Luks, Issuing & Allowing Discards, Enabling Timers, Oh My!

If you're running a system with an SSD it's likely that you've heard of trim, if you're running Linux you may have heard of the fstrim command, and if you're encrypting your drives you're likely using Luks with logical volumes. If all three of these happen to be true on the same system you may need to update a couple things to ensure your drive(s) are able to benefit from trimming.

Drive before you buy

Before you go any further with this post make sure you really need to do any of this. Escalate your privileges to root and run a couple commands:

The first thing to check is that discards are enabled on your encrypted device. If don't see allow_discards on your encrypted device fstrim will not work on any volume within that device.

Example encrypted device missing the discard option:
dmsetup table --showkeys
cr_ata-XXX-YYY-partZ /dev/disk/by-id/ata-XXX-YYY-partZ: 0 12345 crypt aes-xts-plain64 XXYYZZ 0 8:3 4096

Assuming you've encrypted root ("/") we'll check if the fstrim command works there by running the following command fstrim /.

Example fstrim command (success):
  • If there's no stdout the volume is trimmed meaning it's working.
  • If there's stdout indicating there's some number of bytes being trimmed, it's working.
fstrim /
/: 185.6 MiB (194564096 bytes) trimmed
Example fstrim command (failure):
  • If the command fails with "operation is not supported" it means its not working and you should continue reading.
fstrim /
fstrim: /: the discard operation is not supported

Enabling Discards

It's no secret, I use OpenSUSE (Tumbleweed) for my day-to-day operations and development and I have been a Tumbleweed user for some time. I love the platform and the fact it aims to be different from the pack of Ubuntu and Fedora sheep. While it's a great platform, it does, at times, leave some things untuned or otherwise entirely up to the user to deal with. One such thing totally up to the user to deal with is the ability to Issue and Allow discards on luks encrypted volumes. Now, there are good reasons for issue_discards within LVM to be disabled by default and discards to be omitted from crypttab however if you want to maximize the performance of your SSD when using encrypted volumes, enabling these things is needed.

Updating your config(s)

  • Edit the file /etc/lvm/lvm.conf and set issue_discards to 1.
Example lvm.conf update:
    # Issue discards to a logical volumes's underlying physical volume(s) when
    # the logical volume is no longer using the physical volumes' space (e.g.
    # lvremove, lvreduce, etc).  Discards inform the storage that a region is
    # no longer in use.  Storage that supports discards advertise the protocol
    # specific way discards should be issued by the kernel (TRIM, UNMAP, or
    # WRITE SAME with UNMAP bit set).  Not all storage will support or benefit
    # from discards but SSDs and thinly provisioned LUNs generally do.      If set
    # to 1, discards will only be issued if both the storage and kernel provide
    # support.
    # 1 enables; 0 disables.
    issue_discards = 1
  • Edit the file /etc/crypttab and ensure discard is set as an option.
Example crypttab update:
cr_ata-XXX-YYY-partZ /dev/disk/by-id/ata-XXX-YYY-partZ none discard

Update the initrd and reboot.

Once these changes are in place, run the mkinitrd and then reboot now shutdown -r now. With the system rebooted you should see the "allow_discards" enabled on your encrypted volumes.

Example encrypted device with the discard option:
dmsetup table --showkeys
cr_ata-XXX-YYY-partZ /dev/disk/by-id/ata-XXX-YYY-partZ: 0 12345 crypt aes-xts-plain64 XXYYZZ 0 8:3 4096 1 allow_discards

Enable an fstrim timer.

To ensure you're system is trimmed regularly enable an fstrim timer. On most Linux system with systemd the fstrim.timer is already present, it's just not enabled. If you don't have an fstrim timer already available here's what you'll need:

  • Create the file /etc/systemd/system/fstrim.timer.
[Unit]
Description=Discard unused blocks once a week
Documentation=man:fstrim

[Timer]
OnCalendar=weekly
AccuracySec=1h
Persistent=true

[Install]
WantedBy=timers.target
  • Create the file /usr/lib/systemd/system/fstrim.service.
[Unit]
Description=Discard unused blocks

[Service]
Type=oneshot
ExecStart=/usr/sbin/fstrim -av
  • Reload the systemd daemon, systemctl daemon-reload.

With the fstrim.timer ready enable it systemctl enable fstrim.timer and verify it's running by checking the status, systemctl status fstrim.timer.

● fstrim.timer - Discard unused blocks once a week
   Loaded: loaded (/etc/systemd/system/fstrim.timer; enabled; vendor preset: enabled)
   Active: active (waiting) since Sun 2017-05-28 21:16:07 CDT; 2h 22min ago
     Docs: man:fstrim

May 28 21:16:07 cloudnull-x1 systemd[1]: Started Discard unused blocks once a week.

All done, great success.