FAI with RAID+CRYPT+LVM

Paul Schulz paul at mawsonlakes.org
Tue Sep 20 13:36:41 CEST 2016 

Woot! (.. for setup-storage anyway)
Thanks everyone for your suggestions.

The solution to my problem is to not worry about the name of the
'cryptsetup' partition, 'setup-storage' handles this automatically.

Cryptsetup is called and creates a device called "crypt_format_md1" (in my
case) which is then fed correctly to LVM.

Can this be put into the documentation somewhere?
(./man/setup-storage.8 ?) I only found this out somewhat by accident.

Cheers,
Paul

ps. FAI installes the system installs but doesn't boot, so that's the next
thing to solve. Fails to decrypt the luks partition and find
/dev/mapper/Base-Root


On Fri, 16 Sep 2016 at 00:58 Paul Schulz <paul at mawsonlakes.org> wrote:

> I am still having an isse with the setup-disk configuration
>
> I'm now getting the following error after the file is parsed..
> "Cannot determine size of /dev/mapper/md1_crypt - scheme unknown"
>
> See attached files:
>   raid1-disk1-disk2t.txt - Just RAID1
>   lvm-disk1-disk2.txt - RAID1+LVM (works)
>   crypt-disk1-disk2.txt - RAID1+CRYPT+LVM (error)
>
> For testing, I have two external USB 90G disks attached for testing and am
> using the following:
>   ./bin/setup-storage -D"sdb sdc" -fcrypt-disk1-disk2.txt
> (With  export PERL5LIB=`pwd`/lib/setup-storage)
> or
>  /usr/sbin/setup-storage -D"sdb sdc" -fcrypt-disk1-disk2.txt
> (Ubuntu 16.04)
>
> Q. Do I need to know or set the size of the crypted drive before it is
> created? It is then used by LVM, so maybe I do?
>
> My Plan B is to take the log from ' lvm-disk1-disk2.txt' and then modify
> it manually setup the encrypted partition. I can then run this script in
> place of setup-storage in the FAI partitioning step.
>
> Regards
> Paul
>
> On Thu, 25 Aug 2016 at 13:15 Paul Schulz <paul at mawsonlakes.org> wrote:
>
>> Hi Alexandros
>>
>> Thank you for your reply. It was helpful and I have made some progress,
>> but I'm still getting errors when processing the 'cryptsetup' stanza.
>>
>> I have attached my FAI configuration files that I am tying to parse.
>>   FSRAID - produces error on 'luks' line
>>   FSRAID-parses
>>
>> (If I comment out the 'luks' line I can parse.but I don't know what output
>> or commands it will produce.)
>>
>> To test this, I have used copy of the latest github code, and have
>> modified
>> the code so it can access it's perl modules (without installation).
>>
>> Also, I gen another error if I don't use the full path
>> '/dev/mapper/md1_crypt'
>> in the luks line, BUT cryptsetup only uses the filename part ' md1_crypt'.
>>
>> I am trying to grok the parser code...
>>
>> Regards,
>> Paul
>>
>> On Tue, 23 Aug 2016 at 20:04 Alexandros Afentoulis <alexaf at noc.grnet.gr>
>> wrote:
>>
>>> On 08/22/2016 09:56 AM, Paul Schulz wrote:
>>> > (Repeated as first attempt didn't go through.)
>>> >
>>> > Greetings,
>>> > I have been asked to setup some systems with an encrypted disk
>>> > configuration (see below for FAI setup-storage format), essentially two
>>> > disks with:
>>> >    RAID1(/boot+other) < Crypt(other) < LVM((Root,Home,Swap)
>>> >
>>> > Should I expect this to work? If not, what would need to be done to
>>> > include this support in LVM.  Can I run setup-storage multiple times(3
>>> > confiig files)?
>>>
>>> Hello there,
>>>
>>> yes the disk scheme you aim for is feasible. In fact I did setup a node
>>> like that a couple of days ago.
>>>
>>
>> (snip)
>>
>> Hope I helped,
>>> Greetings
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uni-koeln.de/pipermail/linux-fai/attachments/20160920/14ef368f/attachment.html>
-------------- next part --------------
# Disks: 2x 1TB
# Configuration: RAID1+CRYPTO+LVM

disk_config disk1 disklabel:msdos bootable:1 fstabkey:uuid
primary -      2G        -     -
logical -      60G-     -     -

disk_config disk2 disklabel:msdos bootable:1 fstabkey:uuid
primary -      2G        -     -
logical -      60G-     -     -

disk_config raid
raid1   /boot  disk1.1,disk2.1 ext2 rw,noatime
raid1   -      disk1.2,disk2.2 -    -

disk_config cryptsetup
luks - /dev/md1 - -

disk_config lvm
vg Base md1
Base-Swap   swap   8G    swap sw
Base-Root   /      40G   ext4 rw,noatime
Base-Home   /home  10G-  ext4 rw,noatime

More information about the linux-fai mailing list