For your information, I ended up using eCryptFS, which can be mounted like any other partition. The ocf:heartbeat:Filesystem can thus be used directly.
Thanks, -- Georges-Etienne On Fri, 5 Nov 2010 07:42:07 -0400, Georges-Etienne Legendre <leg...@legege.com> wrote: > Hi, > > I would like to use Pacemaker to open and mount an encrypted LUKS > partition. Is there an OCS that is already available for LUKS / > dm-crypt? If not, how complicated it is to write one? Any initial > recommendation? > > Here an overview of the device stack: > > MySQL --> ext3 --> LUKS --> DRBD --> LVM --> disk > > I want that when Pacemaker starts DRBD on server and promote it to > become the primary node, it then open the encrypted partition (invoke > cryptsetup luksOpen, then mount if successful). Services like MySQL > will then be started. > > I currently have this setup: MySQL --> ext3 --> DRBD --> LUKS --> LVM > --> disk, which is not ideal. Data is encrypted/decrypted on both > server, which have a performance impact. Also, data is not encrypted > on the wire. > > Thanks in advance, > > -- Georges-Etienne > > > > > _______________________________________________ > Pacemaker mailing list: Pacemaker@oss.clusterlabs.org > http://oss.clusterlabs.org/mailman/listinfo/pacemaker > > Project Home: http://www.clusterlabs.org > Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf > Bugs: > http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker _______________________________________________ Pacemaker mailing list: Pacemaker@oss.clusterlabs.org http://oss.clusterlabs.org/mailman/listinfo/pacemaker Project Home: http://www.clusterlabs.org Getting started: http://www.clusterlabs.org/doc/Cluster_from_Scratch.pdf Bugs: http://developerbugs.linux-foundation.org/enter_bug.cgi?product=Pacemaker
