ZFS Changing from /dev/ada to /dev/gpt

nimo · Monday at 4:29 PM

Hi,

I am using FreeBSD 14.1 with ZFS in mirror configuration on GELI encrypted partitions. My root-pool looks like this:

NAME STATE READ WRITE CKSUM
zroot ONLINE 0 0 0
mirror-0 ONLINE 0 0 0
ada0p2.eli ONLINE 0 0 0
ada4p2.eli ONLINE 0 0 0

How would I go about changing references to using GPT-labels instead?

Thanks in advance!

T-Daemon · Monday at 6:39 PM

nimo said:
ZFS in mirror configuration on GELI encrypted partitions.

How would I go about changing references to using GPT-labels instead?

It's not possible.

GPT labels don't work with geli(8) providers initialized with the "-g" or "-b" option, which is the case with guided Root-on-ZFS installation:

/usr/libexec/bsdinstall/zfsboot

Rich (BB code):

201 GELI_PASSWORD_GELIBOOT_INIT='geli init -bg -e %s -J - -l 256 -s 4096 "%s"'

The "-g" option can't be excluded, it is necessary to boot the root filesystem from the encrypted providers.

I can't tell why, but GPT labels have an effect in a later stage of the boot process. From /etc/fstab and/or /etc/rc.conf.
Example:

/etc/fstab

Code:

/dev/gpt/swap0.eli        none    swap    sw      0   0
/dev/gpt/swap1.eli        none    swap    sw      0   0

Encrypted swap devices are created automatically without initialization. See fstab(5) ".eli devices".

/etc/rc.conf

Code:

geli_groups="zstorage"
geli_zstorage_devices="gpt/zstorage0 gpt/zstorage1"

gpt/zstorage0|1 are initialized without "-bg" options. See /etc/defaults/rc.conf for more geli(8) examples.

Code:

 # geli status
            Name  Status  Components
       ada0p4.eli  ACTIVE  ada0p4
       ada1p4.eli  ACTIVE  ada1p4
    gpt/swap0.eli  ACTIVE  gpt/swap0
    gpt/swap1.eli  ACTIVE  gpt/swap1
gpt/zstorage0.eli  ACTIVE  gpt/zstorage0
gpt/zstorage1.eli  ACTIVE  gpt/zstorage1

ada0p4.eli and ada1p4.eli are the providers for mirror Root-on-ZFS.

T-Daemon · Monday at 7:36 PM

I just remembered following post from Thread from-device-name-to-gpt-name.87147

E

ZFS Post in thread 'From device name to GPT name'

Sep 30, 2024

As of now, no export/import dance is needed and it even works without rebooting:

# zpool set path=/dev/gpt/<label> <pool> <vdev>

You could set a cosmetic workaround in /etc/rc.local for example:

Code:

zpool set path=/dev/gpt/zfs0.eli  zroot ada0p4.eli
zpool set path=/dev/gpt/zfs0.eli  zroot ada1p4.eli

zpool set path= doesn't survice a reboot when geli(8). Device name in path can be arbitrary, see post # 16 from thread.

Code:

 # zpool status zroot
 pool: zroot
 state: ONLINE
config:

        NAME              STATE     READ WRITE CKSUM
        zroot             ONLINE       0     0     0
          mirror-0        ONLINE       0     0     0
            gpt/zfs0.eli  ONLINE       0     0     0
            gpt/zfs1.eli  ONLINE       0     0     0

errors: No known data errors

freejlr · Monday at 11:02 PM

Curious, I didn't know about that path parameter since I don't see it mentioned in zpoolprops(7), and when I get all the pool parameters with a get it's not visible either.

In this case, what I always do when I have a mirrored pool is to detach a vdev, rename it and reattach it. Once the resilver is finished, I do the same procedure with the other vdev.

nimo · 2025-01-08T10:31:26+0000

T-Daemon said:
GPT labels don't work with geli(8) providers initialized with the "-g" or "-b" option, which is the case with guided Root-on-ZFS installation:

I cannot remember if I did manual install or guided root-on-ZFS -- this was back in 2016 (I think) -- but my notes say that I initialised geli with "-b" -- does this mean there is no way then to rename geli device?

T-Daemon · 2025-01-08T12:10:57+0000

nimo said:
I cannot remember if I did manual install or guided root-on-ZFS -- this was back in 2016 (I think) -- but my notes say that I initialised geli with "-b"

The exact provider initialize options can be queried with geli list. i.e. -bg options:

Code:

 # geli list | grep -e name -e Flags
Geom name: nda0p3.eli
Flags: BOOT, GELIBOOT, AUTORESIZE

BOOT = -b
GELIBOOT = -g

nimo said:
does this mean there is no way then to rename geli device?

Renaming is not the problem. In case of geli(8), the boot loader can't handle device labels (names) like GPT label (gpart(8)) or glabel(8) labels. Labels have an effect later in the boot process (see post # 2)

It's possible to initialize and attach the geli(8) provider by device name (ie. ada0p1) or label (gpart(8) - /dev/gpt/<label> , glabel(8) - /dev/label/<label>), later attached with both, name and label.

A provider can even be subsequently labeled (or renamed) and attached (not with glabel(8), it would overwrite the geli(8) metadata at the end of the provider. Though, the provider can be glabel(8)ed, before it is initialized, but not renamed, after initialization ).

T-Daemon · 2025-01-08T13:23:59+0000

freejlr said:
Curious, I didn't know about that path parameter since I don't see it mentioned in zpoolprops(7)

That property is mentioned in vdevprops(7) 107 path The path to the device for this vdev

freejlr said:
when I get all the pool parameters with a get it's not visible either.

Setting the "path" property is not logged in zpool-history(8) either.

freejlr said:
In this case, what I always do when I have a mirrored pool is to detach a vdev, rename it and reattach it. Once the resilver is finished, I do the same procedure with the other vdev.

This doesn't work with geli(8) options "-bg" encrypted provider. The boot loader can't handle attaching geli(8) provider by labels, see post # 2.

On a running system or advanced boot stage, geli(8)) attaching the provider by device label (manually or by /etc/fstab , /etc/rc.conf script) is possible. However, the labels dont survive a system restart when the providers are configured with -b|g options.

Example geli(8) encrypted root-on-ZFS mirror:

Rich (BB code):

       NAME            STATE     READ WRITE CKSUM
        zroot           ONLINE       0     0     0
          mirror-0      ONLINE       0     0     0
            ada0p4.eli  ONLINE       0     0     0
            ada1p4.eli  ONLINE       0     0     0

# zpool detach zroot ada1p4.eli
# geli detach ada1p4
# geli attach gpt/zfs1
# zpool attach zroot ada0p4.eli  gpt/zfs1.eli

       NAME              STATE     READ WRITE CKSUM
        zroot             ONLINE       0     0     0
          mirror-0        ONLINE       0     0     0
            ada0p4.eli    ONLINE       0     0     0
            gpt/zfs1.eli  ONLINE       0     0     0

After a reboot gpt/zfs1.eli is back to ada1p4.eli.