I’m in the process of migrating my data from the old GELI pool structure to the new ZFS encrypted pool. I was not able to find really good information on it initially, and the documentation seems to be rather poor. I’m guessing there are quite a few others out there trying to wrap their heads around this change as well. These are a couple of posts I’ve found helpful.
2 Likes
I am just starting my research process.
I see that there are some forum posts around essentially dropping the disks from the pool one at a time, removing the encryption and replacing, allowing the pool to resilver, rinse, repeat.
This makes sense logically- the GELI encryption took place at the disk level, so one should in theory be able to remove each disk from the pool, and then re-add. I have no clue if this is anywhere near a best practice though, it seems like it is not.
I am flexible in that I have some unused disks that I can create a “test-pool” with and then transfer the data off my primary pool, destroy the existing pool, create a new pool and transfer back.
Any idea on if dropping & re silvering or if creating a new pool is closer to a best practice?
It should be noted that I do have my TrueNAS replicating offsite to another TrueNAS, so I have a full backup. (Plus some of the more critical stuff is also being send to B2 cloud.)
It’s been quite a while since I’ve done any reading on this, but I think the removing and reinserting will just recreate the existing encryption. I think the only way is to move the data to a new pool.
1 Like