ZFS Replacement of a hard disk in a mirrored, encrypted (geli) root pool

freeBSDNew

New Member


Messages: 7

Hello,

please excuse me if there is already an answer to my question. I could not find one.

So far my question is hypothetical. I plan to install FreeBSD on an encrypted and mirrored zroot. But before I do this, I want to make sure that in case of a disk failure, I also know how to repair the pool.

Installing FreeBSD on a mirrored and encrypted pool is no problem, the installer takes care of that.

I have already found some information on how to replace a disk in a mirrored zroot pool: create a boot partition, copy the boot code to that partition, and create a partition for the zroot, etc. (The question also concerns other encrapted pools than the zroot, i.e. storagepools. Whereas I see here the possibility to resilver the pool in the encrypted state, after the disk swap.)

But in case of the root pool, the working volume must be 'opened' for the system to work.

It should be much more complicated if the root-pool was encrypted using geli.

So, how does this work?

Sincierly
 

T-Daemon

Daemon

Reaction score: 876
Messages: 1,750

I plan to install FreeBSD on an encrypted and mirrored zroot. But before I do this, I want to make sure that in case of a disk failure, I also know how to repair the pool.
I suggest you practice in a virtual machine, like VirtualBox for example. There you can create the exact setup of the physical machine you have in mind and without any risk of losing important data apply the alterations, experiment with different setups, etc.

But in case of the root pool, the working volume must be 'opened' for the system to work.

It should be much more complicated if the root-pool was encrypted using geli.

So, how does this work?
In short:
  1. Install replacement disk
  2. Boot system
  3. Create same partition scheme layout (gpart(8)) on new disk
  4. Copy boot code (gpart(8))
  5. Initialize ZFS partition (geli(8)), choose same passphrase as original disks so during boot a single passphrase is asked, attach partition, check geli status
  6. zpool-replace(8) *.eli disk partition. The disk begins to resilver, check with zpool status progress
  7. Power down machine, remove affected disk
 

SirDice

Administrator
Staff member
Administrator
Moderator

Reaction score: 12,299
Messages: 38,811

If you have a hot-swap system you don't have to power down to install or remove disks. If you build your own system I can definitely recommend getting changeable drive bays. Harddisks are going to break, the only question is when. And you don't want to take your system apart just to replace a disk.
 
Top