FreeNAS 11.3 encrypted pools may have been destroyed during detach/import.

Status
Not open for further replies.
S

Shaun Atkins

Cadet
Joined
Dec 10, 2018
Messages
3
Running FreeNAS-11.3-MASTER-201812080938-1d8e892, and using the GUI I detached an encrypted 6 disk RAIDZ2 volume, and an encrypted 3 Disk RAIDZ1 volume with "Also delete the share’s configuration" checked. I made sure that "Mark the disks as new (destroy data)" was UNCHECKED.

Somewhere during the procedure it appears that both the encrypted volumes got nuked.

I did the same thing with an UN-encrypted 6 disk RAIDZ2 and it detached and imported fine.

I was reading bug #21728 from over a year ago, and it appears that this may have happened. I have tried geli list, gpart show, geli dump /dev/da1, but it appears that the metadata has been erased, as if the disks were marked as new.

I have the passphrase, geli.key and geli_recovery.key to both pools. I'm hoping there is something I missed that somebody here could point out, but right now it seems like I'm sunk.

Thanks for reading. My first post, please go easy.
 
Ericloewe

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
To recover the encrypted pool, you'd need the GELI metadata along with the recovery key or the regular key plus the passphrase. You'll want to check the end of your disks to see if there's GELI metadata there - if not, you'll need the backup.

For unencrypted pools (or unlocked pools), zpool imprt -D should be able to fix the damage.
 
S

Shaun Atkins

Cadet
Joined
Dec 10, 2018
Messages
3
I try to keep everything updated. I even survived taking encrypted pools through Corral and back, but I never had anything like this happen. The RAIDZ1 was 2 days old, I had just finished copying data from a pool that had failing drives.
 
S

Shaun Atkins

Cadet
Joined
Dec 10, 2018
Messages
3
I wish I'd known about the GELI metadata and backed it up. Is there any chance of data recovery being able to recover the metadata?

I've tried importing with -D, but zpool doesn't see any pool at all.
 
Ericloewe

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,194
There's a difference between "updated" and "bleeding edge".
Shaun Atkins said:
Is there any chance of data recovery being able to recover the metadata?
Click to expand...
Maybe, but it'd be expensive since it's presumably been overwritten.
 
Status
Not open for further replies.

Similar threads

E
  • Locked
Import encrypted volume after detach
Replies
14
Views
3K
El Under
E
J
FreeNAS-11.3-U5 - Procedure for replacing encrypted pool drive is NOT properly documented
Replies
1
Views
2K
jasn
J
G
  • Locked
Cannot (re-)attach encrypted zfs volume
Replies
8
Views
2K
Cheejyg
Cheejyg
MacLemon
  • Locked
Migrating encrypted pool to new (larger) encrypted pool
Replies
6
Views
3K
IceBoosteR
IceBoosteR
arameen
  • Locked
Can't import/unlock encrypted zpool anymore
Replies
5
Views
4K
arameen
arameen
Top