[Pacemaker] Pacemaker and LUKS partition

Georges-Etienne Legendre legege at legege.com
Fri Nov 5 11:42:07 UTC 2010


Hi,

I would like to use Pacemaker to open and mount an encrypted LUKS partition. Is there an OCS that is already available for LUKS / dm-crypt? If not, how complicated it is to write one? Any initial recommendation?

Here an overview of the device stack:

MySQL --> ext3 --> LUKS --> DRBD --> LVM --> disk

I want that when Pacemaker starts DRBD on server and promote it to become the primary node, it then open the encrypted partition (invoke cryptsetup luksOpen, then mount if successful). Services like MySQL will then be started.

I currently have this setup: MySQL --> ext3 --> DRBD --> LUKS --> LVM --> disk, which is not ideal. Data is encrypted/decrypted on both server, which have a performance impact. Also, data is not encrypted on the wire.

Thanks in advance,

-- Georges-Etienne






More information about the Pacemaker mailing list