how do I LUKS encrypt a drive that already has data?

Question

On a CentOS 7 server, I would like to LUKS encrypt the entire hard drive, including a 50GB partition that has already received yum install and a few other updates, but nothing else. But this tutorial says that typing cryptsetup -y -v luksFormat /dev/xvdc will result in the message WARNING! This will overwrite data on /dev/xvdc irrevocably..

I do not want to wipe the hard drive. I just want to encrypt it. What syntax do I use to LUKS encrypt the entire hard drive?

The contents of the hard drive are summarized as follows:

[root@localhost ~]# df -T -h
Filesystem     Type      Size  Used Avail Use% Mounted on
/dev/sda4      ext4       50G  1.1G   46G   3% /
devtmpfs       devtmpfs  3.8G     0  3.8G   0% /dev
tmpfs          tmpfs     3.8G     0  3.8G   0% /dev/shm
tmpfs          tmpfs     3.8G   49M  3.7G   2% /run
tmpfs          tmpfs     3.8G     0  3.8G   0% /sys/fs/cgroup
/dev/sda2      ext4      477M  106M  342M  24% /boot
/dev/sda1      vfat      200M  9.8M  191M   5% /boot/efi
/dev/sda3      ext4      1.8T   77M  1.7T   1% /home

Answer 1

You could make a full backup to another hard drive, then try this unofficial tool called LUKS in-place conversion.

But since you're already making a full backup to an external hard drive, you might as well go down the "official" route of copying the data out, creating a LUKS partition then copying it back. Tip: make sure you preserve permissions on both copy operations!

If you can't/won't make a backup before doing any in-place operations then you're braver than me and I hope you can afford to lose the data ;)