fho*_*fho 9 arch-linux mdadm lvm grub2 luks
几天来,我一直在努力设置加密的 NAS。基本计划是在 raid1 上的 luks 上的 lvm 上使用 btrfs,在写回模式下为根分区引入 lvmcache,以减少磁盘访问。
设置分区和文件系统后GRUB无法安装:
grub-install: warning: Attempting to install GRUB to a disk with multiple partition labels. This is not supported yet..
grub-install: error: embedding is not possible, but this is required for RAID and LVM install.
在 Arch Wiki 之后,我首先设置分区:
gdisk /dev/sda 和 /dev/sdb 的输出:
Disk /dev/sda: 976773168 sectors, 465.8 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 9EFA6587-E34F-4AC1-8B56-5262480A6C6A
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 2048-sector boundaries
Total free space is 2014 sectors (1007.0 KiB)
Number Start (sector) End (sector) Size Code Name
1 2048 4095 1024.0 KiB EF02 BIOS boot partition
2 4096 976773134 465.8 GiB 8300 Linux filesystem
请注意在模式下安装时显然需要的BIOS 引导分区。GRUBBIOS/GPT
因为我有两个磁盘,所以我希望它们在一个RAID1数组中:
mdadm --create --level=1 --raid-devices=2 /dev/md0 /dev/sda2 /dev/sdb2
root@archiso ~ # mdadm --detail --scan
ARRAY /dev/md0 metadata=1.2 name=archiso:0 UUID=bdfc3fea:f4a0ee6d:6ac08012:59ea384b
root@archiso ~ # cat /proc/mdstat
Personalities : [raid1]
md0 : active raid1 sdb2[1] sda2[0]
488253440 blocks super 1.2 [2/2] [UU]
[>....................] resync = 2.0% (9832384/488253440) finish=96.6min speed=82460K/sec
bitmap: 4/4 pages [16KB], 65536KB chunk
unused devices: <none>
接下来我LUKS在顶部设置一个卷RAID:
root@archiso ~ # cryptsetup luksFormat /dev/md0
WARNING!
========
This will overwrite data on /dev/md0 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter passphrase:
Verify passphrase:
root@archiso ~ # cryptsetup luksOpen /dev/md0 md0-crypt
Enter passphrase for /dev/md0:
Btrfs可以使用快照代替LVM,但在撰写本文时,无法将 SSD 缓存设备添加到Btrfs. 所以我选择稍后使用LVM并添加 SSD lvmcache:
(一步创建卷组:)
root@archiso ~ # vgcreate vg0 /dev/mapper/md0-crypt
Physical volume "/dev/mapper/md0-crypt" successfully created
Volume group "vg0" successfully created
root@archiso ~ # lvcreate -L 100M -C y vg0 -n boot
Logical volume "boot" created.
root@archiso ~ # lvcreate -L 20G vg0 -n root
Logical volume "root" created.
root@archiso ~ # lvcreate -L 10G vg0 -n var
Logical volume "var" created.
root@archiso ~ # lvcreate -L 6G -C y vg0 -n swap
Logical volume "swap" created.
root@archiso ~ # lvcreate -l +100%FREE vg0 -n home
Logical volume "home" created
导致以下布局:
root@archiso ~ # lvs
LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
boot vg0 -wc-a----- 100.00m
home vg0 -wi-a----- 429.53g
root vg0 -wi-a----- 20.00g
swap vg0 -wc-a----- 6.00g
var vg0 -wi-a----- 10.00g
创建文件系统:
root@archiso ~ # mkfs.ext4 /dev/vg0/boot
root@archiso ~ # mkfs.btrfs /dev/vg0/home
root@archiso ~ # mkfs.btrfs /dev/vg0/root
root@archiso ~ # mkfs.btrfs /dev/vg0/var
(ext4被选择用于引导是因为btrfs抱怨分区大小小。)
挂载文件系统:
root@archiso ~ # swapon /dev/vg0/swap
root@archiso ~ # mount /dev/vg0/root /mnt/arch -o compress=lzo
root@archiso ~ # mount /dev/vg0/home /mnt/arch/home -o compress=lzo
root@archiso ~ # mount /dev/vg0/var /mnt/arch/var -o compress=lzo
root@archiso ~ # mount /dev/vg0/boot /mnt/arch/boot
实际上我只是从以前的备份中复制系统:
root@archiso ~ # rsync -Pa /mnt/bkp/sda/* /mnt/arch
(茶歇)
root@archiso ~ # genfstab -U /mnt/arch > /mnt/arch/etc/fstab
root@archiso ~ # cat /mnt/arch/etc/fstab
# /dev/mapper/vg0-root
UUID=62ebf0c9-bb37-4b4e-87dd-eb8a4ace6a69 / btrfs rw,relatime,compress=lzo,space_cache 0 0
# /dev/mapper/vg0-home
UUID=53113e11-b663-452f-b4da-1443e470b065 /home btrfs rw,relatime,compress=lzo,space_cache 0 0
# /dev/mapper/vg0-var
UUID=869ffe10-7a1c-4254-9612-25633c7ae619 /var btrfs rw,relatime,compress=lzo,space_cache 0 0
# /dev/mapper/vg0-boot
UUID=d121a9df-8c03-4ad9-a6e0-b68739b1a358 /boot ext4 rw,relatime,data=ordered 0 2
# /dev/mapper/vg0-swap
UUID=29035eeb-540d-4437-861b-c30597bb7c16 none swap defaults 0 0
root@archiso ~ # mdadm --detail --scan >> /mnt/arch/etc/mdadm.conf
root@archiso ~ # cat /mnt/arch/etc/mdadm.conf
[...]
ARRAY /dev/md0 metadata=1.2 name=archiso:0 UUID=bdfc3fea:f4a0ee6d:6ac08012:59ea384b
root@archiso ~ # arch-chroot /mnt/arch /bin/bash
[root@archiso /]#
添加了这些钩子: mdadm_udev encrypt lvm2 btrfs
[root@archiso /]# mkinitcpio -p linux
现在对于有趣(和失败)的部分,我选择GRUB作为我的引导加载程序,因为它应该支持我使用的所有装置。
参考:
更改部分/etc/default/grub:
GRUB_CMDLINE_LINUX="cryptdevice=/dev/md0:vg0"
GRUB_ENABLE_CRYPTODISK=y
安装 grub:
[root@archiso /]# grub-install --target=i386-pc --recheck /dev/sda
Installing for i386-pc platform.
/run/lvm/lvmetad.socket: connect failed: No such file or directory
WARNING: Failed to connect to lvmetad. Falling back to internal scanning.
/run/lvm/lvmetad.socket: connect failed: No such file or directory
WARNING: Failed to connect to lvmetad. Falling back to internal scanning.
/run/lvm/lvmetad.socket: connect failed: No such file or directory
WARNING: Failed to connect to lvmetad. Falling back to internal scanning.
grub-install: warning: Attempting to install GRUB to a disk with multiple partition labels. This is not supported yet..
grub-install: error: embedding is not possible, but this is required for RAID and LVM install.
(--debug输出可在此处获得)
坦率地说......我不知道这里有什么问题。在 BIOS/GPT 模式下,GRUB 应该将它的 core.img 嵌入到ef02/BIOS boot分区中,不是吗?
https://bbs.archlinux.org/viewtopic.php?id=144254不适用于此处:
[root@archiso /]# btrfs fi show --all-devices
Label: none uuid: 62ebf0c9-bb37-4b4e-87dd-eb8a4ace6a69
Total devices 1 FS bytes used 965.77MiB
devid 1 size 20.00GiB used 3.04GiB path /dev/mapper/vg0-root
Label: none uuid: 869ffe10-7a1c-4254-9612-25633c7ae619
Total devices 1 FS bytes used 339.15MiB
devid 1 size 10.00GiB used 3.04GiB path /dev/mapper/vg0-var
Label: none uuid: 53113e11-b663-452f-b4da-1443e470b065
Total devices 1 FS bytes used 384.00KiB
devid 1 size 429.53GiB used 2.04GiB path /dev/mapper/vg0-home
Btrfs v3.17.3
嗯......显然这条线是线索:
grub-install: warning: Attempting to install GRUB to a disk with multiple partition labels. This is not supported yet..
以前我btrfs直接在/dev/sda和上安装/dev/sdb。这就是为什么它们都附加了 FSTYPE 和 LABEL(如 所示lsblk)。
解决方案:我现在已经用(安全擦除)擦除了/dev/sda和。可能有更好的方法来取消这些标志......但这对我有用。/dev/sdbhdparm
| 归档时间: |
|
| 查看次数: |
13771 次 |
| 最近记录: |