cmcasanova
Cadet
- Joined
- Jul 3, 2019
- Messages
- 2
Hello, I have gone through the guides and I am just looking for confirmation of steps prior to replacing a failing disk in my encrypted pool, running FreeNAS 11.2-U5. Note, I am primarily a Cisco network/security engineer treading in the storage space lightly over the past few years at a professional level as needed within my profession. This is just about 3 years of having FreeNAS running. I have a basic understand, so feel free to berate me as necessary if I am incorrect or misspeak.
pre-req: passphrase for encryption set (able to unlock with passphrase only, this should be confirmation?), download recovery key (geli_recovery.key), and encryption key (geli.key)
step 1: OFFLINE bad disk from GUI, taking note of serial number (Already OFFLINE'd the failing disk, and Pool now shows DEGRADED, Parity is fine)
step 2: shutdown / physically replace disk (WD-WCC4N1DZJL5V) with new disk (same model/size). Boot the system back up.
step 3: From Storage -> Pools -> Pool Status -> Select "ada4" on the right, click REPLACE disk, confirming passphrase for the encrypted pool
step 4: wait for Resilvering to complete (takes a few hours from what I have read from previous posts)
step 5: Restore the encryption keys before the next reboot or access to the pool will be permanently lost.
Notes:
-Pool is RAIDZ1 with 6 total disks at 3TB each.
-SATA ports are full, so a shutdown would be required prior to installing new hard drive (and removing the failing disk)
Outstanding questions I had:
1. After shutting down to install the new disk (they are not hot-swappable and no extra SATA ports exist on the motherboard), and the system boots back up, do I need to unlock my Pool at this point like I normally would after a cold boot?
2. How do you "restore the encryption keys" after the disk has been replaced?
pre-req: passphrase for encryption set (able to unlock with passphrase only, this should be confirmation?), download recovery key (geli_recovery.key), and encryption key (geli.key)
step 1: OFFLINE bad disk from GUI, taking note of serial number (Already OFFLINE'd the failing disk, and Pool now shows DEGRADED, Parity is fine)
step 2: shutdown / physically replace disk (WD-WCC4N1DZJL5V) with new disk (same model/size). Boot the system back up.
step 3: From Storage -> Pools -> Pool Status -> Select "ada4" on the right, click REPLACE disk, confirming passphrase for the encrypted pool
step 4: wait for Resilvering to complete (takes a few hours from what I have read from previous posts)
step 5: Restore the encryption keys before the next reboot or access to the pool will be permanently lost.
Notes:
-Pool is RAIDZ1 with 6 total disks at 3TB each.
-SATA ports are full, so a shutdown would be required prior to installing new hard drive (and removing the failing disk)
Outstanding questions I had:
1. After shutting down to install the new disk (they are not hot-swappable and no extra SATA ports exist on the motherboard), and the system boots back up, do I need to unlock my Pool at this point like I normally would after a cold boot?
2. How do you "restore the encryption keys" after the disk has been replaced?