Jason Sidabras

So for quite some time I’ve been dreaming of a perfect backup system. Luckily my current RAIDbox at work was no longer cutting the mustard so I decided to upgrade… big time.

As the system goes:

• Intel Core2 Duo 2.56GHz
• 1 GB DDR2-4200 RAM
• Giga-byte GA-945GCM-S2 Mobo
• Areca ARC-1220 SATA raid controller 8-port
• Seagate ES 250GB
• 5x Seagate ES 1TB

In other words, “Thank you work”.

Well OpenBSD 4.3 has been out since November May and I’ve been meaning to pick it up. So since I need a secure, lock-tight RAID system I went with the only logical choice.

Obviously over the years I’ve supported the OpenBSD team in various ways, but by adding OpenBSD to the RAIDBox I guarantee a purchase of the latest and greatest OpenBSD by work.

The case that I went with was a little bigger than I origionally anticipated, the orgional Lion was not for sale at CDW, so I went with a pretty nice standard case and right off the bat upgraded to a much larger power supply to handle the drives.

The advantage of this case is I have room for three more 1TB drives on the inside of the case. Notice the lame IDE cdrom drive not getting its jollies in my case!

The key of all of this is the 5 port hot-swap sata drive holder which takes up 3 5.25″ bays.

This is what will make the four-drive RAID 5 with hot-swap spare awesome. If anything goes wrong *knock-on-wood* a simple hourly cron script checks the status of the raid controller with sysctl(8). So worse comes to worse I will know in one hour if a drive has failed and I can make sure the raid is rebuilding and order a new part.

Once everything is installed the extra power cords all tuck into the 3.25″ drive bays. With a huge 8cm fan in the back, a standard cpu fan and fan for the sata drives this thing has plenty of air-flow with not that much noise. Truthfully, I can’t hear it running.

The next step was to turn her on… after forgetting the 12V power connection to the motherboard I was set to go. After about 4 hours I had a 2.6TB raid created with a hot-spare drive.

Before I made my decision on what card to purchase, I’ve did a lot of research for price/performance/support. Areca beat the crap out of the competition in all two categories and had full Openbsd support with arc(4). I highly recommend them.

Getting OpenBSD to boot was a cinch. I actually installed it first with x86 then decided to run amd64 (x86_64) support. No problems, especially when you know the install guide almost by heart.

Two potential problems awaited after bootup. The first was that the boot partition had to be ffs1 which couldn’t be on a large drive, I knew this going into it. Solution: The 250 GB sata drive connected to the motherboard is my installed drive. The second was if the ffs2 support had fully developed in the amd64 port, 3 hours later and I knew my answer: yes! Now ffs2 is a major improvement in formating speed ( use `newfs -o 2 /dev/device` ) because at home it took 6 hours for ffs1 for 300 GB.

After the computer was set up and the raid device was thrown into fstab I had to start creating users. I debated putting them in the standard /home/ but instead they now reside in the raid drive at /pub_raid/username. This then allowed me to chroot ftpd(8) and have the users only allowed within their home directory with a very limited set of commands. This will work well in the future if I start giving access to people on the floor I don’t trust. With a few simple config files in /etc/ I was able to add users to the ftp list, chroot them, eliminate guest for ftp and lock everything down.

The command sudo only is allowed with my username and root has a 20 character [a-zA-Z0-9!@#$%^&*()<>?:] password. Crack that ya hoes. The ssh prompt is also shut off from the outside world for root, thanks to the secure by default philosophy of OpenBSD. Michael is totally right. I thought it was disable by default. It is now disable in sshd_config(5). I guess it wouldn’t make sense to disable it by default.

The last thing I did was uses the pkg_add to add subversion and rsync. I removed all of my personal files from a third party server and put them in the svn directory in my ~. Ultimately I trust myself over anyone else.

The only thing missing is a UPS. But shortly I will be getting one and I plan on setting it up to email me and gracefully shut down the server after 20 minutes of power failure. I will be looking to see which UPS OpenBSD supports.

That’s about it. I now have an ominous black box in my microwave lab under lock and key. The system has been up for over a week and I’ve flawlessly copied my data and two colleagues data over. This looks like a nice long term solution.

Over the years I can start to replace the 1TB drives with larger drives and eventually I should be able to increase the ffs2 partition similar to a logical drive in linux. This is because my understanding is that UFS is the bottom layer of the file system and ffs is the user-space. As long as the raid controller adds more “unused disk space” i should be able to utilize it. That will have to be a blog for the future.

Ask any questions about the system. I will either answer in the comments or as an update to this blog.

I will add the final picture of where it sits tomorrow. Enjoy!

You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.