os/doc
3
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Initial prep work for Storage chapter.

Browse source 
Many more commits to come.

Sponsored by: iXsystems
This commit is contained in:
Dru Lavigne 2014-03-21 20:34:38 +00:00
parent 5680cdf3b7
commit df2e7c75f6
Notes: svn2git 2020-12-08 03:00:23 +00:00 
svn path=/head/; revision=44323
1 changed files with 23 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

105
en_US.ISO8859-1/books/handbook/disks/chapter.xml
View file

@ -602,9 +602,6 @@ umass0: detached</screen>
<secondary>creating</secondary>
</indexterm>
<sect2>
<title>Introduction</title>
<para>CD media provide a number of features that differentiate
them from conventional disks. Initially, they were not
writable by the user. They are designed so that they can be
@ -663,7 +660,6 @@ umass0: detached</screen>
<application>K3b</application> require the
<link linkend="atapicam">ATAPI/CAM module</link> with ATAPI
hardware.</para>
</sect2>
<sect2 xml:id="mkisofs">
<title><application>mkisofs</application></title>
@ -1136,9 +1132,6 @@ cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c
<secondary>burning</secondary>
</indexterm>
<sect2>
<title>Introduction</title>
<para>Compared to the CD, the DVD is the next generation of
optical media storage technology. The DVD can hold more data
than any CD and is the standard for video publishing.</para>
@ -1195,7 +1188,6 @@ cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c
the DVD-Video player are compatible with the media under
consideration.</para>
</note>
</sect2>
<sect2>
<title>Configuration</title>
@ -1513,19 +1505,12 @@ cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c
<secondary>DVD-RAM</secondary>
</indexterm>
<sect3>
<title>Configuration</title>
<para>DVD-RAM writers can use either a SCSI or ATAPI
interface. For ATAPI devices, DMA access has to be
enabled by adding the following line to
<filename>/boot/loader.conf</filename>:</para>
<programlisting>hw.ata.atapi_dma="1"</programlisting>
</sect3>
<sect3>
<title>Preparing the Media</title>
<para>A DVD-RAM can be seen as a removable hard drive. Like
any other hard drive, the DVD-RAM must be formatted before
@ -1538,10 +1523,6 @@ cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c
<para>The DVD device, <filename>acd0</filename>, must be
changed according to the configuration.</para>
</sect3>
<sect3>
<title>Using the Media</title>
<para>Once the DVD-RAM has been formatted, it can be mounted
as a normal hard drive:</para>
@ -1550,7 +1531,6 @@ cd0: Attempt to query device size failed: NOT READY, Medium not present - tray c
<para>Once mounted, the DVD-RAM will be both readable and
writeable.</para>
</sect3>
</sect2>
</sect1>
@ -2660,31 +2640,36 @@ Filesystem 1K-blocks Used Avail Capacity Mounted on
<title>Disk Encryption with
<application>gbde</application></title>
<procedure>
<step>
<para>Configuring <application>gbde</application> requires
superuser privileges.</para>
<para><application>gbde</application> encrypts the sector payload using 128-bit
AES in CBC mode. Each sector on the disk is encrypted with
a different AES key. For more information on the
cryptographic design, including how the sector keys are
derived from the user-supplied passphrase, refer to
&man.gbde.4;.</para>
<screen>&prompt.user; <userinput>su -</userinput>
Password:</screen>
</step>
<note>
<para>&man.sysinstall.8; is incompatible with
<application>gbde</application>-encrypted devices. All
<filename>*.bde</filename>
devices must be detached from the kernel before starting
&man.sysinstall.8; or it will crash during its initial
probing for devices. To detach the encrypted device used in
the example, use the following command:</para>
<screen>&prompt.root; <userinput>gbde detach /dev/ad4s1c</userinput></screen>
</note>
<para>&os; provides a kernel module for
<application>gbde</application> which can be loaded with
this command:</para>
<screen>&prompt.root; <userinput>kldload geom_bde</userinput></screen>
<step>
<para>If using a custom kernel configuration file, ensure it
contains this line:</para>
<para><literal>options GEOM_BDE</literal></para>
<para>If the kernel already contains this support, use
<command>kldload</command> to load &man.gbde.4;:</para>
<screen>&prompt.root; <userinput>kldload geom_bde</userinput></screen>
</step>
</procedure>
<sect3>
<title>Preparing the Encrypted Hard Drive</title>
<para>The following example demonstrates adding a new hard
drive to a system that will hold a single encrypted
partition. This partition will be mounted as
@ -2856,7 +2841,6 @@ Filesystem Size Used Avail Capacity Mounted on
/dev/ad4s1c.bde 150G 4.1K 138G 0% /private</screen>
</step>
</procedure>
</sect3>
<sect3>
<title>Mounting Existing Encrypted File Systems</title>
@ -2900,9 +2884,6 @@ Filesystem Size Used Avail Capacity Mounted on
</step>
</procedure>
<sect4>
<title>Automatically Mounting Encrypted Partitions</title>
<para>It is possible to create a script to automatically
attach, check, and mount an encrypted partition, but for
security reasons the script should not contain the
@ -2924,34 +2905,6 @@ gbde_lockdir="/etc/gbde"</programlisting>
<application>gbde</application> encrypted partition will
be mounted automatically. This can be useful when using
<application>gbde</application> on laptops.</para>
</sect4>
</sect3>
<sect3>
<title>Cryptographic Protections Employed by
<command>gbde</command></title>
<para>&man.gbde.8; encrypts the sector payload using 128-bit
AES in CBC mode. Each sector on the disk is encrypted with
a different AES key. For more information on the
cryptographic design, including how the sector keys are
derived from the user-supplied passphrase, refer to
&man.gbde.4;.</para>
</sect3>
<sect3>
<title>Compatibility Issues</title>
<para>&man.sysinstall.8; is incompatible with
<application>gbde</application>-encrypted devices. All
<filename>*.bde</filename>
devices must be detached from the kernel before starting
&man.sysinstall.8; or it will crash during its initial
probing for devices. To detach the encrypted device used in
the example, use the following command:</para>
<screen>&prompt.root; <userinput>gbde detach /dev/ad4s1c</userinput></screen>
</sect3>
</sect2>
@ -3331,9 +3284,6 @@ Device 1K-blocks Used Avail Capacity
<secondary>high availability</secondary>
</indexterm>
<sect2>
<title>Synopsis</title>
<para>High availability is one of the main requirements in
serious business applications and highly-available storage is
a key component in such environments. Highly Available
@ -3396,7 +3346,6 @@ Device 1K-blocks Used Avail Capacity
GmbH</link> and <link
xlink:href="http://www.transip.nl/">TransIP
BV</link>.</para>
</sect2>
<sect2>
<title>HAST Features</title>
@ -3496,9 +3445,6 @@ Device 1K-blocks Used Avail Capacity
is not up-to-date or an I/O error occurs. In such case, the
read operation is sent to the secondary node.</para>
<sect3>
<title>Synchronization and Replication Modes</title>
<para><acronym>HAST</acronym> tries to provide fast failure
recovery. For this reason, it is very important to reduce
synchronization time after a node's outage. To provide fast
@ -3539,7 +3485,6 @@ Device 1K-blocks Used Avail Capacity
latency is too high for other modes.</para>
</listitem>
</itemizedlist>
</sect3>
</sect2>
<sect2>
@ -3912,9 +3857,6 @@ esac</programlisting>
<sect2>
<title>Troubleshooting</title>
<sect3>
<title>General Troubleshooting Tips</title>
<para><acronym>HAST</acronym> should generally work without
issues. However, as with any other software product, there
may be times when it does not work as supposed. The sources
@ -3930,7 +3872,6 @@ esac</programlisting>
obtained this way. Consider also using
<literal>-F</literal>, which starts &man.hastd.8; in the
foreground.</para>
</sect3>
<sect3 xml:id="disks-hast-sb">
<title>Recovering from the Split-brain Condition</title>