How to Create Encrypted Resources? (User Guide Incomplete)

I read the Linstor and DRBD user guides, and did the following, but the guides do not explain what to do next.

linstor encryption create-passphrase
linstor enter passphrase
linstor resource-group create --storage-pool sp0 --place-count 2 -l LUKS,STORAGE rg0
linstor resource-group set-property rg0 PeerSlotsNewResource 3
linstor resource-group drbd-options rg0 --auto-promote=no
linstor rg spawn-resources rg0 site622 500G

image711×133 3.36 KB

All that worked, and it leaves me with a resource that is in state “created” on both nodes. I’m used to seeing “UpToDate” and “Syncing”.

What’s the next step to bring the encrypted resource up so I can put a filesystem on it?

The layer-list you used here doesn’t include replication (DRBD).
linstor resource-group create --storage-pool sp0 --place-count 2 -l LUKS,STORAGE rg0
You’ve created just simple LVM volumes with LUKS encryption. Please note the user’s guide here where it mentions adding a DRBD layer.

Basic steps to use encryption:

1. Create a master passphrase
2. Add luks to the layer-list. Note that all plugins (e.g., Proxmox) require a DRBD layer as the top most layer if they do not explicitly state otherwise.
3. Don’t forget to re-enter the master passphrase after a controller restart.

Try adding DRBD to your layer list.
linstor resource-group create --storage-pool sp0 --place-count 2 -l DRBD,LUKS,STORAGE rg0