How to mirror an existing freebsd-boot and auto-update backup efi partition?

[tkoham]

Hello Everyone,

It's been a pretty big chunk of time since I had to set up a new appliance on freebsd, and quite a bit has changed since.

I recently set up a storage server for, among other things, footage ingest/davinci resolve databases on FreeBSD 15.0, and it's been working pretty well. Finally being able to expand drives in RAIDs piecemeal is a game changer, and there's other quality of life improvements that make me wonder what I waited so long to upgrade for.

I realized recently that I'll have a spare sata port on the motherboard controller once I max out the HDD pool, so I figured, hey, I should probably mirror the boot drive.

Only, the last time I did this, everything was MBR. The current handbook doesn't go into a lot of detail about adding bootcode, and stuff online seems to be mostly for older releases or seems inconsistent with what I'm seeing on my install. I was hoping I could get a little help with what I'm missing.

What I've done so far is recreate the exact partition table of the original boot drive with gpart:

=>       40  234441568  ada0  GPT  (112G)
         40     532480     1  efi  (260M)
     532520       1024     2  freebsd-boot  (512K)
     533544        984        - free -  (492K)
     534528   16777216     3  freebsd-swap  (8.0G)
   17311744  217128960     4  freebsd-zfs  (104G)
  234440704        904        - free -  (452K)

=>       40  234441568  ada1  GPT  (112G)
         40     532480     1  efi  (260M)
     532520       1024     2  freebsd-boot  (512K)
     533544        984        - free -  (492K)
     534528   16777216     3  freebsd-swap  (8.0G)
   17311744  217128960     4  freebsd-zfs  (104G)
  234440704        904        - free -  (452K)

Then, I used zpool attach to mirror ada0p4, let it resilver, and added the second swap partition to /etc/fstab. + restarted the swap service. (Don't really see a point in mirroring swap, correct me if there is one)

This is where things start to diverge from the old MBR days. You used to just be able to run a one-liner command to get that done. Not sure that's still the case.

I don't think you can mirror the efi partition, since it has to be fat32 and exposed to the UEFI, and it seems like people just manually copy the loader.efi over to the new drive after each update. Which is what I did by running:

newfs_msdos -F 32 -c 1 /dev/ada1p1
mount -t msdosfs /dev/ada1p1 /mnt
mkdir -p /mnt/EFI/BOOT
cp /boot/loader.efi /mnt/EFI/BOOT/BOOTX64.efi

However: if there's a built-in function of the base system that can manage or auto-update that, I'd love to know.

From here, I'm a little lost. Do I need to convert ada0p2 into a mirror with gmirror? is there a utility to tell the system to write to and update it in conjunction with the original partition? Do I just manually DD it over? (that last one seems pretty dirty if it is the only option)

Any pointers or help would be appreciated. Thanks in advance!

 

[T-Daemon]

However: if there's a built-in function of the base system that can manage or auto-update that, I'd love to know.

There is no utility in the base to add and update boot code specifically (not counting gpart(8) bootcode argument).

There is sysutils/loaders-update in ports (created by forums user Emrion by the way), but I haven't used it. It updates bootcode but I don't know if it adds bootcode on multiple ESPs and freebsd-boot partitions, including creating the filesystem in case of a ESP.

Fresh system installations, though, add loader.efi(8) on all present disks (on the 14, 15, and 16 branches), see commit

bsdinstall: Add loader.efi to all ESPs we create

From here, I'm a little lost. Do I need to convert ada0p2 into a mirror with gmirror? is there a utility to tell the system to write to and update it in conjunction with the original partition? Do I just manually DD it over? (that last one seems pretty dirty if it is the only option)

No, there is no need to mirror ada0p2 (I don't know if it's even possible to create a bootable system mirroring BIOS boot code on freebsd-boot). The reason to have boot code on all disks is when one disk fails (or is removed), the other disk(s) being able to boot the system. There is no point to mirror them.

Appropos dd(1), instead of

manually copy the loader.efi over to the new drive after each update. Which is what I did by running:

newfs_msdos -F 32 -c 1 /dev/ada1p1
mount -t msdosfs /dev/ada1p1 /mnt
mkdir -p /mnt/EFI/BOOT
cp /boot/loader.efi /mnt/EFI/BOOT/BOOTX64.efi

you could run the (not dirty at all) one-liner dd if=/dev/ada0p1 of=/dev/ada1p1 bs=1m.

 

[Emrion]

I don't know if it adds bootcode on multiple ESPs and freebsd-boot partitions,

It does.
Edit: for efi, it does not add, it updates if there is already a FreeBSD loader, it won't write a new file. For a freebsd-boot partition it can put a BIOS loader if you select the -f option. It will take then the root file system as hint to know which file put in it (gptzfsboot or gptboot).

including creating the filesystem in case of a ESP.

It doesn't by design. It cannot take the responsibility to format a partition. That's up to the admin in my opinion.

Edit: the overall point of this software is to update, not put or create loader. You (or the installer) have to write them at the first place.

 

[Alain De Vos]

geom mirror (gmirror) ?. But i never used it. And be carefull with gpt , they conflict.