Recent content by SWEETGOOD

Thanks for pointing that out. I'm already monitoring the situation in my setup since using the upstream "fix" and did not recognize anything which I would call "significant". So can you specify what you meant with "significant speed disadvantage"?

Looks like the most recent version of PROXMOX 9.2.2 has implemented a permanent fix for this, see this commit: https://git.proxmox.com/?p=pve-storage.git;a=commit;f=src/PVE/Storage/ZFSPoolPlugin.pm;h=c705a2c03f2c5a9c67695d5d998925875d95c50b So the workaround with patching the file...

As ZFSPoolPlugin.pm got some additional lines during the major update from PROXMOX 8 to 9 the most current patch is as follows (only the line numbers have changed): 820,826c820 < my \$cmd = ['zfs', 'send']; < my \$encrypted = \$class->zfs_get_properties(\$scfg, 'encryption'...

I will provide you with updated patch files as soon as I'm done with my massive backlog.

I also stumbled over this issue and it took me about an hour to figure it out Like others in this thread already pointed out it is important to have the permission for the remote datastore on the remote pbs set on the source pbs. ❗️ So it is not sufficient to have the permissions set on the...

Will give it a try – thanks for the heads up

As ZFSPoolPlugin.pm got some additional lines during the last minor PROXMOX updates the most current patch is as follows (only the line numbers have changed): 772,778c772 < my \$cmd = ['zfs', 'send']; < my \$encrypted = \$class->zfs_get_properties(\$scfg, 'encryption'...

Interesting question – I checked my pools and can confirm that encryption is disabled on these pools as well. Just an idea: Maybe the pool-level encryption gets "shut off" automatically as soon as one starts to make one of the datasets its own encryption root? Regarding your second question: I...

In case you want to use migration / replication (which is send/receive) of encrypted ZFS datasets you should read what has been posted in this thread: https://forum.proxmox.com/threads/allow-migration-and-replication-of-disks-on-zfs-encrypted-storage.117227/ It describes what works, what...

With a little patch of ZFSPoolPlugin.pm you can enable migration and replication on encrypted ZFS datasets. The procedure is described here and has been tested with most recent PROXMOX 8.4.1: https://forum.proxmox.com/threads/allow-migration-and-replication-of-disks-on-zfs-encrypted-storage.117227/

As ZFSPoolPlugin.pm got some additional lines during the last two minor PROXMOX updates the most current patch is as follows: 756,762c756 < my $cmd = ['zfs', 'send']; < my $encrypted = $class->zfs_get_properties($scfg, 'encryption', "$scfg->{pool}/$dataset"); < if ($encrypted !~...

Auch wenn dieser Thread hier schon gute zwei Jahre alt ist, wollte ich dennoch einen kurze Verweis auf sein "englisches Pendant" hinterlassen. Dort habe ich – dank des Scripts von @selbitschka – mein vollverschlüsseltes ZFS-Setup mit Replikation und den üblichen Cluster-Funktionalitäten...

After some days of testing this in production I can say: It works just fine, but ... :cool: 1. You have to take GOOD care of monitoring your encryption roots and get notified if someone (by accident) moved a VM/CT to an unencrypted storage / another encrypted storage and forgot to set the...

A big THANK YOU for this comprehensive guide. I'm currently implementing it and it seems to be very clear to me that this approach will work somehow :cool: Results: ONLINE MIGRATION of VMs¹ only works, if you set up a replication job beforehand and OFFLINE MIGRATION works out of the box for VMs...

For others who might look up this information too: You should not only add the hostnames but also the IP addresses here, so the config file might look like this on proxmox 1: Host proxmox2 proxmox3 Port 2222 Host 192.168.0.2 192.168.0.3 Port 2222 The interface which is used for VM...