Geli and ZFS

Terje Elde terje at elde.net
Thu Oct 10 18:08:48 UTC 2013


On Oct 9, 2013, at 6:43 AM, yudi v <yudi.tux at gmail.com> wrote:

> Generally, it's recommended to let ZFS manage the whole disk if possible,
> so I was wondering if the second option is better.
> I will be using couple of 3TB HDDs mirrored for data and want to encrypt
> them.

IIRC, there is/was a major performance-difference on Solaris between using ZFS on a partition, or a whole disk.  FreeBSD is happy with either.

The two alternatives you mentioned were:

ZFS over GELI over disk
and
ZFS over GELI over ZFS over disk

While ZFS wouldn't get the raw disk in setup #1, the left-most ZFS wouldn't get it in the second scenario either.

> I am hoping someone with an in-depth understanding of ZFS will be able to
> offer some insight.


What I usually do and recommend is using GPT with labels for the partitions you'll put GELI/ZFS on.

There's a couple of different reasons for this:

 * It'll let you create your zpool on /dev/gpt/label, which will make it easy to find even when the device moves (harddisk-renumbering, changes from internal ATA to USB enclosure… )

 * You don't run things through ZFS twice.

 * The disk is fully encrypted.

 * etc

Terje

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 509 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20131010/9e3b539c/attachment.sig>


More information about the freebsd-questions mailing list