Tips for storage config and ZFS encryption

P

Phil Shaw

Member
Jul 23, 2019
3
0
21
58
Hi all

I'm looking to build a new Proxmox 6.0 installation.

I have 1 x 240GB SSD and 4 x 10TB HD's

Looking to boot via UEFI (secure boot?) and have all the storage using ZFS with native encryption.

1.Whats the most appropriate ZFS / pool / raid config? I'm happy with 1 disk redundancy?
2.Is it better to keep OS separate from data with 2 pools?
3.Can I do this install from the install wizard? I can't see any options for ZFS encryption or complex pool configs
4.How does the passphrase get pushed to the bootloader? Especially with 2+ pools
5.Whats the best way to carve up the pool for VM's etc. Any worked examples?

Thanks
Phil
 
The official hardware recommendations are here. Your ideal configuration depends heavily on your requirements. Situations with similar hardware have already been discussed heavily on the forum.

You can find valuable information on how zfs encryption works in our documentation.
 
Thanks for the replies:

1.I have flicked through the documentation but it doesn't answer my specific questions. Was hoping for someone with a little experience who could save me trying out a dozen ZFS configs

2.I've already bought the HD's. Not looking for super performance, just reliability

Any other hints out there?

cheers
 
Phil Shaw said:
1.I have flicked through the documentation but it doesn't answer my specific questions. Was hoping for someone with a little experience who could save me trying out a dozen ZFS configs

2.I've already bought the HD's. Not looking for super performance, just reliability

Any other hints out there?
Click to expand...

Go with RAIDz1 over 4 disks if you do not want performance. If you do, go with a stripped mirror setup.

And to answer your unanswered questions:

Phil Shaw said:
2.Is it better to keep OS separate from data with 2 pools?
Click to expand...

In such a small disk setup, I do not recommend it. If you already stated that you do not want performance, go with one pool.

Phil Shaw said:
3.Can I do this install from the install wizard? I can't see any options for ZFS encryption or complex pool configs
Click to expand...

Encryption has to be activated after the install and does only work for non-OS data. You can install on RAIDz1 and stripped mirror from the installer.

Phil Shaw said:
4.How does the passphrase get pushed to the bootloader? Especially with 2+ pools
Click to expand...

It does currently not. Encrypted ZFS is very new and this feature will probably come (hopefully eventually). If you want a fully encrypted setup, go with LUKS.

Phil Shaw said:
5.Whats the best way to carve up the pool for VM's etc. Any worked examples?
Click to expand...

You have a pool, so "carving up" does not apply.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom