Dark's Code Dump

Possibly useful

Debian bootable encrypted RAID 1 with redundancy on /boot

Achieving a MD RAID 1 setup that behaves like a hardware RAID 1 (in terms of booting) is not straight forward. This process worked for me to set up a bootable RAID 1 with LUKS+LVM that keeps /boot automatically in sync as part of the RAID. The desired ordering is Raw Disks > MD RAID > LUKS > LVM.

Other solutions do not sync /boot or require an additional RAID config for /boot. And quite frankly if you are dealing with such faff, you might as well use BTRFS RAID or LVM RAID.

This is probably also applicable to EFI booting if you simply create an EFI partition as well as a /boot partition, but this example is legacy BIOS.

First clear any partition tables on your disks, such as by cat /dev/zero > /dev/sda for some seconds then partprobe.

Then create the RAID array: (1.0 metadata and the lack of partitions are key to this technique)

mdadm --create --verbose --metadata=1.0 --level=1 --raid-devices=2 /dev/md127 /dev/sda /dev/sdb 

Then cfdisk /dev/md127 - create a BIOS boot partition (1MB), a /boot partition of whatever size you desire, and a partition filling the remainder for LVM.

Then run the Debian installer as normal, it will pick up on this RAID configuration and allow you to partition it with LUKS and LVM through the manual GUI partitioner.

Don't forget to install GRUB on both disks. Note that grub-install /dev/md127 does not work - you must invoke grub-install on the disks separately. They still remain in sync as far as the raid is concerned.

Leave a Reply