Sorry if I missed the tutorial in the Wiki, I tried to find the method but couldn't seem to see it.
I have a RAID 6 array under a PCI-E LSI 9266-8i RAID card. The RAID array forms a single 21 TB volume which is encrypted with LUKS, and it is normally locked in Proxmox host.
At the moment, I have a VM where I passed the RAID card to, and the decryption was done inside that VM, everything works fine in that case.
I wonder if the same can be done with LXC, as it can save me some resource. That is, can I pass the RAID array to LXC, and use cryptsetup to unlock it?
Within the LXC container, running lsblk I can see the target drive already:
However, when I try to unlock it, it failed:
Meanwhile, in Proxmox host it works:
May I know what needs to be done to allow the access from LXC?
Update: (just an attempt, not working yet)
I tried to find the device to pass by
It looks like b 8:0 is what I need to allow. I then tried to add this line in the LXC's config:
but it didn't work; I still cannot open the RAID array within the LXC.
I have a RAID 6 array under a PCI-E LSI 9266-8i RAID card. The RAID array forms a single 21 TB volume which is encrypted with LUKS, and it is normally locked in Proxmox host.
At the moment, I have a VM where I passed the RAID card to, and the decryption was done inside that VM, everything works fine in that case.
I wonder if the same can be done with LXC, as it can save me some resource. That is, can I pass the RAID array to LXC, and use cryptsetup to unlock it?
Within the LXC container, running lsblk I can see the target drive already:
Code:
root@CSCS:~# lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
sda 8:0 0 21.9T 0 disk
sdb 8:16 0 465.8G 0 disk
|-sdb1 8:17 0 465.8G 0 part
`-sdb9 8:25 0 8M 0 part
sdc 8:32 0 465.8G 0 disk
|-sdc1 8:33 0 465.8G 0 part
`-sdc9 8:41 0 8M 0 part
nvme0n1 259:0 0 477G 0 disk
|-nvme0n1p1 259:1 0 1007K 0 part
|-nvme0n1p2 259:2 0 512M 0 part
`-nvme0n1p3 259:3 0 476.4G 0 part
Code:
root@CSCS:~# cryptsetup luksOpen /dev/sda targetRAIDArray
Device /dev/sda doesn't exist or access denied.
root@CSCS:~# cryptsetup luksOpen /sda targetRAIDArray
Device /sda doesn't exist or access denied.
root@CSCS:~#Meanwhile, in Proxmox host it works:
Code:
root@pve:~# cryptsetup luksOpen /dev/sda nSpacetime
Enter passphrase for /dev/sda:May I know what needs to be done to allow the access from LXC?
Update: (just an attempt, not working yet)
I tried to find the device to pass by
Code:
root@pve:/etc/pve/lxc# ls -al /dev
...
...
c--------- 1 root root 242, 0 Aug 13 11:05 megaraid_sas_ioctl_node
...
...
brw-rw---- 1 root disk 8, 0 Aug 13 11:05 sda
brw-rw---- 1 root disk 8, 16 Aug 13 11:05 sdb
brw-rw---- 1 root disk 8, 17 Aug 13 11:05 sdb1
brw-rw---- 1 root disk 8, 25 Aug 13 11:05 sdb9
...
...lxc.cgroup.devices.allow: b 8:0 rwmbut it didn't work; I still cannot open the RAID array within the LXC.
Last edited:
