New to NAS, Looking for Architecture Guidance

[AdianIV]

I've read around, and it seems like the answers to a lot of the questions I have tend to include the phrase "it depends on your requirements." I thought starting my own thread would be the best way to get some help. I'm still reading through resources, but I feel like it would take me weeks to understand everything I would need to in order to make informed decisions.

I'm setting up my first FreeNAS (or any NAS for that matter) server for home use. The machine is built for the most part, the components are below:
Motherboard: ASRock C2750D4I (8 core, supports AES-NI)
RAM: Crucial ECC RAM, 32 GB Total
Drives: 6x Seagate 4TB NAS Drives
Case, Power Supply, fans, and USB drive didn't seem terribly relevant, but I can provide them if it would help.

What I intend to use it for:

1. Storage of important data - documents, family photos, etc.
2. Storage of media
3. Storage of system backups
4. SabNZBD (Plugin available - Each of these will be done through the GUI. I'm more of a Windows guy and lack the Linux knowledge at this point to set up one Jail to run them all.)
5. Sonarr (Plugin available)
6. Couchpotato (Plugin available)
7. Plex (Plugin available. The media that it manages/streams will live on the NAS)
8. Crashplan backups of important data from the NAS (Future state, for now they are backed up via CIFS shares to an external HDD)

I will try to be as concise as I can and ask actual questions where possible, but some of these decisions flow into each other. I'm trying to get the initial architecture correct, because once I consolidate this data to one location, I won't have enough storage space left over to wipe out the volumes to change the pool configurations.

Pool Configuration
From what I've read, and with 6 storage disks, I seem to have three options:

1. RAIDZ2
2. 2x RAIDZ1
3. 3x RAID 1 (Mirror)

Given what I intend to use this for, which option would be best?

Left on my own, I would choose RAIDZ2, which also seems to be the documentation's recommendation. However, I don't know if one of the other options would provide better performance with a negligible loss of protection.

Encryption
Another consideration that informs the Pool configuration is the use of Encryption.

Generally, Encryption is better than no encryption in my mind. I assume that with AES-NI support, the performance impact is not significant. However, I don't know how that could impact streaming on Plex, or backups with Crashplan.

The only data I really would want to encrypt is the "important" data. Since Encryption is set at the Pool level, though, if I went with RAIDZ2 and chose to encrypt, everything would be subject to it. I could choose another Pool configuration, which would allow slightly more granular selection of what is encrypted.

Is encryption worth it in my case for home use? Would it significantly impact performance for Plex or Crashplan? Is it worth using a different Pool Configuration to Encrypt less of the data that doesn't really need it?

Performance
I think this is a concern for everyone. The only drives I have in this server are my storage drives, and the USB drive that holds my FreeNAS partition.

Do I have the hardware I need to run the plugins I have listed without my NAS falling over or slowing to a crawl? "I don't know, test and see" is the most likely answer, but I was hoping to at least get a ballpark answer about whether I should worry about CPU or memory constraints. I don't know how heavy FreeNAS or these plugins are.

Initially I (incorrectly) understood that the Jails and Plugins would use the FreeNAS partition on the USB key, not require storage of their own. Is it acceptable to store that data on the NAS storage drives? I think in the best-case I would have a small SSD or something to use for them, but I don't know if that would provide a significant benefit, or if it is just a nice to have.

Do I need an additional drive for anything? Running Jails/Plugins? Logging? Swap? Caching?

This ran a lot longer than I had hoped, so if you've made it this far thank you. Any advice or direction for any of these questions would be incredibly helpful.

 

[jgreco]

RAIDZ2 will be slower than your other options but is a lot better at protecting your data. When you lose a disk with RAIDZ1 or a two-way mirror, you lose redundancy on your data. Think about how long it might take you to obtain a replacement disk, and then resilver it into the array. You are not protected from an additional failure during that time.

"Slower" is all relative in any case, it is unlikely that you'll notice.

As long as the CPU supports AES-NI, performance impact is negligible. However, there are some complications with pool maintenance using encryption - replacing a disk becomes more difficult, for example. Read up first.

Resource-wise, FreeNAS will use all the RAM you can throw at it. The C2550 is a poor choice unless you're just using the thing as a fileserver. The C2750 has some core headroom and while it isn't as fast as a Xeon it should be the best possible choice out of the Avotons. Don't plan on massive amounts of transcoding with Plex on an Avoton. At 32GB and a C2750 you're pretty much on the right track other than that.

 

[joeschmuck]

My opinion on encryption is this, if only certain files need it then find a way to encrypt only those files and leave the rest of the system alone. This is only due to the additional complexity of having an encrypted pool. However if you feel you have a good handle on it then you will be fine.

I would suggest that if you do use encryption, setup your system. Shut it down and remove a drive, power it up and notice the issues you have (degraded pool), wipe out (erase) the drive you removed and then use it as a replacement drive and see if you can manage to add it properly and resilver (won't take long if you have very little data n the pool). Another scenario is to shut it down, remove your boot device and install a clean one, try to rebuild your boot device and have your pool work once done. If you have all the files you should well you might do fine. If you cannot do these then encryption is off the table for you.

Test yourself in every possible failure and the two that matter to me are a hard drive failure and the boot device failure. Do not rely on anything short of that because if you cannot do those items on an encrypted system, you will be in for some bad times.

 

[Tywin]

My opinion on encryption is this, if only certain files need it then find a way to encrypt only those files and leave the rest of the system alone. This is only due to the additional complexity of having an encrypted pool. However if you feel you have a good handle on it then you will be fine.

For myself the appeal of encryption is not necessarily about absolute data security but rather never having to worry about data at rest.

 

[cyberjock]

I'm one of those people that encrypted just to "eat the dogfood". I don't need to protect the data, but I've seen some pretty nasty bugs with encryption. We're talking bugs that might make you "unable to access the data ever again" type of problems. We've also had quite a few users lose keys, forget passwords, not rekey pools properly, etc and have lost their data permanently as a result. At one point I had a failed drive and there was no way to resilver without ending up in a situation where a loss of power during the resilver meant the pool was inaccessible forever.

I'd *strongly* recommend you reconsider and use something else. It sounds like you're doing it for a contingency plan. And in that case I would not consider the risk worth the benefit. IMO the only time encryption is justified is when its required by law. Things such as storing medical records, personal info, etc.

If you're just trying to protect some tax records or something use something like bitlocker or Truecrypt. It's just not worth it to do the entire pool.

Of course, if you are like most people, you'll probably ignore my advice and that of joeschmuck. If you do, you'd better keep good backups. You'll be laughed right out of here if you have a problem and lose access to the pool. It is effectively uncrackable and your data will be permanently encrypted forever.

 

[gpsguy]

Ditto what cyberjock just said. I was composing a similar reply, when he posted his message.

 

[AdianIV]

Thanks a lot for the responses, guys!

It seems that I was looking at the question of encryption from the wrong standpoint. I figured that if my hardware supported it, and the overhead wasn't too bad, why not do it? I had read several guides and forum posts on the encryption keys, and the added steps that I would need to go through, and it didn't seem that bad. But there's a difference between reading about it, and going through the pain. Additionally, I hadn't factored bugs into the equation, or my own ability with my very limited knowledge to recover from some kind of failure.

The subset of data that I would actually want to encrypt is very small. I think the suggestion you two made of leaving disk encryption disabled and only encrypting the data I need with something like Truecrypt is the way to go. I can always stand up a VM sometime to mess around with encryption if I want to see what it's like.

As for the testing that joeschmuck suggested, I think that's a great exercise to go through anyway. I may not be encrypting, but I've never had to replace or resliver a drive. It'll be good to go through the process a couple times to familiarize myself with what happens and the issues I could face. Better to do it with a little data than when I have several TB there.

It looks like RAIDZ2 is the way to go. It may be slower than the other options, but like jgreco said...in my home application, I don't know that I'd notice. If I start running into performance problems I may have to rethink it, but for now I think I'll erro on the side of more redundancy.

I'll also have to keep an eye out while transcoding with Plex. I normally only stream to one, maybe two devices at a time. If worst comes to worst, I can just disable the plugin and stand up a dedicated VM. It' not ideal, but there's no sense in having added functionality if that is going to impede the server's core purpose. I'm glad to hear that I'm not trying to fit ten pounds of stuff in a five pound bag, though.

Thanks again guys for the input!

 

[whipsplash]

Hi,

Sorry for hijacking this post. But I've a similar build and would like your inputs

Motherboard: Z87IPRO
Processor: Intel i3 4130
RAM: Kingston PC3 4GB 1600 Mhz
Drives: 6x Western Digital 4TB NAS Drives

Planning to hook the onboard hdmi to the tv while making the nas hold all my media and music files.

Do the experts think i'm on the right track?

 

[danb35]

Planning to hook the onboard hdmi to the tv while making the nas hold all my media and music files.

Do the experts think i'm on the right track?

No, not even close. The motherboard you've selected is entirely inappropriate, and the RAM is half of the minimum recommended (and not ECC). Consult the hardware recommendations thread for, well, hardware recommendations.

What do you intend to do with the HDMI connected to the TV? FreeNAS has no ability to play audio or video built-on.

 

[cyberjock]

Do the experts think i'm on the right track?

Nope. You basically listed hardware we wouldn't recommend, unless we were dead.

 

[jgreco]

Nope. You basically listed hardware we wouldn't recommend, unless we were dead.

Oh, come on now, you know you wouldn't recommend it even if you were dead.

And you know you're fine with the WD Reds. And the i3's probably OK. So what we're really going on about is the choice of mainboard and memory.