Having read a number of threads and the wiki articles on the topic of encrypted disks and zpools (being new to N4F and ZFS), I was able to set everything up successfully on my embedded install as follows:
1) Encrypt the disks: Disks > Encryption > Management
2) Format the attached encrypted disks for ZFS: Disks > Management > HDD Format
3) Add virtual devices for ZFS: Disks > ZFS > Pools > Virtual Device
4) Created the zpool: Disks > ZFS > Pools > Management
5) Created datasets: Disks > ZFS > Datasets > Dataset
I'm able to attach the disks and import the pool after a reboot. Attaching is straightforward (though tedious through the web interface). But there's always some (apparently) non-critical error messages when importing the zpools. Other forum posts advise to use the panel found at "Disks > ZFS > Configuration > Synchronize" to "synchronize the zpools." I'm not entirely sure what that means, but it apparently runs `zpool import -d /dev -a -f`
Which, to the best of my understanding, iterates through the contents of /dev searching for ZFS virtual devices, parsing them somehow and determining whether they're a part of a pool, and then does a forced import of the pool. When attempting to import a zpool directly from the shell, `zpool import mypool` I get an error suggesting that the "pool may be in use from other system" which it obviously isn't. Following the advice to force the import with `zpool import -f mypool` works fine but it makes me wonder why this error shows up every time the system is rebooted.
I experimented with doing a manual export of the zpool before a reboot (`zpool export mypool`) and after a reboot, it doesn't seem to require the force and no error message is received from the regular import. Does N4F not export the pool during shutdown? Is this an issue?
I started making some scripts to speed up the attach/import process and tried making a shutdown script to export/detach as well. It works fine so far that I can tell but I'm just wondering if there are any consequences to manually exporting the zpools at this stage of the shutdown process. I just added my script as a "Shutdown" type in System > Advanced > Command Scripts.
The script is basically this:
Code: Select all
#!/bin/bash zpool export mypool geli detach /dev/ada0 geli detach /dev/ada1
Just to "bottom line" my post here:
(1) Does N4F export the zpools "properly" on shutdown? Should it?
(2) Are there any issues with exporting zpools and then detaching encrypted disks with a shutdown script?