draft part 6

author: Paul Buetow <paul@buetow.org> 2025-05-25 14:30:13 +0300
committer: Paul Buetow <paul@buetow.org> 2025-05-25 14:30:13 +0300
commit: 4b4ed45523e386ab841f9aa3a806b25af8dc0b47 (patch)
tree: d76e0aafb42975b5c4d7133fe71b8567a79b7611 /gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.gmi.tpl
parent: 788ab3d95f46c3d72752c30e054268610e5a7e88 (diff)
1 files changed, 129 insertions, 0 deletions
diff --git a/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.gmi.tpl b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.gmi.tpl
new file mode 100644
index 00000000..4b515157
--- /dev/null
+++ b/gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.gmi.tpl
@@ -0,0 +1,129 @@
+# f3s: Kubernetes with FreeBSD - Part 6: Storage
+
+> Published at 2025-04-04T23:21:01+03:00
+
+This is the sixth blog post about the f3s series for self-hosting demands in a home lab. f3s? The "f" stands for FreeBSD, and the "3s" stands for k3s, the Kubernetes distribution used on FreeBSD-based physical machines.
+
+<< template::inline::index f3s-kubernetes-with-freebsd-part
+
+=> ./f3s-kubernetes-with-freebsd-part-1/f3slogo.png f3s logo
+
+<< template::inline::toc
+
+## Introduction
+
+In this blog post, we are going to extend the Beelinks with some additional storage.
+
+Some photos here, describe why there are 2 different models of SSD drives (replication etc)
+
+```
+paul@f0:/ % doas camcontrol devlist
+<512GB SSD D910R170>               at scbus0 target 0 lun 0 (pass0,ada0)
+<Samsung SSD 870 EVO 1TB SVT03B6Q>  at scbus1 target 0 lun 0 (pass1,ada1)
+<Generic Flash Disk 8.07>          at scbus2 target 0 lun 0 (da0,pass2)
+paul@f0:/ %
+```
+
+```
+paul@f1:/ % doas camcontrol devlist
+<512GB SSD D910R170>               at scbus0 target 0 lun 0 (pass0,ada0)
+<CT1000BX500SSD1 M6CR072>          at scbus1 target 0 lun 0 (pass1,ada1)
+<Generic Flash Disk 8.07>          at scbus2 target 0 lun 0 (da0,pass2)
+paul@f1:/ %
+```
+
+## UFS Setup
+
+```sh
+paul@f0:/ % doas newfs /dev/da0
+/dev/da0: 15000.0MB (30720000 sectors) block size 32768, fragment size 4096
+        using 24 cylinder groups of 625.22MB, 20007 blks, 80128 inodes.
+        with soft updates
+super-block backups (for fsck_ffs -b #) at:
+ 192, 1280640, 2561088, 3841536, 5121984, 6402432, 7682880, 8963328, 10243776,
+11524224, 12804672, 14085120, 15365568, 16646016, 17926464, 19206912,k 20487360,
+...
+
+paul@f0:/ % echo '/dev/da0 /keys ufs rw 0 2' | doas tee -a /etc/fstab
+/dev/da0 /keys ufs rw 0 2
+paul@f0:/ % doas mkdir /keys
+paul@f0:/ % doas mount /keys
+paul@f0:/ % df | grep keys
+/dev/da0             14877596       8  13687384     0%    /keys
+```
+
+## ZFS Setup
+
+```sh
+paul@f0:/dev % doas zpool create -m /data zdata /dev/ada1
+paul@f0:/dev % zpool list
+NAME    SIZE  ALLOC   FREE  CKPOINT  EXPANDSZ   FRAG    CAP  DEDUP    HEALTH  ALTROOT
+zdata   928G   432K   928G        -         -     0%     0%  1.00x    ONLINE  -
+zroot   472G  19.8G   452G        -         -     0%     4%  1.00x    ONLINE  -
+
+```
+
+### Encryption
+
+USB key for key location
+
+```sh
+paul@f0:/keys % doas vm stop rocky
+Sending ACPI shutdown to rocky
+
+paul@f0:/keys % doas vm list
+NAME     DATASTORE  LOADER     CPU  MEMORY  VNC  AUTO     STATE
+rocky    default    uefi       4    14G     -    Yes [1]  Stopped
+
+
+paul@f0:/keys % doas zfs rename zroot/bhyve zroot/bhyve_old
+paul@f0:/keys % doas zfs set mountpoint=/mnt zroot/bhyve_old
+paul@f0:/keys % doas zfs snapshot zroot/bhyve_old/rocky@hamburger
+
+
+paul@f0:/keys % doas openssl rand -out /keys/`hostname`:bhyve.key 32
+paul@f0:/keys % doas openssl rand -out /keys/`hostname`:zdata.key 32
+paul@f0:/keys % ls -ltr
+total 8
+-rw-r--r--  1 root wheel 16 May 25 11:54 f0.lan.buetow.org:bhyve.key
+-rw-r--r--  1 root wheel 16 May 25 11:54 f0.lan.buetow.org:zdata.key
+
+paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:bhyve.key zroot/bhyve
+paul@f0:/keys % doas zfs create -o encryption=on -o keyformat=raw -o keylocation=file:///keys/`hostname`:zdata.key zdata/enc
+paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve zroot/bhyve
+paul@f0:/keys % doas zfs set mountpoint=/zroot/bhyve/rocky zroot/bhyve/rocky
+
+paul@f0:/keys % doas zfs send zroot/bhyve_old/rocky@hamburger | doas zfs recv zroot/bhyve/rocky
+paul@f0:/keys % doas cp -Rp /mnt/.config /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.img /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.templates /zroot/bhyve/
+paul@f0:/keys % doas cp -Rp /mnt/.iso /zroot/bhyve/
+```
+
+Copied over all tkeys from the partner node to each node, so ther aer:
+
+```sh
+paul@f0:/keys % doas chown root *
+paul@f0:/keys % doas chmod 400 *
+paul@f0:/keys % ls -ltr
+total 24
+-r--------  1 root paul 16 May 25 11:56 f0.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:56 f0.lan.buetow.org:bhyve.key
+-r--------  1 root paul 16 May 25 11:56 f1.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:56 f1.lan.buetow.org:bhyve.key
+-r--------  1 root paul 16 May 25 11:57 f2.lan.buetow.org:zdata.key
+-r--------  1 root paul 16 May 25 11:57 f2.lan.buetow.org:bhyve.key
+
+```
+
+
+
+Backup of the keys on the key locations (all keys on all 3 USB keys)
+
+Other *BSD-related posts:
+
+<< template::inline::rindex bsd
+
+E-Mail your comments to `paul@nospam.buetow.org`
+
+=> ../ Back to the main site
author	Paul Buetow <paul@buetow.org>	2025-05-25 14:30:13 +0300
committer	Paul Buetow <paul@buetow.org>	2025-05-25 14:30:13 +0300
commit	4b4ed45523e386ab841f9aa3a806b25af8dc0b47 (patch)
tree	d76e0aafb42975b5c4d7133fe71b8567a79b7611 /gemfeed/DRAFT-f3s-kubernetes-with-freebsd-part-6.gmi.tpl
parent	788ab3d95f46c3d72752c30e054268610e5a7e88 (diff)