Regrettably, Denise is correct. There’s been no progress. A data centre provider hosting services I oversee was attacked aggressively shortly after my last message in the thread. The services were OK, but the event merited full attention on enhancements to data centre strategies, and away from RancherOS for the time being. Hopefully, this is understandable, but should also serve the case of implementing security (e.g. encryption) wherever it makes sense and is possible through the stack
In the thread Darren (A.K.A ibuildthecloud) implies the RancherOS paradigm is DIY when it comes to storage and its encryption; it really is outside their scope. Without knowing exactly what the rancherOS install does, it’s hard to say if the approach I suggested would work, and I’ve sense warmed up to the idea of not encrypting the entire host system anyway (just the app disk/partitions/volumes) due to ease, less risk to the host system, has the appearance of no encryption at all if the storage is first hit with a dd if=/dev/urandom, etc. This should be possible as described or similarly enough in the thread, although docker run --privileged didn’t appear to be mentioned and would likely be needed.
Hoping this helps,