Striped mirror raid10
Brandon J. Wandersee
brandon.wandersee at gmail.com
Wed Jun 1 18:03:25 UTC 2016
Bernt Hansson writes:
> Hello list!
>
> I have set up a striped mirror;
>
> root at testbox:~ # gmirror status
> Name Status Components
> mirror/gmirror0 COMPLETE ada0 (ACTIVE)
> ada1 (ACTIVE)
> mirror/gmirror1 COMPLETE ada2 (ACTIVE)
> ada3 (ACTIVE)
> root at testbox:~ # gstripe status
> Name Status Components
> stripe/stripe0 UP mirror/gmirror0
> mirror/gmirror1
>
> /dev/stripe/stripe0 1.8T 4.0K 1.8T 0% /raid10
>
> Now I want to encrypt it, but is that wise? I mean you can remove a
> disk from the mirror, won't that break the encryption? And the
> mirror/stripe.
Encrypt the disks/partitions themselves, not the stripe or mirror. You
can then create mirrors of the resulting *.eli device nodes, then create
a stripe from the mirrors. You can unlock the disks/partitions at boot
thus:
1) First, run `geli configure -b <disk/partition>` on each encrypted
disk/partition, so you will be prompted for the passphrase for each
encrypted partition during boot.
2) Next, add the line 'geom_eli_passphrase_prompt=YES' to the file
/boot/loader.conf. This will add a passphrase prompt the boot menu,
allowing you to enter the passphrase for the disks one time only,
before the boot process begins.
--
:: Brandon J. Wandersee
:: brandon.wandersee at gmail.com
:: --------------------------------------------------
:: 'The best design is as little design as possible.'
:: --- Dieter Rams ----------------------------------
More information about the freebsd-questions
mailing list