On Sat, 17 Nov 2018 12:50:09 +0200 Nikos Vassiliadis <nv...@gmx.com> wrote:
> Hi Marco, > > On 11/17/18 12:18 AM, Marco Steinbach wrote: > > Hi. > > > > I'm using 11.2-RELEASE r335510 amd64 GENERIC in an Oracle VirtualBox > > setup on FreeBSD, which is what comes out of the box, when > > installing 11.2 from the distribution media. > > > > > > I'm trying to wrap my head around on how to avoid a zpool resilver > > on a non-booting ZFS raidz1 of off four equally sized (GPT) > > partitions on four distinct drives using eli for encyption. > > > > IOW: I do struggle with finding a way to attach all the > > providers such, that ZFS does not initiate a resilver due to the > > providers being attached sequentially. > > > > I've created and initialized the partitions as follows (generic > > notation, comments on chosen encryption algo welome, since this > > testing setup lacks AES-NI): > > # gpart create -s gpt /dev/ada[2-5] > > # gpart add -t freebsd-zfs /dev/ada[2-5] > > # geli init -e AES-CBC -l 128 /dev/ada[2-5]p1 > > > > Then I attached the geli partitions like so: > > # geli attach /dev/ada[2-5]p1 > > > > And finally created a raidz1 spanning all four partitions: > > # zpool create u0001 raidz1 /dev/ada[2-5]p1.eli > > > > That works flawlessly. And naturally, after a reboot none of the > > encrypted devices is available to the zpool then, unless I attach > > them. > > > > Doing so using geli attach requires me to attach them sequentially, > > which then results in ZFS resilvering the pool. > > > Why don't you just export the pool before shutting down? Since > you already attach GELI manually, it'd make sense to import the pool > manually as well. This solution never occured to me -- you are right :) > You could automate the import using devd and some scripting, that is, > detect when all GELIs are there and then run zpool import. > > > > So, here's my questions: > > > > 1. Is the inavoidable resilver intended behaviour based on current > > implementation, or am I missing something ? > > It makes sense to resilver, given that ZFS will try to import the pool > as soon as enough devices appear. I am not sure whether it is > unavoidable though. As per your suggestion, exporting the pool during shutdown would avoid this altogether. I just tried Bens suggestions, and they work like a charm in 11.2 and 12-RC1 -- ridding me of any manual intervention apart from entering the passphrase, just relying on the base systems capabilities. Exactly what I was looking for :) Thanks again for your thoughts. > > 2. In case I use a bootable zfsroot (cudos to allanjude@, I > > highly recommend his BSDCan presentations on the matter), is > > there a way to hand over the zfsroot passphrase to eli for > > automatically attaching other providers ? > > > > Please note, that I'd like to stick as close as possible to what the > > base system offers for this use-case. > > > > MfG CoCo > > MfG CoCo _______________________________________________ freebsd-geom@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-geom To unsubscribe, send any mail to "freebsd-geom-unsubscr...@freebsd.org"