Differences

This shows you the differences between two versions of the page.

--- advanced:target [2018/10/02 21:06] – created admin
+++ advanced:target [2018/10/03 01:15] – dan
@@ Line 3: / Line 3: @@
 Unfortunately, the Ubuntu 18.04 image uses a 32-bit kernel, and the available ZFS packages aren't compatible with a 32-bit kernel.  This means I'll need to compile the ZFS pieces myself, and they're not known to be stable with a 32-bit kernel in any event.  Updates to come.
+===== Rebuild the kernel =====
+To ensure you have the headers for the running kernel installed, run the following commands (taken from the [[https://wiki.odroid.com/odroid-xu4/software/building_kernel#y|Hardkernel wiki]]):
+<code>
+sudo apt update && sudo apt upgrade
+sudo apt install git gcc g++ build-essential
+git clone --depth 1 https://github.com/hardkernel/linux -b odroidxu4-4.14.y
+cd linux
+make odroidxu4_defconfig
+make -j8
+sudo make modules_install
+sudo cp -f arch/arm/boot/zImage /media/boot
+sudo cp -f arch/arm/boot/dts/exynos5422-odroidxu3.dtb /media/boot
+sudo cp -f arch/arm/boot/dts/exynos5422-odroidxu4.dtb /media/boot
+sudo cp -f arch/arm/boot/dts/exynos5422-odroidxu3-lite.dtb /media/boot
+sudo cp .config /boot/config-`make kernelrelease`
+sudo update-initramfs -c -k `make kernelrelease`
+sudo mkimage -A arm -O linux -T ramdisk -C none -a 0 -e 0 -n uInitrd -d /boot/initrd.img-`make kernelrelease` /boot/uInitrd-`make kernelrelease`
+sudo cp /boot/uInitrd-`make kernelrelease` /media/boot/uInitrd
+sync
+</code>
+Then reboot your system to start using the new kernel.
+===== Build ZFS on Linux =====
+These instructions are taken from the [[https://github.com/zfsonlinux/zfs/wiki/Building-ZFS|ZFSonLinux Wiki]].  First, install the necessary dependencies:
+<code>
+sudo apt install build-essential autoconf libtool gawk alien fakeroot zlib1g-dev uuid-dev libattr1-dev libblkid-dev libselinux-dev libudev-dev parted lsscsi ksh libssl-dev libelf-dev
+</code>
+Then download, build, and install the ZFS code:
+<code>
+git clone https://github.com/zfsonlinux/zfs
+cd zfs
+git checkout master
+sh autogen.sh
+./configure
+make -s -j$(nproc)
+sudo make install
+</code>
+Then load the ZFS modules:
+<code>
+sudo modprobe zfs
+</code>
+===== Create the pool =====
+Create your pool.  Make sure to set ''ashift=12''.
+<code>
+zpool create -o ashift=12 dozer /dev/disk/by-id/ata-WDC_WD80EMAZ-00M9AA0_VAGA2PLD
+</code>
+===== Enable encryption, and create an encrypted dataset =====
+The idea of this system is to be a standalone storage "brick", which could be left at a remote location where you might not fully trust the network operator.  ZFS on Linux supports dataset encryption for this purpose, and material for this section is drawn from this [[https://datacenteroverlords.com/2017/12/17/zfs-on-linux-with-encryption-part-2/|blog post]].  You'll first need to enable that feature on your pool:
+<code>
+zpool set feature@encryption=enabled dozer
+</code>
+Then, create the encrypted dataset:
+<code>
+zfs create -o encryption=on -o keylocation=prompt -o keyformat=passphrase dozer/encrypted
+</code>
+The system will prompt you for a passphrase, which you'll need whenever you mount that dataset.  Minimum length is eight characters.
+===== Create a replication user =====
+For the sake of security, it would be best if replication to this device ran as a user other than root.  Start by creating the user:
+<code>
+adduser zfsuser
+</code>
+Disable login for that user:
+<code>
+chsh -s /bin/false zfsuser
+</code>
+Generate a SSH keypair for that user:
+<code>
+sudo -u zfsuser ssh-keygen
+</code>
+Now allow that user to make changes on the encrypted dataset:
+<code>
+zfs allow -u zfsuser create,destroy,snapshot,mount dozer/encrypted
+</code>