How does unraid handle a encrypted container stored on the array and mounted on a remote machine?

[je82]

Hello.

 

How will unraid deal with a large encrypted containers that is stored on the array and mounted on a remote computer via SMB?

I mean unraid has some kind of intelligence knowing that "new files" are going to the cache for the nightly "move to array" but if you're mounting a encrypted container that is already stored on the array on a remote computer and you send files to the encrypted container how does this work on unraid?

 

How does unraid know there are new files, the mount point is not on unraid. New files created in the container, will they hit the array directly or will they hit the cache first? If the share that is hosting the encrypted container has more than 1 drive available, what happens when unraid is essentially splitting the container over multiple drives?

 

Any ideas if it is possible use encrypted containers with unraid? And theorettically how does it work?

Edited November 12, 2019 by je82

[itimpi]

What does the encrypted container look like at the Unraid file system level?  If it looks like a large file then Unraid will not be aware that you are writing new files do it, but merely see it as a file that is being updated in place and the cache does not get involved (unless the container file is currently on the cache).

Edited November 12, 2019 by itimpi

[je82]

1 hour ago, itimpi said:

What does the encrypted container look like at the Unraid file system level?  If it looks like a large file then Unraid will not be aware that you are writing new files do it, but merely see it as a file that is being updated in place and the cache does not get involved (unless the container file is currently on the cache).

Not exactly sure how to answer this. I'm thinking of something like a veracrypt container which to unraid looks like one single file, you then mount it on a system in order to gain access to its contents. The mounted contents are displayed as a drive on the local system which mounted the volume, but the container that is mounted is hosted on the unraid array.

 

How unraid sees the container i have no idea, my guess is it just sees it as one file? I was just interested in knowing how unraid deals with such scenarios because if unraid splits the veracrypt container data over multiple drives i believe the container would be corrupt but perhaps that cannot happen cause unraid only sees it as one file?

 

That would also mean it bypasses the cache completely too? I guess only one way to find out is to try it, i personally don't need this but a client did want to have certain documents encrypted in their own containers on an already encrypted array.

 

But if unraid only sees it as one file, and if you add data to the container how does the parity drives deal with it on a technical level? Is the container restorable via parity? I am intrigued how this works.

Edited November 12, 2019 by je82

[JonathanM]

10 minutes ago, je82 said:

if unraid splits the veracrypt container data over multiple drives

Each file in unraid can only exist on one drive. The cache pool is just another array drive for this discussion.

 

Only new files written to a cache yes share will be created and accessed from the cache drive, and if the file is not in use when the mover runs, it will be transferred to an array drive. Further accesses and edits to that file will only occur on the array drive.

 

Unraid never splits files across array drives, so the maximum space available to a container file is the free space on any single drive.