Difference between pages "OpenSSH Key Management, Part 3" and "ZFS as Root Filesystem"

Introduction

This tutorial will show you how to install Funtoo on ZFS (rootfs). This tutorial is meant to be an "overlay" over the Regular Funtoo Installation. Follow the normal installation and only use this guide for steps 2, 3, and 8.

Introduction to ZFS

Since ZFS is a new technology for Linux, it can be helpful to understand some of its benefits, particularly in comparison to BTRFS, another popular next-generation Linux filesystem:

• On Linux, the ZFS code can be updated independently of the kernel to obtain the latest fixes. btrfs is exclusive to Linux and you need to build the latest kernel sources to get the latest fixes.

• ZFS is supported on multiple platforms. The platforms with the best support are Solaris, FreeBSD and Linux. Other platforms with varying degrees of support are NetBSD, Mac OS X and Windows. btrfs is exclusive to Linux.

• ZFS has the Adaptive Replacement Cache replacement algorithm while btrfs uses the Linux kernel's Last Recently Used replacement algorithm. The former often has an overwhelmingly superior hit rate, which means fewer disk accesses.

• ZFS has the ZFS Intent Log and SLOG devices, which accelerates small synchronous write performance.

• ZFS handles internal fragmentation gracefully, such that you can fill it until 100%. Internal fragmentation in btrfs can make btrfs think it is full at 10%. Btrfs has no automatic rebalancing code, so it requires a manual rebalance to correct it.

• ZFS has raidz, which is like RAID 5/6 (or a hypothetical RAID 7 that supports 3 parity disks), except it does not suffer from the RAID write hole issue thanks to its use of CoW and a variable stripe size. btrfs gained integrated RAID 5/6 functionality in Linux 3.9. However, its implementation uses a stripe cache that can only partially mitigate the effect of the RAID write hole.

• ZFS send/receive implementation supports incremental update when doing backups. btrfs' send/receive implementation requires sending the entire snapshot.

• ZFS supports data deduplication, which is a memory hog and only works well for specialized workloads. btrfs has no equivalent.

• ZFS datasets have a hierarchical namespace while btrfs subvolumes have a flat namespace.

• ZFS has the ability to create virtual block devices called zvols in its namespace. btrfs has no equivalent and must rely on the loop device for this functionality, which is cumbersome.

The only area where btrfs is ahead of ZFS is in the area of small file efficiency. btrfs supports a feature called block suballocation, which enables it to store small files far more efficiently than ZFS. It is possible to use another filesystem (e.g. reiserfs) on top of a ZFS zvol to obtain similar benefits (with arguably better data integrity) when dealing with many small files (e.g. the portage tree).

For a quick tour of ZFS and have a big picture of its common operations you can consult the page ZFS Fun.

Disclaimers

Downloading the ISO (With ZFS)

In order for us to install Funtoo on ZFS, you will need an environment that already provides the ZFS tools. Therefore we will download a customized version of System Rescue CD with ZFS included.

Name: sysresccd-4.2.0_zfs_0.6.2.iso  (545 MB)
Release Date: 2014-02-25
md5sum 01f4e6929247d54db77ab7be4d156d85

Download System Rescue CD with ZFS

Creating a bootable USB from ISO (From a Linux Environment)

After you download the iso, you can do the following steps to create a bootable USB:

Make a temporary directory
root # mkdir /tmp/loop

Mount the iso
root # mount -o ro,loop /root/sysresccd-4.2.0_zfs_0.6.2.iso /tmp/loop

Run the usb installer
root # /tmp/loop/usb_inst.sh

That should be all you need to do to get your flash drive working.

Booting the ISO

Creating partitions

There are two ways to partition your disk: You can use your entire drive and let ZFS automatically partition it for you, or you can do it manually.

We will be showing you how to partition it manually because if you partition it manually you get to create your own layout, you get to have your own separate /boot partition (Which is nice since not every bootloader supports booting from ZFS pools), and you get to boot into RAID10, RAID5 (RAIDZ) pools and any other layouts due to you having a separate /boot partition.

gdisk (GPT Style)

A Fresh Start:

First lets make sure that the disk is completely wiped from any previous disk labels and partitions. We will also assume that /dev/sda is the target drive.

root # sgdisk -Z /dev/sda

Now that we have a clean drive, we will create the new layout.

First open up the application:

root # gdisk /dev/sda

Create Partition 1 (boot):

Command: n ↵
Partition Number: ↵
First sector: ↵
Last sector: +250M ↵
Hex Code: ↵

Create Partition 2 (BIOS Boot Partition):

Command: n ↵
Partition Number: ↵
First sector: ↵
Last sector: +32M ↵
Hex Code: EF02 ↵

Create Partition 3 (ZFS):

Command: n ↵
Partition Number: ↵
First sector: ↵
Last sector: ↵
Hex Code: bf00 ↵

Command: p ↵

Number  Start (sector)    End (sector)  Size       Code  Name
   1            2048          514047   250.0 MiB   8300  Linux filesystem
   2          514048          579583   32.0 MiB    EF02  BIOS boot partition
   3          579584      1953525134   931.2 GiB   BF00  Solaris root

Command: w ↵

Format your /boot partition

root # mkfs.ext2 -m 1 /dev/sda1

Create the zpool

We will first create the pool. The pool will be named `tank` and the disk will be aligned to 4096 (using ashift=12)

root # zpool create -f -o ashift=12 -o cachefile= -O compression=on -m none -R /mnt/funtoo tank /dev/sda3

Create the zfs datasets

We will now create some datasets. For this installation, we will create a small but future proof amount of datasets. We will have a dataset for the OS (/), and your swap. We will also show you how to create some optional datasets: /home, /var, /usr/src, and /usr/portage.

Create some empty containers for organization purposes, and make the dataset that will hold /
root # zfs create -p tank/funtoo
root # zfs create -o mountpoint=/ tank/funtoo/root

Optional, but recommended datasets: /home
root # zfs create -o mountpoint=/home tank/funtoo/home

Optional datasets: /usr/src, /usr/portage/{distfiles,packages}
root # zfs create -o mountpoint=/usr/src tank/funtoo/src
root # zfs create -o mountpoint=/usr/portage -o compression=off tank/funtoo/portage
root # zfs create -o mountpoint=/usr/portage/distfiles tank/funtoo/portage/distfiles
root # zfs create -o mountpoint=/usr/portage/packages tank/funtoo/portage/packages

Create your swap zvol

For modern machines that have greater than 4 GB of RAM, A swap size of 2G should be enough. However if your machine doesn't have a lot of RAM, the rule of thumb is either 2x the RAM or RAM + 1 GB.

For this tutorial we will assume that it is a newer machine and make a 2 GB swap.

root # zfs create -o sync=always -o primarycache=metadata -o secondarycache=none -o volblocksize=4K -V 2G tank/swap

Format your swap zvol

root # mkswap -f /dev/zvol/tank/swap
root # swapon /dev/zvol/tank/swap

Now we will continue to install funtoo.

Installing Funtoo

Pre-Chroot

Go into the directory that you will chroot into
root # cd /mnt/funtoo

Make a boot folder and mount your boot drive
root # mkdir boot
root # mount /dev/sda1 boot

Now download and extract the Funtoo stage3 ...

Once you've extracted the stage3, do a few more preparations and chroot into your new funtoo environment:

Bind the kernel related directories
root # mount -t proc none proc
root # mount --rbind /dev dev
root # mount --rbind /sys sys

Copy network settings
root # cp -f /etc/resolv.conf etc

Make the zfs folder in 'etc' and copy your zpool.cache
root # mkdir etc/zfs
root # cp /etc/zfs/zpool.cache etc/zfs

Chroot into Funtoo
root # env -i HOME=/root TERM=$TERM chroot . bash -l

In Chroot

Create a symbolic link to your mountpoints
root # ln -sf /proc/mounts /etc/mtab

Sync your tree
root # emerge --sync

Add filesystems to /etc/fstab

Before we continue to compile and or install our kernel in the next step, we will edit the /etc/fstab file because if we decide to install our kernel through portage, portage will need to know where our /boot is, so that it can place the files in there.

Edit /etc/fstab:

# <fs>                  <mountpoint>    <type>          <opts>          <dump/pass>

/dev/sda1               /boot           ext2            defaults        0 2
/dev/zvol/tank/swap     none            swap            sw              0 0

Kernel Configuration

...wip

Installing the ZFS userspace tools and kernel modules

Emerge No results. This package will bring in No results, and No results as its dependencies:

root # emerge zfs

Check to make sure that the zfs tools are working. The zpool.cache file that you copied before should be displayed.

root # zpool status
root # zfs list

If everything worked, continue.

Create the initramfs

There are two ways to do this, you can use "genkernel" or "bliss-initramfs". Both will be shown.

genkernel

Install genkernel and run it:

root # emerge genkernel

You only need to add --luks if you used encryption
root # genkernel --zfs --luks initramfs

Installing & Configuring the Bootloader

GRUB 2 (Optional if you are using another bootloader)

root # emerge grub

You can check that grub is version 2.00 by typing the following command:

root # grub-install --version
grub-install (GRUB) 2.00

Now install grub to the drive itself (not a partition):

root # grub-install /dev/sda

You should receive the following message:

Installation finished. No error reported.

You should now see some a grub directory with some files inside your /boot folder:

root # ls -l /boot/grub
total 2520
-rw-r--r-- 1 root root    1024 Jan  4 16:09 grubenv
drwxr-xr-x 2 root root    8192 Jan 12 14:29 i386-pc
drwxr-xr-x 2 root root    4096 Jan 12 14:28 locale
-rw-r--r-- 1 root root 2555597 Feb  4 11:50 unifont.pf2

LILO (Optional if you are using another bootloader)

To install lilo you can type the following:

root # emerge lilo

boot-update

boot-update comes as a dependency of grub2, so if you already installed grub, it's already on your system!

Genkernel

If your using genkernel you must add 'real_root=ZFS=<root>' and 'dozfs' to your params. Example entry for /etc/boot.conf:

"Funtoo ZFS" {
        kernel vmlinuz[-v]
        initrd initramfs-genkernel-x86_64[-v]
        params real_root=ZFS=tank/funtoo/root
        params += dozfs=force
        # Also add 'params += crypt_root=/dev/sda3' if you used encryption
        # Adjust the above setting to your system if needed

        # You should also add 'root=none' to your params (not 'params +=') if you plan to use it along with boot-update
        # If root variable will not be set, boot-update will fail to generate boot.conf
        # This is right for <=sys-boot/boot-update-1.6.11 on 16.08.2014 date
}

Bliss Initramfs Creator

If you used Bliss Initramfs Creator then all you need to do is add 'root=<root>' to your params. Example entry for /etc/boot.conf:

"Funtoo ZFS" {
        kernel vmlinuz[-v]
        initrd initrd[-v]
        params root=tank/funtoo/root quiet
        # If you have an encrypted device with a regular passphrase,
        # you can add the following line
        params += enc_root=/dev/sda3 enc_type=pass
}

After editing /etc/boot.conf, you just need to run boot-update to update grub.cfg

root # boot-update

bliss-boot

This is a new program that is designed to generate a simple, human-readable/editable, configuration file for a variety of bootloaders. It currently supports grub2, extlinux, and lilo.

You can install it via the following command:

root # emerge bliss-boot

Bootloader Configuration

In order to generate our bootloader configuration file, we will first configure bliss-boot so that it knows what we want. The 'bliss-boot' configuration file is located in /etc/bliss-boot/conf.py. Open that file and make sure that the following variables are set appropriately:

# This should be set to the bootloader you installed earlier: (grub2, extlinux, and lilo are the available options)
bootloader = "grub2"

# This should be set to the kernel you installed earlier
default = "3.12.13-KS.02" 

Scroll all the way down until you find 'kernels'. You will need to add the kernels and the options you want for these kernels here. Below are a few configuration options depending if you are using bliss-initramfs or genkernel.

Genkernel

kernel = {
    '3.12.13-KS.02' : 'real_root=ZFS=tank/funtoo/root dozfs=force quiet',
}

If you are using encryption you can add the crypt_root option:

kernel = {
    '3.12.13-KS.02' : 'real_root=ZFS=tank/funtoo/root dozfs=force crypt_root=/dev/sda3 quiet',
}

Bliss Initramfs Creator

kernel = {
    '3.12.13-KS.02' : 'root=tank/funtoo/root quiet',
}

If you are using encryption then you would let the initramfs know:

1. "What type of encryption authentication you want to use? (enc_type=)

• pass = will ask for passphrase directly
• key = a plain unencrypted key file
• key_gpg = an encrypted key file

1. "Where is the encrypted drive?" (enc_root=)
2. "Where is the root pool after it has been decrypted?" (root=)

kernel = {
    '3.12.13-KS.02' : 'root=tank/funtoo/root enc_root=/dev/sda3 enc_type=pass quiet',
}

Generate the configuration

Now that we have configure our /etc/bliss-boot/conf.py file, we can generate our config. Simply run the following command:

root # bliss-boot

This will generate a configuration file for the bootloader you specified previously in your current directory. You can check your config file before hand to make sure it doesn't have any errors. Simply open either: grub.cfg, extlinux.conf, or lilo.conf.

Once you have checked it for errors, place this file in the correct directory:

• grub2 = /boot/grub/
• extlinux = /boot/extlinux/
• lilo = /etc/lilo.conf

LILO (Optional if you are using another bootloader)

Now that bliss-boot generated the lilo.conf file, move that config file to its appropriate location and install lilo to the MBR:

root # mv lilo.conf /etc
root # lilo

You should see the following:

Warning: LBA32 addressing assumed
Added Funtoo + *
One warning was issued

Final configuration

Add the zfs tools to openrc

root # rc-update add zfs boot

Clean up and reboot

We are almost done, we are just going to clean up, set our root password, and unmount whatever we mounted and get out.

Delete the stage3 tarball that you downloaded earlier so it doesn't take up space.
root # cd /
root # rm stage3-latest.tar.xz

Set your root password
root # passwd
>> Enter your password, you won't see what you are writing (for security reasons), but it is there!

Get out of the chroot environment
root # exit

Unmount all the kernel filesystem stuff and boot (if you have a separate /boot)
root # umount -l proc dev sys boot

Turn off the swap
root # swapoff /dev/zvol/tank/swap

Export the zpool
root # cd /
root # zpool export tank

Reboot
root # reboot

and that should be enough to get your system to boot on ZFS.

After reboot

Forgot to reset password?

System Rescue CD

If you aren't using bliss-initramfs, then you can reboot back into your sysresccd and reset through there by mounting your drive, chrooting, and then typing passwd.

Example:

root # zpool import -f -R /mnt/funtoo tank
root # chroot /mnt/funtoo bash -l
root # passwd
root # exit
root # zpool export -f tank
root # reboot

Using bliss-initramfs

If you forgot to reset your password and are using bliss-initramfs, you can add the su option to your bootloader parameters and the initramfs will throw you into the rootfs of your drive. In there you can run 'passwd' and then type 'exit'. Once you type 'exit', the initramfs will continue to boot your system as normal.

Create initial ZFS Snapshot

Continue to set up anything you need in terms of /etc configurations. Once you have everything the way you like it, take a snapshot of your system. You will be using this snapshot to revert back to this state if anything ever happens to your system down the road. The snapshots are cheap, and almost instant.

To take the snapshot of your system, type the following:

root # zfs snapshot -r tank@install

To see if your snapshot was taken, type:

root # zfs list -t snapshot

If your machine ever fails and you need to get back to this state, just type (This will only revert your / dataset while keeping the rest of your data intact):

root # zfs rollback tank/funtoo/root@install

Troubleshooting

Starting from scratch

If your installation has gotten screwed up for whatever reason and you need a fresh restart, you can do the following from sysresccd to start fresh:

Destroy the pool and any snapshots and datasets it has
root # zpool destroy -R -f tank

This deletes the files from /dev/sda1 so that even after we zap, recreating the drive in the exact sector
position and size will not give us access to the old files in this partition.
root # mkfs.ext2 /dev/sda1
root # sgdisk -Z /dev/sda

Now start the guide again :).