[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-fai
Subject: Example setup-storage config for encrypted mdraid-1 with lvm
From: Frank_Grötzner <FGroetzner () nicos-ag ! com>
Date: 2014-05-22 14:47:21
Message-ID: 164B589119CA444A91AF53EE9788AA3D6FDB621867 () exchange01 ! win ! nicos ! noc
[Download RAW message or body]
Hi,
here's a (for me) working example of an setup-storage configuration for fai in debian \
wheezy to get an lvm volumegroup on top of a luks encrypted mdraid-1 device:
-------------------------------------------------------
disk_config disk1
primary - 512 - -
primary - 0- - -
disk_config disk2
primary - 512 - -
primary - 0- - -
disk_config raid fstabkey:uuid
raid1 /boot disk1.1,disk2.1 ext4 defaults tuneopts="-c 0 -i 0"
raid1 - disk1.2,disk2.2 - -
disk_config cryptsetup
luks:"mykey" - md1 - -
disk_config lvm
vg system md1
system-root / 8192 ext4 rw,errors=remount-ro tuneopts="-c 0 -i 0"
system-tmp /tmp 2048 ext4 defaults tuneopts="-c 0 -i 0"
system-var /var 10240 ext4 defaults tuneopts="-c 0 -i 0"
system-var_log /var/log 3072 ext4 defaults tuneopts="-c 0 -i 0"
system-var_tmp /var/tmp 2048 ext4 defaults tuneopts="-c 0 -i 0"
system-home /home 2048 ext4 defaults tuneopts="-c 0 -i 0"
system-swap swap 2048 swap sw
-------------------------------------------------------
Of course you have to add cryptsetup to your packages (for the nfsroot as well as for \
the to-be-installed system) and you need the initrd to be build after cryptsetup has \
been installed. If you use dracut, the version in wheezy has a bug with initializing \
lvm volumes as well as opening luks devices, so you might want to use the \
jessie-version of dracut (and add rd.auto to the kernel paramters).
Best regards,
Frank
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic