com/mailman/listinfo/drbd-user

NOTE:  This email, including any attached files, is confidential, may be legally privileged, and is solely for the intended recipient(s).  If you received this email in error, please destroy it and notify us immediately by reply email or phone (636-519-7070).  Any unauthorized use, dissemination, disclosure, copying or printing is strictly prohibited.

More information about the drbd-user mailing list