RAID-1, Part 1
Before you begin, if the /usr partition is in use and contains data that you do not want to lose, back up your data. The following list outlines the steps used to configure /usr as a RAID-1 array:
Partition the second hard disk, if needed. Partition sizes should be calculated based on sectors, not cylinders. If using fdisk to partition the disks, use the -u option. The smallest partition of a mirror set determines that metadevice's maximum size. Getting the partition sizes to match up is almost impossible. Just try to get them close while making sure the second disk's partitions are the same size or larger. You may ignore any fdisk warnings about cylinder boundaries, they are a problem only if you'll be accessing the disk with DOS/Windows. If you want the RAID-1 devices to be mounted during boot, change the filesystem type to "fd" (Linux RAID autodetect).
Go to single-user mode using the command init 1 so that /usr can be unmounted. Alternatively, you could stop all processes using the /usr partition. The fuser program can help you if you wish to take this route.
Copy the contents of /usr to /var/usr.save or another partition with enough room so that you can restore the files after you make the RAID. You will have to make a new ext2 filesystem on the original /usr (in this case /dev/hda2) partition.
umount /usr. When you went to single-user mode, the processes that were using the /usr partition should have been stopped. If you can't unmount /usr, determine which processes are still using /usr and stop them.
Use fdisk or an equivalent partition manager to toggle the file system type of the /usr partition on the original disk to fd (Linux RAID autodetect). The new disk was set to type fd in step 1.
Create /etc/raidtab with an entry for the /usr partition array (Listing 1). (Note that if you use Emacs, or some other editor that lives in /usr, you'll have to make do with vi or something else that lives in /bin.)
Make the new RAID-1 /usr array, using mkraid /dev/md0. Now type cat /proc/mdstat, which should indicate md0 : active RAID1 hdc2 hda2. You will see a progress meter measuring the state of the mirroring process. The RAID code knows nothing about what is actually on its disks, so it is now copying all the data from /dev/hda2 to /dev/hdc2. This copying happens transparently in the background, so you can now go to step 8 and format the device.
Create an ext2 filesystem on /dev/md0 using the command mke2fs /dev/md0. Do not mke2fs on the RAID-1 component partitions, in this case /dev/hda2 and /dev/hdc2. If you do not create an ext2 filesystem on /dev/md0, then e2fsck /dev/md0 will return an error message, something like this:
The filesystem size (according to the superblock) is 2104483 blocks. The physical size of the device is 2104384 blocks. Either the superblock or the partition table is likely to be corrupt.
This is because mkraid writes the RAID superblock near the end of the component partitions. e2fsck does not recognize the RAID superblock that has caused the physical size to be smaller. You can mount /dev/md0 at this point, and even use /usr, but the ext2 filesystem superblock contains incorrect information. You may not notice problems but you should not use the filesystem in this state. You will not be able to boot and mount /dev/md0 unless you turn off the filesystem checking by making the appropriate entry in fstab (e.g., /dev/md0 /usr ext2 defaults 1 0). The 0 at the end of the line causes e2fsck to be skipped. Do not do this unless you have to fix your RAID. Make /dev/md0 an ext2 filesystem.
Mount /dev/md0 /usr.
Copy the contents of /var/usr.save (or wherever) to /usr.
To mount the RAID-1 /usr array /dev/md0 on boot, edit the /etc/fstab file. The line should look something like /dev/md0 /usr ext2 defaults 1 2.
Go to multi-user mode (init 3), and you're now using the /usr RAID-1 array.
At this point, you can reboot the system to test the RAID-1 /usr array boot configuration. When you reboot you should see something like the following in the boot.log and dmesg:
md: RAID1 personality registered as nr 3', 'md: md driver 0.90.0 MAX_MD_DEVS=256, MD_SB_DISKS=27', 'md: Autodetecting RAID arrays.', 'md: considering hdc2 ...', 'md: adding hdc2 ...', 'md: adding hda2 ...', 'md: created md0', 'RAID1: RAID set md0 active with 2 out of 2 mirrors', '......', 'fsck: /dev/md0: clean', 'rc.sysinit: Mounting local filesystems: succeeded.
Instead of copying the /usr partition to a temporary location, you may rely on the failed-disk directive and mark the existing disk (the one with the data) as failed-disk 0 and the new disk as RAID-disk 1. Then mkraid and make an ext2 filesystem on the RAID array. The failed disk will be ignored by the RAID code. Then mount the RAID device on a temporary mountpoint as a normal ext2 partition, and copy over the /usr content. Umount the failed disk, and use raidhotadd to add it to the new RAID array. Mount the RAID device as /usr, and go back to multi-user status. This is a more risky procedure than copying the files to a different partition. If you make a mistake in raidtab, you could overwrite the existing partition. And if the disk is completely full, an undesirable situation in any case, you may have problems when the RAID superblock is written; we did not test this case.
Listing 1. The /etc/raidtab with an entry for the /usr partition raiddev /dev/md0
RAID-level 1 nr-RAID-disks 2 persistent-superblock 1 chunk-size 4 device /dev/hda2 RAID-disk 0 device /dev/hdc2 RAID-disk 1 mdctl
The above example uses raidtools version 0.90.0 and relies on /proc/mdstat and the system logs to monitor the RAID-1 arrays. mdctl is another tool that can be used to create, control and monitor Linux md devices (aka RAID arrays) . We did not use mdctl to create our RAID-1 arrays, but we did use it to learn more about our RAID devices. You can get mdctl-0.5 at www.cse.unsw.edu.au/~neilb/source/mdctl. To learn more about mdctl search http://groups.google.com/ using the query +author:email@example.com +mdctl.
Use the command mdctl --examine /dev/hda2 to print the content of the md superblock on the device. Use the command mdctl --detail /dev/md0 to print the details of a given md array.
To deactivate the RAID-1 array, use the command raidstop /dev/md0. In some cases this does not work. For example, /dev/md0 is not mounted, but an error message says device busy. In this case, mdctl --stop /dev/md0 may work. Note, unmount the RAID-1 device before you stop the array. If you don't, your system may hang. Deactivating the RAID device halts all synchronization. An inactive RAID device cannot be mounted.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Ubuntu Online Summit
- Devuan Beta Release
- The Qt Company's Qt Start-Up
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- Download "Linux Management with Red Hat Satellite: Measuring Business Impact and ROI"
- May 2016 Issue of Linux Journal
- The US Government and Open-Source Software
- BitTorrent Inc.'s Sync
- New Container Image Standard Promises More Portable Apps
- Open-Source Project Secretly Funded by CIA
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide