Differences between revisions 3 and 4

KVM Host Guest Filesystem Images

Configuring disks for the KVM Guests Filesystem Images according to the disk layout.

Raid

Configure the raid1

# mdadm --create --level 1 --raid-devices 2 /dev/md2 /dev/sdc1 /dev/sdd1

Find the UUID for /dev/md2

# mdadm --detail /dev/md2
/dev/md2:
        Version : 1.2
  Creation Time : Sat Oct  7 15:57:11 2017
     Raid Level : raid1
     Array Size : 1946025984 (1855.88 GiB 1992.73 GB)
  Used Dev Size : 1946025984 (1855.88 GiB 1992.73 GB)
   Raid Devices : 2
  Total Devices : 2
    Persistence : Superblock is persistent

  Intent Bitmap : Internal

    Update Time : Sat Oct  7 23:13:13 2017
          State : clean 
 Active Devices : 2
Working Devices : 2
 Failed Devices : 0
  Spare Devices : 0

           Name : kvm02:2  (local to host kvm02)
           UUID : a78f7c84:5491a0d6:d5c5390d:8b97863f
         Events : 5069

    Number   Major   Minor   RaidDevice State
       0       8       33        0      active sync   /dev/sdc1
       1       8       49        1      active sync   /dev/sdd1

Add the array to /etc/mdadm/mdadm.conf

ARRAY /dev/md/2  metadata=1.2 UUID=a78f7c84:5491a0d6:d5c5390d:8b97863f name=kvm02:2

Update the initrd

# update-initramfs -u

Encrypting the Raid

Format the Raid with luks

# cryptsetup luksFormat /dev/md2

Open the Luks Device.

# cryptsetup luksOpen /dev/md2 md2_crypt

Create a Key.

# echo -n "uptime" | md5sum | dd of=/root/install/luks/keyfile_md2 bs=1 count=32
# cryptsetup luksAddKey /dev/md2 /root/install/luks/keyfile_md2

Find the UUID for /dev/md2

# blkid
/dev/md2: UUID="d62d227d-6d94-4055-b2df-b9477293b5d6" TYPE="crypto_LUKS"

Add the key to /etc/crypttab

md2_crypt UUID=d62d227d-6d94-4055-b2df-b9477293b5d6 /root/install/luks/keyfile_md2 luks

Update the initrd.

# update-initramfs -u

Create the LVM volume.

# pvcreate /dev/mapper/md2_crypt
# vgcreate vg2 /dev/mapper/md2_crypt

None: KVM Host Guest Filesystem Images (last edited 2019-08-14 17:55:47 by Kristian Kallenberg)

-  ⇤ ← Revision 3 as of 2017-10-11 00:34:43 → 
  Size: 3401
  Editor: shran
  Comment:
+   ← Revision 4 as of 2017-10-11 00:41:29 → ⇥
  Size: 2120
  Editor: shran
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 5:
-...
+== Raid ==
 Line 7:
-configure disks for lvm guests
sdc 2T SATA
sdd 2T SATA
sdc1 1856G (type=fd linux raid autodetect)
sdd1 1856G (type=fd linux raid autodetect)
md2 raid1(sdc1, sdd1)
+Configure the raid1
{{{
# mdadm --create --level 1 --raid-devices 2 /dev/md2 /dev/sdc1 /dev/sdd1
}}}
-Line 14:
+Line 12:
-mdadm --create --level 1 --raid-devices 2 /dev/md2 /dev/sdc1 /dev/sdd1
cat /proc/mdstat
+Find the UUID for `/dev/md2`
-Line 17:
+Line 14:
-root@kvm02:~# mdadm --detail /dev/md2
+{{{
# mdadm --detail /dev/md2
-Line 44:
+Line 42:
+}}}
-Line 45:
+Line 44:
+Add the array to `/etc/mdadm/mdadm.conf`
 Line 46:
-add this to /etc/mdadm/mdadm.conf
+{{{
 Line 48:
+}}}
-Line 49:
+Line 50:
-update-initramfs -u
+Update the initrd
-Line 51:
+Line 52:
-cryptsetup luksFormat /dev/md2
cryptsetup luksOpen /dev/md2 md2_crypt
echo -n "uptime" | md5sum | dd of=keyfile_md2 bs=1 count=32
cryptsetup luksAddKey /dev/md2 /root/install/luks/keyfile_md2
+{{{
# update-initramfs -u
}}}
 Line 56:
-add to /etc/crypttab
+== Encrypting the Raid ==
 Line 58:
-root@kvm02:~# blkid
/dev/mapper/md1_crypt: UUID="3mOaOP-QrrK-M3qA-3oww-NmZB-JRed-pQaFIw" TYPE="LVM2_member"
/dev/mapper/vg1-root: UUID="c883776a-9edc-462e-9738-657e371d2a45" UUID_SUB="668d0413-a182-43fe-b4a1-ff06cb98d73e" TYPE="btrfs"
/dev/sdb1: UUID="9d9740fb-8fb7-efe1-8c5e-013d781df3d8" UUID_SUB="ab130aed-fb4a-88cb-0cbc-9ae91fa08619" LABEL="kvm02:0" TYPE="linux_raid_member" PARTUUID="483bb906-01"
/dev/sdb2: UUID="da51541f-77df-af96-fdc3-b03644fac977" UUID_SUB="30ad7b3a-4eed-5a00-f811-bd20bb98b558" LABEL="kvm02:1" TYPE="linux_raid_member" PARTUUID="483bb906-02"
/dev/sdc1: UUID="a78f7c84-5491-a0d6-d5c5-390d8b97863f" UUID_SUB="62048ec1-d5e1-fe29-4346-d194f981f13b" LABEL="kvm02:2" TYPE="linux_raid_member" PARTUUID="6dbfae38-01"
/dev/sdd1: UUID="a78f7c84-5491-a0d6-d5c5-390d8b97863f" UUID_SUB="cfc50ce8-77c4-07d8-a95f-35010f5a46d4" LABEL="kvm02:2" TYPE="linux_raid_member" PARTUUID="a4963ac2-01"
/dev/sda1: UUID="9d9740fb-8fb7-efe1-8c5e-013d781df3d8" UUID_SUB="7aed9dbb-7ac7-59c7-7810-e91db6102d31" LABEL="kvm02:0" TYPE="linux_raid_member" PARTUUID="c2022b83-01"
/dev/sda2: UUID="da51541f-77df-af96-fdc3-b03644fac977" UUID_SUB="15a5b431-6d3b-b2c9-32e2-9b6c2cc594c4" LABEL="kvm02:1" TYPE="linux_raid_member" PARTUUID="c2022b83-02"
/dev/md1: UUID="72deeb7f-2289-40c5-99c1-52238afb78ef" TYPE="crypto_LUKS"
/dev/md0: UUID="86cc7db9-8700-40de-97c2-e948f3c887cc" UUID_SUB="ed4cadd6-0d74-452a-a52a-c1181d24bc00" TYPE="btrfs"
+Format the Raid with luks

{{{
# cryptsetup luksFormat /dev/md2
}}}

Open the Luks Device.

{{{
# cryptsetup luksOpen /dev/md2 md2_crypt
}}}

Create a Key.

{{{
# echo -n "uptime" | md5sum | dd of=/root/install/luks/keyfile_md2 bs=1 count=32
# cryptsetup luksAddKey /dev/md2 /root/install/luks/keyfile_md2
}}}

Find the UUID for `/dev/md2` 

{{{
# blkid
-Line 70:
+Line 82:
-/dev/mapper/vg1-swap: UUID="482ddfde-6e11-4b18-9ef2-b58dbcc36918" TYPE="swap"
+}}}
-Line 72:
+Line 84:
+Add the key to `/etc/crypttab`

{{{
-Line 73:
+Line 88:
+}}}
-Line 74:
+Line 90:
-update-initramfs -u
+Update the initrd.
{{{
# update-initramfs -u
}}}
-Line 76:
+Line 95:
-pvcreate /dev/mapper/md2_crypt
vgcreate vg2 /dev/mapper/md2_crypt
+Create the LVM volume.
{{{
# pvcreate /dev/mapper/md2_crypt
# vgcreate vg2 /dev/mapper/md2_crypt
}}}