Open nustiueudinastea opened 4 years ago
Another option is to use lvm encrypted volumes. An example Docker plugin that does this: https://github.com/containers/docker-lvm-plugin
Apparently ZFS has slow encryption with high impact on CPU usage, which might totally kill the small VMs that Protos is targeting. Monitor how the situation evolves: https://github.com/openzfs/zfs/issues/10066 and https://github.com/openzfs/zfs/pull/9749
Ideally this should be done per application, using something like encrypted ZFS volumes. If Btrfs gains per-volume encryption, than Btrfs should be used.