I am implementing a server storage setup making use of software RAID, LVM and LUKS.
I can think of three combinations this configuration could take:
- RAID, LVM, LUKS
- RAID, LUKS, LVM
- LUKS, RAID, LVM
In which order would these best be configured in, where best is in terms of security and maintainability?
I would make the RAID array first because when you will change a disk of the array, it will be tranparent for LUKS and LVM.
If there is no need to keep some partition unencrypted (except for the /boot partition), I would setup LUKS in second because I don't want to have to setup LUKS every time I make a change in my partitions.