Skip to content
This repository was archived by the owner on Jan 11, 2023. It is now read-only.

Encrypted RAID Array and Disk Creation Reference

Jump to bottom
Sena Heydari edited this page Feb 24, 2016 · 1 revision
Note:

As of 02/2016, the best cobbled together Google Unix wisdom is that using LVM as a RAID manager, while it offers higher flexibility, still doesn't have management tool and ease parity with pure MDADM. LVM RAID utilizes MDADM under the hood anyways, so there's not real gain if you're not using LVM.

Creating Disk Partitions for Linux Raid

  • Here is a basic script that takes a single device /dev/sdX as an argument, and deletes any existing partition (not partitions), and then creates a whole disk partition with type "fd" aka Linux-Raid 
#!/bin/bash
echo "d
n
p



t
fd
w" | fdisk $1

Creating an MDADM RAID Array

  • This sample command creates a RAID 5 array with no hot spares:

mdadm -Cv /dev/md200 -l 5 -n 4 /dev/sdc1 /dev/sdd1 /dev/sde1 /dev/sdf1

  • This sample command creates a RAID 1 (Mirrored) array with no hot spares:

mdadm -Cv /dev/md200 -l 1 -n 2 /dev/sda1 /dev/sdb1

  • Breakdown of command:
-Cv = -C + -v, Create mode with verbosity
/dev/md200 = RAID Array device name. For CentOS 7, md2** and above is recommended
-l = RAID Level, 1 is mirror, 5 is striped with parity
-n = # of disks to use
/dev/sd... = Device names to go into array

How to Add MDADM Conf to Startup

  • This command will add new disks to existing startup mdadm.conf file. Be sure you don't have multiple entries of the same disks:

mdadm -D -s /dev/md200 >> /etc/mdadm.conf

Encrypting RAID Array

  • This command will lead you through the prompts to encrypt your disk:

cryptsetup luksFormat /dev/md200

Unencrypt Drive to Make Filesystem with Mapper Handle

  • Here, we've named the drive mapper vms, but it can be whatever you like:
cryptsetup open /dev/md200 vms
mkfs.xfs /dev/mapper/vms

Mounting Encrypted Drive at Startup (with Password Prompt)

  • Get UUID for /dev/md200 drive from running lsblk -f tree

  • Create entry in /etc/crypttab for disk to be found on boot (assuming mapper named "vms"):

    echo "vms UUID='Some-Hex-Entry-from-Above' none" >> /etc/crypttab

  • Create Folder to mount to (here also assuming "vms"):

    mkdir /vms

  • Add Auto-Mount Entry to /etc/fstab:

    /dev/mapper/vms /vms xfs defaults 0 2

Full High-Level Round-Up of Steps

  • Prepare individual /dev/sdX devices for RAID array.
  • Create RAID array using mdadm, e.g. /dev/md200
  • Add MDADM config of newly create array to /etc/mdadm.conf file, ensuring no duplicate entries
  • Encrypt Array
  • Unencrypt Array to allow filesystem creation
  • Add Crypt Entry to /etc/crypttab to unlock on boot with password prompt
  • Create mount point in OS
  • Add /etc/fstab entry

Clone this wiki locally