From owner-freebsd-questions@FreeBSD.ORG Thu Dec 27 03:29:28 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2D2AD16A418 for ; Thu, 27 Dec 2007 03:29:28 +0000 (UTC) (envelope-from jy-p@fixedpointgroup.com) Received: from mail.smartchem.us (mail.smartchem.us [70.227.131.10]) by mx1.freebsd.org (Postfix) with ESMTP id F0C4813C459 for ; Thu, 27 Dec 2007 03:29:27 +0000 (UTC) (envelope-from jy-p@fixedpointgroup.com) Received: from [10.0.0.112] (unknown [10.0.0.112]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.smartchem.us (Postfix) with ESMTP id 1DFB643243 for ; Wed, 26 Dec 2007 21:10:03 -0600 (CST) Message-ID: <4773176E.7060702@fixedpointgroup.com> Date: Wed, 26 Dec 2007 21:09:34 -0600 From: Jacob Yocom-Piatt Organization: Fixed Point Group LLC User-Agent: Mail/News 1.5.0.10 (X11/20070430) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: zfs-geli-zfs: opinions/suggestions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jy-p@fixedpointgroup.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 27 Dec 2007 03:29:28 -0000 lo all, have a freebsd 7.0-beta4 machine attached to an external disk enclosure and would like feedback on the following setup: have RAID-Z on 4 disks, ZFS volume that takes up entire RAID-Z, use ZVOL from volume for encryption via geli, use .eli (decrypted) device to make another ZFS pool. the idea being "no time/resources wasted doing fscks plus encryption sans hardware RAID". translated to commands this reads: # zpool create p_a raidz /dev/mfid1 /dev/mfid2 /dev/mfid3 /dev/mfid4 # zpool list NAME SIZE USED AVAIL CAP HEALTH ALTROOT p_a 2.72T 4.02G 2.71T 0% ONLINE - # zfs create -V 2048g p_a/vol # geli init -K /root/p_a.key -s 4096 -l 256 /dev/zvol/p_a/vol # geli attach -k /root/p_a.key /dev/zvol/p_a/vol # zpool create a /dev/zvol/p_a/vol.eli i got a reboot while scp-ing some files to /a (only got ~3 GB in) from another machine with the above setup. am currently waiting far too long for a rm -R to complete under /a. will test if any of this behavior is repeatable. i welcome opinions or suggestions on the stability of such a setup (ZFS-geli-ZFS) and if this is not stable, as the reboot i just experienced would indicate, suggestions on alternative configurations that allow use of geli and minimize or eliminate fsck time. i do have a preference for no hardware RAID since it ties us to a particular card. will furnish a proper bug report if the reboots are repeatable in the aforementioned scenario. NOTE: please CC me since i am not yet subscribed to this list cheers, jake --