ZFS Replace GELI encypted drive in pool

[vendion]

I have a pool with two drives in a mirror configuration, one of the two drives is throwing CKSUM errors when this pool is scrubbed and there are errors when I check this disk with smartmontools so I know this drive needs replacing no doubt. This is the first time that I had to replace a drive in a pool and when searching most of the documentation on doing this seems more geared towards raidz configurations not mirrored disks, and to (possibliy) complicate things a bit both drives are GELI encrypted. My other drive looks good so I'm not to concerned about the resilvering process when I do swap the failing drive. I just want to make sure that when I do replace the drive that I do so correctly, my thoughts on this process is as follows:

1. Shutdown the system (I will have to have to open the case to pull the failing drive)
2. Physically swap the disk
3. Boot up the system and format and re-encypt the drive with GELI
4. Use zpool replace to start the resilvering process for this pool

Is this correct or will doing that cause issues?

Disk and Pool info:

  pool: tank
 state: ONLINE
status: One or more devices has experienced an unrecoverable error.  An
    attempt was made to correct the error.  Applications are unaffected.
action: Determine if the device needs to be replaced, and clear the errors
    using 'zpool clear' or replace the device with 'zpool replace'.
   see: http://illumos.org/msg/ZFS-8000-9P
  scan: scrub in progress since Tue Jun 25 15:15:26 2019
    16.1G scanned at 4.48M/s, 15.8G issued at 4.39M/s, 16.1G total
    2.59M repaired, 98.13% done, no estimated completion time
config:

    NAME            STATE     READ WRITE CKSUM
    tank            ONLINE       0     0     0
      mirror-0      ONLINE       0     0     0
        ada4p1.eli  ONLINE       0     0     0
        ada5p1.eli  ONLINE       0     0   388

errors: No known data errors

smartctl 7.0 2018-12-30 r4883 [FreeBSD 12.0-RELEASE-p6 amd64] (local build)
Copyright (C) 2002-18, Bruce Allen, Christian Franke, www.smartmontools.org

=== START OF INFORMATION SECTION ===
Model Family:     Western Digital RE4-GP
Device Model:     WDC WD2002FYPS-02W3B0
Serial Number:    WD-WCAVY6913214
LU WWN Device Id: 5 0014ee 2b0694043
Firmware Version: 04.01G01
User Capacity:    2,000,398,934,016 bytes [2.00 TB]
Sector Size:      512 bytes logical/physical
Rotation Rate:    5400 rpm
Device is:        In smartctl database [for details use: -P show]
ATA Version is:   ATA8-ACS (minor revision not indicated)
SATA Version is:  SATA 2.6, 3.0 Gb/s
Local Time is:    Tue Jun 25 16:17:41 2019 EDT
SMART support is: Available - device has SMART capability.
SMART support is: Enabled

=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: FAILED!
Drive failure expected in less than 24 hours. SAVE ALL DATA.
See vendor-specific Attribute list for failed Attributes.

General SMART Values:
Offline data collection status:  (0x84)    Offline data collection activity
                    was suspended by an interrupting command from host.
                    Auto Offline Data Collection: Enabled.
Self-test execution status:      (   0)    The previous self-test routine completed
                    without error or no self-test has ever
                    been run.
Total time to complete Offline
data collection:         (42600) seconds.
Offline data collection
capabilities:              (0x7b) SMART execute Offline immediate.
                    Auto Offline data collection on/off support.
                    Suspend Offline collection upon new
                    command.
                    Offline surface scan supported.
                    Self-test supported.
                    Conveyance Self-test supported.
                    Selective Self-test supported.
SMART capabilities:            (0x0003)    Saves SMART data before entering
                    power-saving mode.
                    Supports SMART auto save timer.
Error logging capability:        (0x01)    Error logging supported.
                    General Purpose Logging supported.
Short self-test routine
recommended polling time:      (   2) minutes.
Extended self-test routine
recommended polling time:      ( 431) minutes.
Conveyance self-test routine
recommended polling time:      (   5) minutes.
SCT capabilities:            (0x303f)    SCT Status supported.
                    SCT Error Recovery Control supported.
                    SCT Feature Control supported.
                    SCT Data Table supported.

SMART Attributes Data Structure revision number: 16
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME          FLAG     VALUE WORST THRESH TYPE      UPDATED  WHEN_FAILED RAW_VALUE
  1 Raw_Read_Error_Rate     0x002f   137   137   051    Pre-fail  Always       -       131545
  3 Spin_Up_Time            0x0027   253   242   021    Pre-fail  Always       -       8616
  4 Start_Stop_Count        0x0032   100   100   000    Old_age   Always       -       86
  5 Reallocated_Sector_Ct   0x0033   029   029   140    Pre-fail  Always   FAILING_NOW 1365
  7 Seek_Error_Rate         0x002e   200   200   000    Old_age   Always       -       0
  9 Power_On_Hours          0x0032   061   061   000    Old_age   Always       -       28546
 10 Spin_Retry_Count        0x0032   100   253   000    Old_age   Always       -       0
 11 Calibration_Retry_Count 0x0032   100   253   000    Old_age   Always       -       0
 12 Power_Cycle_Count       0x0032   100   100   000    Old_age   Always       -       85
192 Power-Off_Retract_Count 0x0032   200   200   000    Old_age   Always       -       60
193 Load_Cycle_Count        0x0032   119   119   000    Old_age   Always       -       243032
194 Temperature_Celsius     0x0022   113   103   000    Old_age   Always       -       39
196 Reallocated_Event_Count 0x0032   001   001   000    Old_age   Always       -       1365
197 Current_Pending_Sector  0x0032   197   197   000    Old_age   Always       -       1173
198 Offline_Uncorrectable   0x0030   200   197   000    Old_age   Offline      -       0
199 UDMA_CRC_Error_Count    0x0032   200   200   000    Old_age   Always       -       8
200 Multi_Zone_Error_Rate   0x0008   001   001   000    Old_age   Offline      -       157652

SMART Error Log Version: 1
No Errors Logged

SMART Self-test log structure revision number 1
Num  Test_Description    Status                  Remaining  LifeTime(hours)  LBA_of_first_error
# 1  Short offline       Completed without error       00%     13183         -

SMART Selective self-test log data structure revision number 1
 SPAN  MIN_LBA  MAX_LBA  CURRENT_TEST_STATUS
    1        0        0  Not_testing
    2        0        0  Not_testing
    3        0        0  Not_testing
    4        0        0  Not_testing
    5        0        0  Not_testing
Selective self-test flags (0x0):
  After scanning selected spans, do NOT read-scan remainder of disk.
If Selective self-test is pending on power-up, resume after 0 minute delay.

 

[PMc]

On mirrored pools the process can be done simpler: you can just add the new disk as a 3rd mirror, and then remove the old one later (attach/detach).

GELI should not be much of an issue, only take care that you talk to ZFS always and only about the *.eli devices (which, obviousely, must exist at that point).

 

[vendion]

Would it matter if one of the disks in an external enclosure during that? I don't have an free SATA port on the motherboard/free power to support having a 3rd drive internally in the case for this pool which is why I was wondering if pulling the old drive and putting in the new one before updating the ZFS mirror would work. I worry that the device identifier changing once the disk is in the pool would cause an issue.

 

[PMc]

Would it matter if one of the disks in an external enclosure during that?

I'm not sure (I don't use external drives). In my experience ZFS did always properly find it's drives, but others reported about problems, so this may depend on the specific hardware. You might try it out, there is not more risk involved than the other way.

I don't have an free SATA port on the motherboard/free power to support having a 3rd drive internally in the case for this pool which is why I was wondering if pulling the old drive and putting in the new one before updating the ZFS mirror would work

This should also work, as it is the same procedure as with raidZ. But here one could also use detach and attach, i.e. detach the broken drive before swapping it. In any case it depends on the remaining good drive staying alive during the procedure (and not making any typing errors, as always ).

Tip: When I did such things for the first time with valuable data, and wasn't yet sure about the proper commands, I usually did create some partitions on usb sticks, create some small pool out of them, and tried the possible procedures with these first.

 

[vendion]

Okay, that sounds not too much different than what I was thinking the process would be. I'm not too concerned with data loss as I already backuped up the data on the pool to a external drive I know to be healthy. I do worry about the other drive in is currently in the pool due to it has the same amount of use time as the failing drive so I wouldn't be too surprised if it starts failing soon as well.

Thank you for taking the time to answer my questions on this process.