Data Disks - marco1475/linux-htpc GitHub Wiki

Creating the RAID1 Disk Array

  1. Install gptfdisk and mdadm:

     pacman -S gptfdisk mdadm

  2. Create a single partition on the first drive:

    1. Start the gdisk partitioning utility on the first drive:

       gdisk /dev/sdb

    2. Create the partition:

      1. Press n and hit Enter to create a new partition.
      2. Press Enter to accept the default partition number (in this case 1).
      3. Press Enter again to accept the default first sector (in this case 2048). TODO: Different disks have different-sized sectors. What is this in MiB?
      4. Enter -100M to set the last sector to be 100 MiB before the last sector, to account for small size differences between identical hard drives.
      5. Enter fd00 to set the partition type to Linux RAID.

    3. Press p to print out the partition table:

       Number Start (sector) End (sector)    Size Code Name
      1           2048   7813832334 3.6 TiB FD00 Linux RAID

    4. Press w to write the partition table to disk.

  3. Create a single partition on the second drive:

    1. Start the gdisk partitioning utility on the first drive:

       gdisk /dev/sdc

    2. Create the partition:

      1. Press n and hit Enter to create a new partition.
      2. Press Enter to accept the default partition number (in this case 1).
      3. Press Enter again to accept the default first sector (in this case 2048). TODO: Different disks have different-sized sectors. What is this in MiB?
      4. Enter -100M to set the last sector to be 100 MiB before the last sector, to account for small size differences between identical hard drives.
      5. Enter fd00 to set the partition type to Linux RAID.

    3. Press p to print out the partition table:

       Number Start (sector) End (sector)    Size Code Name
      1           2048   7813832334 3.6 TiB FD00 Linux RAID

    4. Press w to write the partition table to disk.

  4. Create the RAID array:

     mdadm --create --verbose --level=1 --metadata=1.2 --raid-devices=2 --name=raid1_data /dev/md0 /dev/sdb1 /dev/sdc1

    • mdadm output:

        mdadm: size set to 3906784064K
  mdadm: automatically enabling write-intent bitmap on large array
  mdadm: array /dev/md0 started.

    • While the RAID array is being built you can check on its progress by calling cat /proc/mdstat:

        md0 : active raid1 sdc1[1] sdb1[0]
        3906784064 blocks super 1.2 [2/2] [UU]
        [>....................]  resync = 0.2% (11688832/3906784064) finish=459.0min speed=141432K/sec
        bitmap: 30/30 pages [120KB], 65536KB chunk
  
  unused devices: <none>

  5. Update the mdadm.conf configuration file:

    1. Append the output of mdadm --scan to /etc/mdadm.conf:

       mdadm --detail --scan >> /etc/mdadm.conf

    2. Re-arrange the /etc/mdadm.conf file so that the added line (below) is where it logically belongs:

       ARRAY /dev/md0 metadata=1.2 name=babylon5:raid1_data UUID=fe9fce4d:6abcc818:4da7d7fd:882a0be8

    3. Add an e-mail address to /etc/mdadm.conf so you will be notified if something goes wrong:

       MAILADDR [email protected]
      • Note that you have to have a [E-mail Forwarder](e-mail forwarder) set up.
      • Note that without the MAILADDR entry the mdmonitor service will fail at startup.

  6. Assemble the RAID array:

     mdadm --assemble --scan

  7. Format the RAID filesystem:

     mkfs.ext4 /dev/md0
    • You don't need to worry about chunk size or stripe width, because this is a RAID1 array.

  8. Ensure the RAID array gets built on boot:

    1. Add the mdadm_udev hook to /etc/mkinitcpio.conf's HOOKS section:

       HOOKS="base udev keyboard autodetect modconf block mdadm_udev keymap encrypt filesystems fsck"

    2. Regenerate the initramfs image:

       mkinitcpio -p linux

Encrypting the RAID1 Disk Array

  1. Encrypt the /dev/md0 partition using dm-crypt:

     cryptsetup -s 512 luksFormat /dev/md0
    1. Type YES when prompted for confirmation that all data on /dev/md0 will be overwritten.
    2. Enter the passphrase that will unlock the partition (hint: full+server+partition) and verify it.

  2. Open the encrypted partition:

     cryptsetup open --type luks /dev/md0 cryptdata
    • The encrypted partition can now be accessed through /dev/mapper/cryptdata.

  3. Format the encrypted partition:

     mkfs.ext4 /dev/mapper/cryptdata

  4. Write down the UUIDs of the newly-encrypted and formatted partitions.

     lsblk -no name,uuid
    • Note that the encrypted partition has a different UUID locked vs. unlocked.

  5. Close the partition:

     cryptsetup close cryptdata

Opening the Encrypted RAID1 Disk Array on Boot

  1. Open the encrypted partition:

     cryptsetup open --type luks /dev/md0 cryptdata

  2. Get the UUID of /dev/md0 by executing either of these commands:

     lsblk -no name,uuid
 ls -l /dev/disk/by-uuid/

  3. Edit the /etc/crypttab file to open the encrypted partition:

     <name>       <device>                                     <password>    <options>
 cryptdata    UUID=ed10b92a-e474-4844-83c7-9f2511dc8249    none          luks
    • Use /dev/md0's UUID here.

  4. Edit the /etc/fstab file to mount the opened partition:

     <file system>               <dir>    <type>    <options>                     <dump>    <pass>
 # /dev/mapper/cryptdata
 /dev/mapper/cryptdata       /data    ext4      defaults,errors=remount-ro    0         2
    • Since /dev/mapper/cryptdata already is the result of a unique partition mapping, there is no need to specify an UUID for it.
    • If you use /dev/mapper/cryptdata's UUID you might get error messages about failed unmounts during shutdown.
⚠️ **GitHub.com Fallback** ⚠️