Why does the root need to be encrypted? What's wrong with an unencrypted root and /var and /home and swap and /mnt/storage being on encrypted partitions/zpools?
I boot my machines and then ssh into them with a script that pipes a local gpg -d to them to unlock their disks, mount appropriate filesystems, and start necessary daemons. Unless the daemons are poorly-behaved, no data that is specific to me aside from the host's SSH key is ever written to the root - only the OS/distro files.
The root file system still, at the very least, records access times of all files, so an analysis of the the root file system releals, for all programs, when you last ran them, and for all libraries, when they were most recently loaded, etc. With Linux defaults, IIRC this timestamp has a limitied granularity of a day, but this can be telling enough.
That will work if you are sure that all the sensitive information you want to protect goes exclusively to the encrypted file system. Which is a tall order and security headache by itself.
I boot my machines and then ssh into them with a script that pipes a local gpg -d to them to unlock their disks, mount appropriate filesystems, and start necessary daemons. Unless the daemons are poorly-behaved, no data that is specific to me aside from the host's SSH key is ever written to the root - only the OS/distro files.
I thought this is what everyone does.