Starting Fresh...

[shackrock]

I've had freenas for quite a while, since back in the v.7 days. These days, Freenas has grown tremendously. I also want to take advantage of the latest encryption features that have been implemented.

As it stands, I have 2 zpools in Raid-Z1, a total of 12 disks. One disk is starting to exhibit some SMART sector errors so I figured this was as good a time as any to make what I want to happen, happen:

• Copy all data somewhere. This is the biggest single question in my mind, how I can possibly do this without buying tons of new HDDs for temp...
• Destroy the Zpools.
• Replace failed HDD.
• create new Zpool with encryption, and Raid Z2.
• Copy all data back.

Any thoughts?

Just a few other things to know...I have all 2TB drives in there now. I am not using all the storage space available.
My base computer case has 6 HDDs in it. Then I have a small, powered 4-drive case that plugs in via e-sata to the main MOBO. If I could get rid of the 4-drive case, I wouldn't be sad about it. I could replace all drives with 4TB HDDs and use only 6 of them and maybe do that, so that is a possibility...

 

[SweetAndLow]

I think your idea of using 6x4tb drives in a raid z2 is great. I think your idea of using encryption isn't a good one. Personal use nas's don't need encryption and result in people losing their pools because they mess something up. Encrypted drives are not even used in the enterprise market unless they need to meet requirements for legal reasons.

 

[shackrock]

I think your idea of using 6x4tb drives in a raid z2 is great. I think your idea of using encryption isn't a good one. Personal use nas's don't need encryption and result in people losing their pools because they mess something up. Encrypted drives are not even used in the enterprise market unless they need to meet requirements for legal reasons.

Is the implementation in FreeNAS of ZFS not reliable enough, or is it that the ZFS encryption in general isn't reliable enough? I could certainly be talked out of it if either were the case, and just go ahead and upgrade drives and leave it at that probably.

 

[SweetAndLow]

It works exactly like it should and is perfectly reliable. But it just adds another way to be locked out of your pool permanently if you mess up. People don't understand what disk encryption is for. It's for people trying to meet compliance or for paranoid individuals that think the government wants to steal their family photos. Why do you think you need encryption, because there is a checkbooks?

 

[Ericloewe]

Encryption errs on the side of caution in FreeNAS. Accessing data is not made easy. The implementation also brings its own quirks that don't really add to security but add to the likelihood of messing up (as a virtual drive must be created, on top of which ZFS will run).

My advice is to use some sort of encrypted container (like TrueCrypt - dunno what replaces TrueCrypt these days, but its operating principle is just what you'd need) for whatever data you deem too sensitive not to be encrypted. This reduces the risk on the rest of the data.

 

[shackrock]

Yea. Mostly taxes, docs with SSN on it, stuff like that really... But in the end, if somebody steels my computer I got bigger problems I guess =).

 

[Joshua Parker Ruehlig]

Yea. Mostly taxes, docs with SSN on it, stuff like that really... But in the end, if somebody steels my computer I got bigger problems I guess =).

You could just store these things in ownCloud. I run ownCloud with the encryption app enabled so my actual data files are encrypted on disk (this is done on the application level).