I would like to build a RAID1/BTRFS/Luks setup. What I found about it so far is:
An encrypted Btrfs file system can be created on top of the dm_crypt disk encryption subsystem and Linux Unified Key Setup (LUKS) layer, which supports a variety of encryption standards. However, this approach disables some of the capabilities and advantages of using Btrfs on raw block devices, such as automatic solid-state disk support and detection.
What's the best approach to implement this solution?
/dev/sda1 < 500 Gb
/dev/sdb1 < 500 Gb
/dev/md0 < RAID1 stripe < Luks < BTRFS < snapshots
Would a setup like this work?
I can't see other way of doing it without losing BTRFS-es snapshot capabilities.
I could setup the raid without mdadm with btrfs like:
mkfs.btrfs -m raid1 -d raid1 /dev/sda /dev/sdb
but then I got btrfs right on the top where I can only drop luks encrypted images. Even if 1 bit changes inside an image will affect the snapshots of btrfs (aka it will copy the whole image file again)..
Best Answer
The important thing to note is that if you use md for the mirroring and create btrfs on top of it with "-d single" you will lose the ability to recover from bitrot errors (btrfs will still detect them)
So the best solution for your case would be your second example:
raw device -> LUKS -> btrfs RAID1 from the LUKS devices
loan already answered the TRIM/discard part for you and there is nothing for me to add there