Hello guedouarj.
Setting up a PROXMOX installation with LUKS/dm-crypt is
possible, but, I think, not with the PROXMOX ISO-Installer
and will not be supported by PROXMOX.
You can get it the Debian-installer-way:
http://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_Lenny
on an usual debian "expert" installation process.
But I think, that LUKS-encryption on the host is a *VERY* bad idea.
We currently run about 8 PROXMOX nodes and the number raises.
Some Systems we use only for KVM-based Windows XP, 7 , Server
2003-2008 based and some for OpenVZ/KVM dual usage or OpenVZ single
use for productional systems of our software appliances.
And for some weeks I did a benchmark for some brandnew DELL 19"
servers with big hardware, e.g. 8-Port-SAS-RAID controller.
As in the real world, I/O is the main bottleneck, but in virtual
environments it is even more necessary to provide an adequate
performance, especially in IO.
One main criteria is the FSYNC/s value. For example, measured
by the "pveperf {DIRECTORY}" commandline tool of PROXMOX.
I benchmarked this and some other values in the PROXMOX host
and also inside the VMs. In conclusion if you use LUKS encryption
on the host your performance values will drop to the ground.
e.g. I got
* 20 - 60 FSYNCs/sec on LUKS-encrypted software raid (mdadm)
* 40 - 120 FSYNCs/sec on LUKS-encrypted hardware RAID (256 MB cache, BBU); tested with different encryption algorithms
while I got up to
* 1400 - 2000 FSYNCs/sec on an unecrypted system
@PROXMOX-Team: LUKS-encryption should officially and generally
be avoided, I think? Or is there a way know without such a big
impact on IO-performance?
Best regards,
René Kerner
IT Consultant, Software Developer,
Datenschutz Consultant
-tacticx GmbH-