Comments (7)
Thanks everyone, sandro's PR plus my recent PR have solved the remaining issues with altroots and encryption keys respectively, so I think everything has been answered :D
from disko.
I've recently tried using disko to manage some VMs. This worked great so now I want to use it to manage my more complex ZFS based setups, too. But before I start I was hoping you can shed some light onto some questions that have popped up as I'm currently not sure whether disko is ready for ZFS "in production". I'm also reluctant to test these things before knowing more.
* Why is there a `mountpoint` attribute on the zpool? This doesn't make any intuitive sense to me, as pools don't have mountpoints. It seems like the default is `null` so I figure disko expects me to always set this?
One can set a mountpoint on the toplevel dataset, if you don't supply a mountpoint here, this dataset is ignored.
* It seems to me like "disko create" and "disko mount" are supposed to only be used once when setting up a new system. Is this correct?
disko create
yes, disko mount
you could also use if you want to access your system from a recovery system.
* Is disko guaranteeing creation order as listed such that I can reliably specify datasets with children? As the datasets are not specified as a list, I am unsure whether there is a ordering guarantee at all. (I'd for example need `rpool/home` (empty parent) and `rpool/home/myuser1`, `rpool/home/myuser2`, so creation order is important)
I think so, but I am unsure here.
* Is there a specific reason why `_mount` is not using altroots (`zpool create/import -R /mnt`) and `zfs mount` as recommended by ZFS? It looks like all mounting is done manually for some reason.
zfs mount
does not work with legacy mounts afaik. This way both types of dataset can handled by one mount call. Actually the zfs kernel ends up calling the mount binary eventually anyway because vfs_mount is a GPL symbol. In Nixos since we don't use zfs systemd mount generator, all zfs filesystem have be mountable through mount()
anyway.
* It also occurred to me that encryption keys are not imported or regarded in many commands, so I am wondering whether encryption is supported at all (will prompts be shown?).
I think you can pass keyformat=passphrase
as a dataset option but you would need to provide the password than manually. Otherwise keylocation=file:///root/zfs_key
should also work.
I'd of course be willing to contribute any changes I have to make to get it to work, but at this point I cannot judge what is intentional and what isn't. I don't fully understand what "guarantees" disko assumes for its
create
andmount
actions, and I couldn't find any documentation apart from the README. Any help would be appreciated.
from disko.
Thanks for the quick response!
I think so, but I am unsure here.
Do you have any idea on how we could proceed to verify this?
zfs mount
does not work with legacy mounts afaik. This way both types of dataset can handled by one mount call. Actually the zfs kernel ends up calling the mount binary eventually anyway because vfs_mount is a GPL symbol.
I see, I didn't expect anyone to still use legacy mounts with ZFS when creating new disk layouts today.
In Nixos since we don't use zfs systemd mount generator, all zfs filesystem have be mountable through
mount()
anyway.
From the NixOS wiki entry about ZFS: "zfs-mount service is enabled by default on NixOS 22.05."
This would lead me to believe that nixos is not requiring legacy mounts, or am I mistaken?
But what's more important to me is that using mount
in the way it is currently used in disko prevents automatically loading the key for encrypted datasets. zpool import -l
and zfs mount -l
would prompt for the passphrase if necessary, which would be required to support mounting encrypted datasets in a recovery situation. Currently the mount just fails.
* It also occurred to me that encryption keys are not imported or regarded in many commands, so I am wondering whether encryption is supported at all (will prompts be shown?).
I think you can pass
keyformat=passphrase
as a dataset option but you would need to provide the password than manually. Otherwisekeylocation=file:///root/zfs_key
should also work.
(Related to previous point)
That's what I'm doing right now. For my personal machine I require keyformat=passphrase
, which works when creating the datasets initially, but fails afterwards when using disko mount in case the rpool is exported.
EDIT: Technically a zfs load-key -a
call would also suffice, but one would need to make sure that only the relevant keys are loaded instead of all keys (in case other disks are present)
from disko.
I think so, but I am unsure here.
Do you have any idea on how we could proceed to verify this?
the datasets are ordered in alphabetical order. which should good for all usecases (since "/" comes before "/data"). lib.attrValues gets values from attrsets in alphabetical order. Hopefully this answers your question :)
from disko.
Yes, thanks!
from disko.
zfs load-key -a
or something that is more granular and just tries to import the pool would indeed make sense.
from disko.
FYI #211
from disko.
Related Issues (20)
- Support lvm cache types
- support typed restriction of lv creation to specific pvs
- Config works in VM using installTest but install fails on hardware HOT 6
- examples without hard-coded devices HOT 1
- The option `disko.devices.disko' does not exist error HOT 1
- Can't change default `networking.hostId` value when using`zpool` disko config HOT 5
- `randomEncryption` does not support extended configuration from NixOS module
- Incompatibility of `nixosModules.hardware-amazon` with disko configuration HOT 4
- Bug?: Example "btrfs-subvolumes" can be misleading: "/" cannot be created in the subvolumes section HOT 2
- Intermittent "target is busy" when creating btrfs subvolumes HOT 6
- Example swap.nix enables mutually exclusive options randomEncryption and resumeDevice.
- trace: warning: mdadm: Neither MAILADDR nor PROGRAM has been set. This will cause the `mdmon` service to crash. HOT 1
- postCreateHook for btrfs HOT 13
- Support for bcachefs encryption HOT 1
- `disko-create` and `disko-mount` scripts not created HOT 3
- Adding separate swap partition breaks ZFS pool HOT 9
- upgrade to 23.11 forgets "raid1" module in initrd HOT 1
- README instruction on which command to run
- Alignment HOT 3
- ZFS module not loaded in diskoLib.makeDiskImages HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from disko.