Possible (or smart) to put freebsd-boot on USB stick for root-on-ZFS?

Fabian Keil freebsd-listen at fabiankeil.de
Tue Mar 24 11:39:56 UTC 2015

Jason Birch <jbirch at jbirch.net> wrote:

> On Tue, Mar 24, 2015 at 7:56 PM, Mehmet Erol Sanliturk
> <m.e.sanliturk at gmail.com> wrote:
> > On Tue, Mar 24, 2015 at 1:29 AM, Polytropon <freebsd at edvax.de> wrote:
> >> On Tue, 24 Mar 2015 00:49:46 -0700, Mehmet Erol Sanliturk wrote:
> While I appreciate the discussion this has generated, it's not quite
> related to the questions I had around the freebsd-boot partition alone
> being on some removable media, and I'd like to try and steer the
> discussion back in that direction for my benefit (obviously ;)) and
> for the benefit of anyone trawling the lists looking for a similar
> answer.
> For the record, this will be for a reasonably large ZFS file server,
> and so having things like the home directories live on the larger ZFS
> volume (and not the mirrored SSDs) is something I'll probably be
> doing. However, it's more about the partitioning and device
> arrangement once the machine has booted, and that's not quite what I'm
> having difficulties understanding.

The freebsd-boot partition merely contains gptzfsboot(8).

The kernel gets loaded from a freebsd-zfs partition which
can, but doesn't have to, also contain (parts of) the ZFS
root pool.

Given how small it is, I don't see any advantage in putting
the freebsd-boot partition and the freebsd-zfs partition that
contains the kernel on different devices, but putting both on
multiple devices obviously makes the system more robust against
certain failures.

Kernel parts that aren't required for the system to boot do not
have to be on the same ZFS pool as the kernel parts that are.
Nowadays I use system disk layouts like this:

$ gpart show ada0
=>        40  1250263648  ada0  GPT  (596G)
          40         128     1  freebsd-boot  (64K)
         168        1880        - free -  (940K)
        2048      409600     2  freebsd-zfs  (200M)
      411648     8388608     3  freebsd-zfs  (4.0G)
     8800256     8388608     4  freebsd-swap  (4.0G)
    17188864  1233074816     5  freebsd-zfs  (588G)
  1250263680           8        - free -  (4.0K)

That's ElectroBSD's default layout but obviously also works for vanilla
FreeBSD. Partition 2 contains the (unencrypted) ZFS boot pool with the
kernel parts required for booting, partition 3 contains the encrypted
root pool with a complete /boot, and partition 5 contains an encrypted
ZFS data pool (optional).

Once the system is up, the ZFS boot pool can be erased to harden the
system against unsophisticated physical attacks. If you aren't using
encryption, splitting /boot probably has no advantage.

To finally answer the question in the subject: I think it's a pretty
good idea to keep a bootable USB stick around for recovery purposes,
but on production servers I do not put the standard ZFS pools or the
standard freebsd-boot partition on USB sticks.

I sometimes do it for test systems, though. On most of my systems it
works out of the box, some need the patch from:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20150324/a6872a31/attachment.sig>

More information about the freebsd-questions mailing list