Backup / Restore to identical freenas hardware -- cannot mount volume question

[SnakeByte]

I've been doing some disaster tests and ran into what I think is an issue.

I've got two identical freenas servers.

On Machine1 I created an encrypted ZFS Z2 Volume and set up the server for real-world use (Samba shares, joined AD, snapshots, etc). Works fine. If I reboot, it automatically re-mounts the volume even though its encrypted.

From the web gui on Machine1, I chose, System -> General -> Save Config

I then shut down Machine1.

On Machine2, I chose System -> General -> Upload Config and uploaded the config I saved from Machine1.

After reboot, I shut down Machine2. I then moved all the storage drives from Machine1 to Machine2 and booted it up.

It did not mount the volume, showing it in a "lock" state. Clicking the icon to unlock prompts to unlock. I select "ok", and it goes right back to the web gui with a status of "LOCKED". Is this by design?

 

[m0nkey_]

[rant]First off, while encryption exists, it will cause more headaches for you in the long run. A simple task of replacing drives is made more complicated. Unless absolutely required, encryption should be avoided. [/rant]

As for your second machine, did you install your GELI and recovery keys. Without them, you can not unlock the volume.

 

[SnakeByte]

According to the FreeNas ticket peeps, the "Save Config" doesn't save everything, including the keys to the encryption. I wonder what else is silently missing. Anyone know if this is documented?

The crappy thing is that even with this known, and even with the key separately saved, the GUI is unable to unlock the volume because it's looking for a file that doesn't exist anymore. When I tried to unlock it, it would prompt me to proceed, and then silently fail. Once I copied the key file to the /data/gefi folder and named it appropriately I was able to unlock the volume.

I was about to test replacing a drive in this system. Thanks for the warning about encryption making this harder. These are the things I don't want to discover when disaster actually strikes. :/

 

[m0nkey_]

The 'Save Config' is just a dump of the SQLite database. Only configuration is stored in it. Encryption keys must be exported separately. The documentation states that the encryption keys should be exported and securely stored: http://doc.freenas.org/9.3/freenas_storage.html?highlight=backup#encryption

To create an encrypted volume, check the “Encryption” box shown in Figure 8.1a. A pop-up message will remind you that it is extremely important to make a backup of the key as without it the data on the disks is inaccessible. Refer to Managing Encrypted Volumes for instructions.

 

[SnakeByte]

The documentation I was looking for was what "Save Config" encompasses. The documentation states "Save Config: used to create a backup copy of the current configuration database in the format hostname-version-architecture." This mirrors what you've stated about the SQLite db dump (Thanks for that.. I was wondering how to decode the binary blob so that I could audit it). However, what isn't clear was if the encryption keys are stored in that database or not. I assumed that by clicking "Save Config" I was making a backup of the key along with everything else.

Since it's now clear that "Save Config" is not a complete method to backup everything required to bring up a mirrored system (Sans the data itself), is there documentation that provides all of the necessary steps?

Edit: I noticed on the Console that there's this:
11) Create Backup

Is that what I should be using instead of (in addition to?) Save Config? Will that backup everything but the data?

 

[cyberjock]

The encryption keys are not in the config file for security reasons. The manual clearly explains how to backup those keys though.

For everything else besides encryption, the config file is the complete method to backup your configuration, minus your data of course.

 

[SnakeByte]

Having instructions that say how to backup keys is good, and yes they are clearly laid out. That is not in question here.

What is not clear is that those steps are exclusive of any other method used to backup the system.

Also,
Is "11) Create Backup" from the console == Save Config? Or does it actually do a backup of everything? If they're the same, why are they named differently? If they're different, does it also back up the encryption keys? If it does backup the encryption keys, why isn't this an option from the gui?

 

[cyberjock]

http://doc.freenas.org/9.3/freenas_quick.html?highlight=create backup#

I'm not throwing you to the wolves or giving you a "RTFM" link. I've honestly never tried to use it or anything, so I figured I'd point you to the source of everything I know about that feature. LOL.

 

[depasseg]

I applaud you for testing this prior to deployment.

If you are jumping on the disk encryption train, then I'd highly suggest reading that part of the manual and practice it until you can teach someone else. It is such an easy way to lose data if you aren't properly prepared.

As for DR planning, I'm surprised mirrored boot disks and replication aren't being discussed. Is there a reason? I think those would be very helpful in your situation.