Maybe a naive and totally obvious question, but anyway…
Is it still possible to use full-disk encryption with CoreOS?
That said, I am open to alternatives. So another question would be:
How can one ensure proper confidentiality with at-rest encryption in CoreOS otherwise?
I always just consider FDE the easiest thing, which also means you can hardly screw up by e.g. forget to include one thing in the encryption.