Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

[SOLVED] Adding a new disk to an encrypted LVM?

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help!
View previous topic :: View next topic  
Author Message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Wed Jul 04, 2012 10:15 pm    Post subject: [SOLVED] Adding a new disk to an encrypted LVM? Reply with quote

Hi,

I have a little HP Proliant microserver running ubuntu server and when I installed it I used encrypted LVM. I now want to add a new 2TB disk. I have added the disk to the box and can see it with fdisk -l.

The next thing I want to do is add it to the existing volume group so I have one big drive (I'll make backups on an external device using unison as not much will change each day).

The LVM commands seem straight forward (pvcreate, followed by vgextend I think), but what I'm not sure about is how to handle encryption. Do I run cryptsetup first then the LVM commands? Do I use the same password as for the current harddrive and do they figure out they are working together or will I need to enter the password twice?

Can someone help?

Thanks.


Last edited by daudi on Sat Jul 07, 2012 7:35 pm; edited 1 time in total
Back to top
View user's profile Send private message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Fri Jul 06, 2012 8:28 pm    Post subject: Partial success: 2Tb added, then borked my system. Help?! Reply with quote

I made a backup which took hours to copy, used cryptsetup with the same password as the original disk, then pvcreate etc. to create the physical volume and add the new drive. Then I used resize2fs while the system was mounted and ended up with my 2Tb added to my system. It all went completely smoothly and I started questioning myself for wasting hours doing the backup.

Then I rebooted. Ah. I was prompted to enter the password of the original drive as usual but then got a message saying:

Code:
Couldn't find devive with uuid xxxxxetc
Found volume group "jua" using metadata type lvm2
Refusing activation of partial LV group root.


Then it drops me out to busybox.

I've clearly missed a step somewhere. I think I need a way of telling my system to prompt for the password of the second (new) disk. But I don't know where to add this from within the busybox environment.

Can anyone help me to get started?

Thanks.
Back to top
View user's profile Send private message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Fri Jul 06, 2012 10:12 pm    Post subject: Reply with quote

Baby steps... I booted from a live distro, used
Code:
cryptsetup luksOpen <device>
to unlock both drives, then
Code:
apt-get install lvm2
and was able to see the physical volumes, logical volumes and volume groups. I tried to mount the main volume group and it was not recognised. Then I noticed that it was marked as "not available". Using
Code:
vgchange -a y <device>
I made it available and was then able to mount it and see all the files on it.

So the next thing to figure out is how to get a prompt at boot to open the new disk. I think I need to play with crypttab but that will have to wait until tomorrow. At least I feel I can sleep tonight.
Back to top
View user's profile Send private message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Sat Jul 07, 2012 8:43 am    Post subject: Reply with quote

Nope, adding a line to crypttab doesn't help. I still only get asked for the password to the first disk, I think because this is listed as the root in the boot parameters in grub.conf.

I tried adding a keyfile hoping that at boot it would be possible for both discs to access the same file, but again the path to the keyfile is specified in the boot parameters in grub.conf

So then I thought about backing out of this and removing the new disk. But pvdisplay shows that all extents are in use and there is not enough space on the original disk to use pvmove (even though most of the disk is actually free, there are few files on it).

I've sure learnt a lot over the last 24 hours about crypsetup and lvm! But I don't know what to try next, other than to wipe the drives, reinstall from scratch and restore my backup of /home.

I think that the answer to my original question is: lvm over encryption does not work for the root filesystem. I think I'll need to use the new disk only for /home.
Back to top
View user's profile Send private message
nelz
Site admin


Joined: Mon Apr 04, 2005 12:52 pm
Posts: 8455
Location: Warrington, UK

PostPosted: Sat Jul 07, 2012 12:15 pm    Post subject: Reply with quote

I prefer to do it the other way round, LVM on unencrypted devices then encrypted filesystems on the LVM volumes. It's simpler and you can save overhead by not encrypting filesystems that don't need it.
_________________
"Insanity: doing the same thing over and over again and expecting different results." (Albert Einstein)
Back to top
View user's profile Send private message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Sat Jul 07, 2012 12:55 pm    Post subject: Reply with quote

That sounds promising. I have it this way round because that is how it happened with the ubuntu server install. I'll read up about doing the other way around, it does sound easier to manage (and surprises me that ubuntu doesn't do it this way).


Thanks.
Back to top
View user's profile Send private message
daudi



Joined: Sat Dec 16, 2006 11:00 pm
Posts: 59
Location: Maidstone, Kent, UK

PostPosted: Sat Jul 07, 2012 7:28 pm    Post subject: Reply with quote

Having done a complete backup I decided to have a little play with my system. I couldn't remove the new disk because there were extents in use and insufficient space on the original drive for pvmove, so I decided to try to shrink the logical volume, move it, then remove the disk from the volume group... and it worked! This is what I did (based on http://www.linuxquestions.org/questions/linux-newbie-8/removing-physical-disk-from-lvm-via-pvmove-707477/):
Code:
e2fsck -f /dev/mapper/jua-root
resize2fs /dev/mapper/jua-root 100G
lvreduce /dev/mapper/jua-root -L 110G
resize2fs /dev/mapper/jua-root
pvmove /dev/mapper/wd (I think)
vgreduce jua /dev/mapper/wd

where jua is the volume group, wd is the luksOpened new disk.

I rebooted, entered my password and now have my original system back again. Linux is truly amazing.

Tomorrow I'll resize my original system back up to 250Gb and then add the new drive a /home.
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Help! All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast