On 04/23/2022 09:19 PM, H wrote:
On 04/19/2022 09:57 AM, Roberto Ragusa wrote:
On 4/18/22 1:27 PM, H wrote:
I have a new computer with 2 x 2TB SSDs where I wanted to install C7 and use mdadm for RAID1 configuration and encrypting the /home partition. On the net I found https://tuxfixer.com/centos-7-installation-with-lvm-raid-1-mirroring/ which I adopted slightly with respect to partition sizes, using RAID1 for /boot and /root as well and added the /home partition with RAID1 and chose to have /home encrypted.
It may be a good idea to also have / and swap encrypted, since user data can go there easily (logs, locatedb, swapped mem).
I would do:
- /boot as a separate RAID1 (md1=sda1+sdb1)
- then another RAID1 (md2=sda2+sdb2) using all the remaining disk
- luks on top of md2, giving you luks-xxxxx
- LVM with a PV on luks-xxxxx
- VG and LVs for swap, / and /home (do not assign all the available space now, especially if using xfs as filesystem)
Not sure if you can do this setup through the installer, you have to try (in a VM maybe).
Regards.
Thank you. I will have time to get back to this system tomorrow to try this.
CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Roberto, what would the advantage(s) be with your setup, ie one RAID1 array for everything but /boot compared to what I had done, ie three RAID1 arrays for /boot/efi RAID1, /boot RAID1 and one LVM-RAID1 for / and /home? As a naive user it would seem to me that the setup I did would be more resilient if a disk fails, or?