1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

ZFS, Raidz, Labels, and Encryption

Discussion in 'General' started by THEJEWRaVeN, Oct 5, 2010.

  1. THEJEWRaVeN

    THEJEWRaVeN New Member

    Messages:
    1
    Thanks Received:
    0
    Hello all. I'm giving the forum a try before dropping a question to the following:

    http://lists.freebsd.org/mailman/listinfo/freebsd-geom



    Problem:

    When attempting to create a ZFS RAIDZ pool, I get the following message:

    Code:
    cannot create 'tank': one or more devices is currently unavailable
    


    Command used to make this occur:


    Code:
    zpool create tank raidz label/P1SG136D.eli label/P2SGY10S.eli label/P3SG3ERV.eli label/P4SGC4QY.eli \
    label/P5SGYJSC.eli label/P6SG49JV.eli label/P7SG9H9H.eli label/P8SGDF8G.eli
    



    System:


    Asus M3N WS
    Athlon II X2 240
    8gb Kingston DDR2 ECC
    8 X 1.5tb Seagate SATA drives
    60gb IDE drive
    HighPoint RocketRAID 2220 PCI-X
    PCI RivaTNT


    Background Reading as to how I arrived here:

    1. Setting up an encrypted ZFS with FreeBSD

    2. GELI file systems unusable after "glabel label" operations

    3. geli Manpage

    4. [Solved] zpool create <pool> drives fails

    5. ZFS Unavailable


    Overview of What I've Done:

    Reading #1 was used as a rough guideline to make a ZFS pool with geli encryption. I used Reading #4 & #5 to label my drives. I believe one should be able to create an encrypted ZFS pool using labels due to Reading #2. The commands from Reading #1 were slightly modified with help from Reading #3.


    Code:

    Code:
    glabel label -v P1SG136D /dev/da0
    glabel label -v P2SGY10S /dev/da1
    ...
    



    This labels each drive attached to my HighPoint controller with the Port # it is attached to, the company brand, and part of the serial number so that I can easily identify which drive has a problem in the future.



    Code:
    dd if=/dev/random of=/usr/home/THEJEW/P1SG136D.key bs=64 count=1
    dd if=/dev/random of=/usr/home/THEJEW/P2SGY10S.key bs=64 count=1
    ...
    


    Encryption keys are created and placed within my home folder. Home directory is also encrypted, but passphrase is entered at boot (ie. keys are available).


    Code:
    geli init -a HMAC/SHA256 -e AES -l 256 -s 4096 -K /usr/home/THEJEW/P1SG136D.key /dev/label/P1SG136D
    geli init -a HMAC/SHA256 -e AES -l 256 -s 4096 -K /usr/home/THEJEW/P2SGY10S.key /dev/label/P2SGY10S
    ...
    
    


    Preparing to attach key to label to create *.eli in "label" folder. *.eli files do appear in Dolphin.


    Code:
    geli attach -k /usr/home/THEJEW/P1SG136D.key /dev/label/P1SG136D
    geli attach -k /usr/home/THEJEW/P2SGY10S.key /dev/label/P2SGY10S
    ...
    


    Attaching.


    Attempting to create zpool fails (see code in Problem section). Everything attempted as root.



    I imagine I have missed something fairly obvious. Any help is appreciated.