• pvcreate /dev/sdb
• pvcreate /dev/sda

• vgcreate webster /dev/sda /dev/sdb
• lvcreate -l 99%FREE -m1 -n websterlv webster
  • Note: The 99% value is helpful if you have to replace one member of the member with another disk. The new disk may have the same specified capacity, but might actually be ever so slightly smaller (or larger), which would make this impossible without reducing the logical volume and file system size first.
  • Another example: 3-disk RAID 5 mirror: lvcreate --type raid5 -i 2 -l 99%FREE yoko -n yoko

• cryptsetup luksFormat /dev/mapper/webster-websterlv
• cryptsetup luksOpen /dev/mapper/webster-websterlv webstercrypt

e.g.

• mkfs.xfs /dev/mapper/webstercrypt
• mkfs.ext4 /dev/mapper/webstercrypt
• or whatever you like

• mount /dev/mapper/webstercrypt /mnt/webster

or an fstab entry:

• /dev/mapper/webstercrypt /mnt/webster xfs defaults,rw,noauto 0 0
  • Note: noauto would be important, because the luks container has to be unlocked first.

Note: At this point, there are now several abstraction levels:

To mount the volume on the next boot, you'll have to follow these steps:

1. cryptsetup luksOpen /dev/mapper/webster-websterlv webstercrypt
2. mount /dev/mapper/webstercrypt /mnt/webster

One way to semi-automatically mount the encrypted volume after each boot is described in this article. In this scenario, you can issue a single command after booting, enter the password and systemd will take care of the unlocking, mounting and starting the services depending on that data.

1. vgreduce –removemissing –mirrorsonly –force megacherry

1. There is no device node in /dev/mapper. Re-activate the volume group:
   vgchange -ay x