]>
Commit | Line | Data |
---|---|---|
0235c741 | 1 | [[chapter_zfs]] |
9ee94323 DM |
2 | ZFS on Linux |
3 | ------------ | |
5f09af76 DM |
4 | ifdef::wiki[] |
5 | :pve-toplevel: | |
6 | endif::wiki[] | |
7 | ||
9ee94323 DM |
8 | ZFS is a combined file system and logical volume manager designed by |
9 | Sun Microsystems. Starting with {pve} 3.4, the native Linux | |
10 | kernel port of the ZFS file system is introduced as optional | |
5eba0743 FG |
11 | file system and also as an additional selection for the root |
12 | file system. There is no need for manually compile ZFS modules - all | |
9ee94323 DM |
13 | packages are included. |
14 | ||
5eba0743 | 15 | By using ZFS, its possible to achieve maximum enterprise features with |
9ee94323 DM |
16 | low budget hardware, but also high performance systems by leveraging |
17 | SSD caching or even SSD only setups. ZFS can replace cost intense | |
18 | hardware raid cards by moderate CPU and memory load combined with easy | |
19 | management. | |
20 | ||
21 | .General ZFS advantages | |
22 | ||
23 | * Easy configuration and management with {pve} GUI and CLI. | |
24 | ||
25 | * Reliable | |
26 | ||
27 | * Protection against data corruption | |
28 | ||
5eba0743 | 29 | * Data compression on file system level |
9ee94323 DM |
30 | |
31 | * Snapshots | |
32 | ||
33 | * Copy-on-write clone | |
34 | ||
35 | * Various raid levels: RAID0, RAID1, RAID10, RAIDZ-1, RAIDZ-2 and RAIDZ-3 | |
36 | ||
37 | * Can use SSD for cache | |
38 | ||
39 | * Self healing | |
40 | ||
41 | * Continuous integrity checking | |
42 | ||
43 | * Designed for high storage capacities | |
44 | ||
45 | * Protection against data corruption | |
46 | ||
47 | * Asynchronous replication over network | |
48 | ||
49 | * Open Source | |
50 | ||
51 | * Encryption | |
52 | ||
53 | * ... | |
54 | ||
55 | ||
56 | Hardware | |
57 | ~~~~~~~~ | |
58 | ||
59 | ZFS depends heavily on memory, so you need at least 8GB to start. In | |
60 | practice, use as much you can get for your hardware/budget. To prevent | |
61 | data corruption, we recommend the use of high quality ECC RAM. | |
62 | ||
d48bdcf2 | 63 | If you use a dedicated cache and/or log disk, you should use an |
9ee94323 DM |
64 | enterprise class SSD (e.g. Intel SSD DC S3700 Series). This can |
65 | increase the overall performance significantly. | |
66 | ||
5eba0743 | 67 | IMPORTANT: Do not use ZFS on top of hardware controller which has its |
9ee94323 DM |
68 | own cache management. ZFS needs to directly communicate with disks. An |
69 | HBA adapter is the way to go, or something like LSI controller flashed | |
8c1189b6 | 70 | in ``IT'' mode. |
9ee94323 DM |
71 | |
72 | If you are experimenting with an installation of {pve} inside a VM | |
8c1189b6 | 73 | (Nested Virtualization), don't use `virtio` for disks of that VM, |
9ee94323 | 74 | since they are not supported by ZFS. Use IDE or SCSI instead (works |
8c1189b6 | 75 | also with `virtio` SCSI controller type). |
9ee94323 DM |
76 | |
77 | ||
5eba0743 | 78 | Installation as Root File System |
9ee94323 DM |
79 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
80 | ||
81 | When you install using the {pve} installer, you can choose ZFS for the | |
82 | root file system. You need to select the RAID type at installation | |
83 | time: | |
84 | ||
85 | [horizontal] | |
8c1189b6 FG |
86 | RAID0:: Also called ``striping''. The capacity of such volume is the sum |
87 | of the capacities of all disks. But RAID0 does not add any redundancy, | |
9ee94323 DM |
88 | so the failure of a single drive makes the volume unusable. |
89 | ||
8c1189b6 | 90 | RAID1:: Also called ``mirroring''. Data is written identically to all |
9ee94323 DM |
91 | disks. This mode requires at least 2 disks with the same size. The |
92 | resulting capacity is that of a single disk. | |
93 | ||
94 | RAID10:: A combination of RAID0 and RAID1. Requires at least 4 disks. | |
95 | ||
96 | RAIDZ-1:: A variation on RAID-5, single parity. Requires at least 3 disks. | |
97 | ||
98 | RAIDZ-2:: A variation on RAID-5, double parity. Requires at least 4 disks. | |
99 | ||
100 | RAIDZ-3:: A variation on RAID-5, triple parity. Requires at least 5 disks. | |
101 | ||
102 | The installer automatically partitions the disks, creates a ZFS pool | |
8c1189b6 FG |
103 | called `rpool`, and installs the root file system on the ZFS subvolume |
104 | `rpool/ROOT/pve-1`. | |
9ee94323 | 105 | |
8c1189b6 | 106 | Another subvolume called `rpool/data` is created to store VM |
9ee94323 | 107 | images. In order to use that with the {pve} tools, the installer |
8c1189b6 | 108 | creates the following configuration entry in `/etc/pve/storage.cfg`: |
9ee94323 DM |
109 | |
110 | ---- | |
111 | zfspool: local-zfs | |
112 | pool rpool/data | |
113 | sparse | |
114 | content images,rootdir | |
115 | ---- | |
116 | ||
117 | After installation, you can view your ZFS pool status using the | |
8c1189b6 | 118 | `zpool` command: |
9ee94323 DM |
119 | |
120 | ---- | |
121 | # zpool status | |
122 | pool: rpool | |
123 | state: ONLINE | |
124 | scan: none requested | |
125 | config: | |
126 | ||
127 | NAME STATE READ WRITE CKSUM | |
128 | rpool ONLINE 0 0 0 | |
129 | mirror-0 ONLINE 0 0 0 | |
130 | sda2 ONLINE 0 0 0 | |
131 | sdb2 ONLINE 0 0 0 | |
132 | mirror-1 ONLINE 0 0 0 | |
133 | sdc ONLINE 0 0 0 | |
134 | sdd ONLINE 0 0 0 | |
135 | ||
136 | errors: No known data errors | |
137 | ---- | |
138 | ||
8c1189b6 | 139 | The `zfs` command is used configure and manage your ZFS file |
9ee94323 DM |
140 | systems. The following command lists all file systems after |
141 | installation: | |
142 | ||
143 | ---- | |
144 | # zfs list | |
145 | NAME USED AVAIL REFER MOUNTPOINT | |
146 | rpool 4.94G 7.68T 96K /rpool | |
147 | rpool/ROOT 702M 7.68T 96K /rpool/ROOT | |
148 | rpool/ROOT/pve-1 702M 7.68T 702M / | |
149 | rpool/data 96K 7.68T 96K /rpool/data | |
150 | rpool/swap 4.25G 7.69T 64K - | |
151 | ---- | |
152 | ||
153 | ||
e4262cac AL |
154 | [[sysadmin_zfs_raid_considerations]] |
155 | ZFS RAID Level Considerations | |
156 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
157 | ||
158 | There are a few factors to take into consideration when choosing the layout of | |
159 | a ZFS pool. The basic building block of a ZFS pool is the virtual device, or | |
160 | `vdev`. All vdevs in a pool are used equally and the data is striped among them | |
161 | (RAID0). Check the `zpool(8)` manpage for more details on vdevs. | |
162 | ||
163 | [[sysadmin_zfs_raid_performance]] | |
164 | Performance | |
165 | ^^^^^^^^^^^ | |
166 | ||
167 | Each `vdev` type has different performance behaviors. The two | |
168 | parameters of interest are the IOPS (Input/Output Operations per Second) and | |
169 | the bandwidth with which data can be written or read. | |
170 | ||
171 | A 'mirror' vdev (RAID1) will approximately behave like a single disk in regards | |
172 | to both parameters when writing data. When reading data if will behave like the | |
173 | number of disks in the mirror. | |
174 | ||
175 | A common situation is to have 4 disks. When setting it up as 2 mirror vdevs | |
176 | (RAID10) the pool will have the write characteristics as two single disks in | |
177 | regard of IOPS and bandwidth. For read operations it will resemble 4 single | |
178 | disks. | |
179 | ||
180 | A 'RAIDZ' of any redundancy level will approximately behave like a single disk | |
181 | in regard of IOPS with a lot of bandwidth. How much bandwidth depends on the | |
182 | size of the RAIDZ vdev and the redundancy level. | |
183 | ||
184 | For running VMs, IOPS is the more important metric in most situations. | |
185 | ||
186 | ||
187 | [[sysadmin_zfs_raid_size_space_usage_redundancy]] | |
188 | Size, Space usage and Redundancy | |
189 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
190 | ||
191 | While a pool made of 'mirror' vdevs will have the best performance | |
192 | characteristics, the usable space will be 50% of the disks available. Less if a | |
193 | mirror vdev consists of more than 2 disks, for example in a 3-way mirror. At | |
194 | least one healthy disk per mirror is needed for the pool to stay functional. | |
195 | ||
196 | The usable space of a 'RAIDZ' type vdev of N disks is roughly N-P, with P being | |
197 | the RAIDZ-level. The RAIDZ-level indicates how many arbitrary disks can fail | |
198 | without losing data. A special case is a 4 disk pool with RAIDZ2. In this | |
199 | situation it is usually better to use 2 mirror vdevs for the better performance | |
200 | as the usable space will be the same. | |
201 | ||
202 | Another important factor when using any RAIDZ level is how ZVOL datasets, which | |
203 | are used for VM disks, behave. For each data block the pool needs parity data | |
204 | which is at least the size of the minimum block size defined by the `ashift` | |
205 | value of the pool. With an ashift of 12 the block size of the pool is 4k. The | |
206 | default block size for a ZVOL is 8k. Therefore, in a RAIDZ2 each 8k block | |
207 | written will cause two additional 4k parity blocks to be written, | |
208 | 8k + 4k + 4k = 16k. This is of course a simplified approach and the real | |
209 | situation will be slightly different with metadata, compression and such not | |
210 | being accounted for in this example. | |
211 | ||
212 | This behavior can be observed when checking the following properties of the | |
213 | ZVOL: | |
214 | ||
215 | * `volsize` | |
216 | * `refreservation` (if the pool is not thin provisioned) | |
217 | * `used` (if the pool is thin provisioned and without snapshots present) | |
218 | ||
219 | ---- | |
220 | # zfs get volsize,refreservation,used <pool>/vm-<vmid>-disk-X | |
221 | ---- | |
222 | ||
223 | `volsize` is the size of the disk as it is presented to the VM, while | |
224 | `refreservation` shows the reserved space on the pool which includes the | |
225 | expected space needed for the parity data. If the pool is thin provisioned, the | |
226 | `refreservation` will be set to 0. Another way to observe the behavior is to | |
227 | compare the used disk space within the VM and the `used` property. Be aware | |
228 | that snapshots will skew the value. | |
229 | ||
230 | There are a few options to counter the increased use of space: | |
231 | ||
232 | * Increase the `volblocksize` to improve the data to parity ratio | |
233 | * Use 'mirror' vdevs instead of 'RAIDZ' | |
234 | * Use `ashift=9` (block size of 512 bytes) | |
235 | ||
236 | The `volblocksize` property can only be set when creating a ZVOL. The default | |
237 | value can be changed in the storage configuration. When doing this, the guest | |
238 | needs to be tuned accordingly and depending on the use case, the problem of | |
239 | write amplification if just moved from the ZFS layer up to the guest. | |
240 | ||
241 | Using `ashift=9` when creating the pool can lead to bad | |
242 | performance, depending on the disks underneath, and cannot be changed later on. | |
243 | ||
244 | Mirror vdevs (RAID1, RAID10) have favorable behavior for VM workloads. Use | |
f4abc68a | 245 | them, unless your environment has specific needs and characteristics where |
e4262cac AL |
246 | RAIDZ performance characteristics are acceptable. |
247 | ||
248 | ||
9ee94323 DM |
249 | Bootloader |
250 | ~~~~~~~~~~ | |
251 | ||
1748211a SI |
252 | Depending on whether the system is booted in EFI or legacy BIOS mode the |
253 | {pve} installer sets up either `grub` or `systemd-boot` as main bootloader. | |
69055103 | 254 | See the chapter on xref:sysboot[{pve} host bootladers] for details. |
9ee94323 DM |
255 | |
256 | ||
257 | ZFS Administration | |
258 | ~~~~~~~~~~~~~~~~~~ | |
259 | ||
260 | This section gives you some usage examples for common tasks. ZFS | |
261 | itself is really powerful and provides many options. The main commands | |
8c1189b6 FG |
262 | to manage ZFS are `zfs` and `zpool`. Both commands come with great |
263 | manual pages, which can be read with: | |
9ee94323 DM |
264 | |
265 | ---- | |
266 | # man zpool | |
267 | # man zfs | |
268 | ----- | |
269 | ||
42449bdf TL |
270 | [[sysadmin_zfs_create_new_zpool]] |
271 | Create a new zpool | |
272 | ^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 273 | |
8c1189b6 FG |
274 | To create a new pool, at least one disk is needed. The `ashift` should |
275 | have the same sector-size (2 power of `ashift`) or larger as the | |
9ee94323 DM |
276 | underlying disk. |
277 | ||
eaefe614 FE |
278 | ---- |
279 | # zpool create -f -o ashift=12 <pool> <device> | |
280 | ---- | |
9ee94323 | 281 | |
e06707f2 | 282 | To activate compression (see section <<zfs_compression,Compression in ZFS>>): |
9ee94323 | 283 | |
eaefe614 FE |
284 | ---- |
285 | # zfs set compression=lz4 <pool> | |
286 | ---- | |
9ee94323 | 287 | |
42449bdf TL |
288 | [[sysadmin_zfs_create_new_zpool_raid0]] |
289 | Create a new pool with RAID-0 | |
290 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 291 | |
dc2d00a0 | 292 | Minimum 1 disk |
9ee94323 | 293 | |
eaefe614 FE |
294 | ---- |
295 | # zpool create -f -o ashift=12 <pool> <device1> <device2> | |
296 | ---- | |
9ee94323 | 297 | |
42449bdf TL |
298 | [[sysadmin_zfs_create_new_zpool_raid1]] |
299 | Create a new pool with RAID-1 | |
300 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 301 | |
dc2d00a0 | 302 | Minimum 2 disks |
9ee94323 | 303 | |
eaefe614 FE |
304 | ---- |
305 | # zpool create -f -o ashift=12 <pool> mirror <device1> <device2> | |
306 | ---- | |
9ee94323 | 307 | |
42449bdf TL |
308 | [[sysadmin_zfs_create_new_zpool_raid10]] |
309 | Create a new pool with RAID-10 | |
310 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 311 | |
dc2d00a0 | 312 | Minimum 4 disks |
9ee94323 | 313 | |
eaefe614 FE |
314 | ---- |
315 | # zpool create -f -o ashift=12 <pool> mirror <device1> <device2> mirror <device3> <device4> | |
316 | ---- | |
9ee94323 | 317 | |
42449bdf TL |
318 | [[sysadmin_zfs_create_new_zpool_raidz1]] |
319 | Create a new pool with RAIDZ-1 | |
320 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 321 | |
dc2d00a0 | 322 | Minimum 3 disks |
9ee94323 | 323 | |
eaefe614 FE |
324 | ---- |
325 | # zpool create -f -o ashift=12 <pool> raidz1 <device1> <device2> <device3> | |
326 | ---- | |
9ee94323 | 327 | |
42449bdf TL |
328 | Create a new pool with RAIDZ-2 |
329 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 330 | |
dc2d00a0 | 331 | Minimum 4 disks |
9ee94323 | 332 | |
eaefe614 FE |
333 | ---- |
334 | # zpool create -f -o ashift=12 <pool> raidz2 <device1> <device2> <device3> <device4> | |
335 | ---- | |
9ee94323 | 336 | |
42449bdf TL |
337 | [[sysadmin_zfs_create_new_zpool_with_cache]] |
338 | Create a new pool with cache (L2ARC) | |
339 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 DM |
340 | |
341 | It is possible to use a dedicated cache drive partition to increase | |
342 | the performance (use SSD). | |
343 | ||
8c1189b6 | 344 | As `<device>` it is possible to use more devices, like it's shown in |
9ee94323 DM |
345 | "Create a new pool with RAID*". |
346 | ||
eaefe614 FE |
347 | ---- |
348 | # zpool create -f -o ashift=12 <pool> <device> cache <cache_device> | |
349 | ---- | |
9ee94323 | 350 | |
42449bdf TL |
351 | [[sysadmin_zfs_create_new_zpool_with_log]] |
352 | Create a new pool with log (ZIL) | |
353 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 DM |
354 | |
355 | It is possible to use a dedicated cache drive partition to increase | |
356 | the performance(SSD). | |
357 | ||
8c1189b6 | 358 | As `<device>` it is possible to use more devices, like it's shown in |
9ee94323 DM |
359 | "Create a new pool with RAID*". |
360 | ||
eaefe614 FE |
361 | ---- |
362 | # zpool create -f -o ashift=12 <pool> <device> log <log_device> | |
363 | ---- | |
9ee94323 | 364 | |
42449bdf TL |
365 | [[sysadmin_zfs_add_cache_and_log_dev]] |
366 | Add cache and log to an existing pool | |
367 | ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 368 | |
5dfeeece | 369 | If you have a pool without cache and log. First partition the SSD in |
8c1189b6 | 370 | 2 partition with `parted` or `gdisk` |
9ee94323 | 371 | |
e300cf7d | 372 | IMPORTANT: Always use GPT partition tables. |
9ee94323 DM |
373 | |
374 | The maximum size of a log device should be about half the size of | |
375 | physical memory, so this is usually quite small. The rest of the SSD | |
5eba0743 | 376 | can be used as cache. |
9ee94323 | 377 | |
eaefe614 | 378 | ---- |
237007eb | 379 | # zpool add -f <pool> log <device-part1> cache <device-part2> |
eaefe614 | 380 | ---- |
9ee94323 | 381 | |
42449bdf TL |
382 | [[sysadmin_zfs_change_failed_dev]] |
383 | Changing a failed device | |
384 | ^^^^^^^^^^^^^^^^^^^^^^^^ | |
9ee94323 | 385 | |
eaefe614 FE |
386 | ---- |
387 | # zpool replace -f <pool> <old device> <new device> | |
388 | ---- | |
1748211a | 389 | |
11a6e022 AL |
390 | .Changing a failed bootable device |
391 | ||
392 | Depending on how {pve} was installed it is either using `grub` or `systemd-boot` | |
393 | as bootloader (see xref:sysboot[Host Bootloader]). | |
394 | ||
395 | The first steps of copying the partition table, reissuing GUIDs and replacing | |
396 | the ZFS partition are the same. To make the system bootable from the new disk, | |
397 | different steps are needed which depend on the bootloader in use. | |
1748211a | 398 | |
eaefe614 FE |
399 | ---- |
400 | # sgdisk <healthy bootable device> -R <new device> | |
401 | # sgdisk -G <new device> | |
402 | # zpool replace -f <pool> <old zfs partition> <new zfs partition> | |
11a6e022 AL |
403 | ---- |
404 | ||
44aee838 | 405 | NOTE: Use the `zpool status -v` command to monitor how far the resilvering |
11a6e022 AL |
406 | process of the new disk has progressed. |
407 | ||
42449bdf | 408 | .With `systemd-boot`: |
11a6e022 AL |
409 | |
410 | ---- | |
eaefe614 FE |
411 | # pve-efiboot-tool format <new disk's ESP> |
412 | # pve-efiboot-tool init <new disk's ESP> | |
413 | ---- | |
0daaddbd FG |
414 | |
415 | NOTE: `ESP` stands for EFI System Partition, which is setup as partition #2 on | |
416 | bootable disks setup by the {pve} installer since version 5.4. For details, see | |
417 | xref:sysboot_systemd_boot_setup[Setting up a new partition for use as synced ESP]. | |
9ee94323 | 418 | |
42449bdf | 419 | .With `grub`: |
11a6e022 AL |
420 | |
421 | ---- | |
422 | # grub-install <new disk> | |
423 | ---- | |
9ee94323 DM |
424 | |
425 | Activate E-Mail Notification | |
426 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
427 | ||
428 | ZFS comes with an event daemon, which monitors events generated by the | |
5eba0743 | 429 | ZFS kernel module. The daemon can also send emails on ZFS events like |
5dfeeece | 430 | pool errors. Newer ZFS packages ship the daemon in a separate package, |
e280a948 DM |
431 | and you can install it using `apt-get`: |
432 | ||
433 | ---- | |
434 | # apt-get install zfs-zed | |
435 | ---- | |
9ee94323 | 436 | |
8c1189b6 FG |
437 | To activate the daemon it is necessary to edit `/etc/zfs/zed.d/zed.rc` with your |
438 | favourite editor, and uncomment the `ZED_EMAIL_ADDR` setting: | |
9ee94323 | 439 | |
083adc34 | 440 | -------- |
9ee94323 | 441 | ZED_EMAIL_ADDR="root" |
083adc34 | 442 | -------- |
9ee94323 | 443 | |
8c1189b6 | 444 | Please note {pve} forwards mails to `root` to the email address |
9ee94323 DM |
445 | configured for the root user. |
446 | ||
8c1189b6 | 447 | IMPORTANT: The only setting that is required is `ZED_EMAIL_ADDR`. All |
9ee94323 DM |
448 | other settings are optional. |
449 | ||
450 | ||
42449bdf | 451 | [[sysadmin_zfs_limit_memory_usage]] |
5eba0743 | 452 | Limit ZFS Memory Usage |
9ee94323 DM |
453 | ~~~~~~~~~~~~~~~~~~~~~~ |
454 | ||
5eba0743 | 455 | It is good to use at most 50 percent (which is the default) of the |
d362b7f4 DM |
456 | system memory for ZFS ARC to prevent performance shortage of the |
457 | host. Use your preferred editor to change the configuration in | |
8c1189b6 | 458 | `/etc/modprobe.d/zfs.conf` and insert: |
9ee94323 | 459 | |
5eba0743 FG |
460 | -------- |
461 | options zfs zfs_arc_max=8589934592 | |
462 | -------- | |
9ee94323 DM |
463 | |
464 | This example setting limits the usage to 8GB. | |
465 | ||
466 | [IMPORTANT] | |
467 | ==== | |
5eba0743 FG |
468 | If your root file system is ZFS you must update your initramfs every |
469 | time this value changes: | |
9ee94323 | 470 | |
eaefe614 FE |
471 | ---- |
472 | # update-initramfs -u | |
473 | ---- | |
9ee94323 DM |
474 | ==== |
475 | ||
476 | ||
dc74fc63 | 477 | [[zfs_swap]] |
4128e7ff TL |
478 | SWAP on ZFS |
479 | ~~~~~~~~~~~ | |
9ee94323 | 480 | |
dc74fc63 | 481 | Swap-space created on a zvol may generate some troubles, like blocking the |
9ee94323 DM |
482 | server or generating a high IO load, often seen when starting a Backup |
483 | to an external Storage. | |
484 | ||
485 | We strongly recommend to use enough memory, so that you normally do not | |
dc74fc63 SI |
486 | run into low memory situations. Should you need or want to add swap, it is |
487 | preferred to create a partition on a physical disk and use it as swapdevice. | |
488 | You can leave some space free for this purpose in the advanced options of the | |
489 | installer. Additionally, you can lower the | |
8c1189b6 | 490 | ``swappiness'' value. A good value for servers is 10: |
9ee94323 | 491 | |
eaefe614 FE |
492 | ---- |
493 | # sysctl -w vm.swappiness=10 | |
494 | ---- | |
9ee94323 | 495 | |
8c1189b6 | 496 | To make the swappiness persistent, open `/etc/sysctl.conf` with |
9ee94323 DM |
497 | an editor of your choice and add the following line: |
498 | ||
083adc34 FG |
499 | -------- |
500 | vm.swappiness = 10 | |
501 | -------- | |
9ee94323 | 502 | |
8c1189b6 | 503 | .Linux kernel `swappiness` parameter values |
9ee94323 DM |
504 | [width="100%",cols="<m,2d",options="header"] |
505 | |=========================================================== | |
506 | | Value | Strategy | |
507 | | vm.swappiness = 0 | The kernel will swap only to avoid | |
508 | an 'out of memory' condition | |
509 | | vm.swappiness = 1 | Minimum amount of swapping without | |
510 | disabling it entirely. | |
511 | | vm.swappiness = 10 | This value is sometimes recommended to | |
512 | improve performance when sufficient memory exists in a system. | |
513 | | vm.swappiness = 60 | The default value. | |
514 | | vm.swappiness = 100 | The kernel will swap aggressively. | |
515 | |=========================================================== | |
cca0540e FG |
516 | |
517 | [[zfs_encryption]] | |
4128e7ff TL |
518 | Encrypted ZFS Datasets |
519 | ~~~~~~~~~~~~~~~~~~~~~~ | |
cca0540e FG |
520 | |
521 | ZFS on Linux version 0.8.0 introduced support for native encryption of | |
522 | datasets. After an upgrade from previous ZFS on Linux versions, the encryption | |
229426eb | 523 | feature can be enabled per pool: |
cca0540e FG |
524 | |
525 | ---- | |
526 | # zpool get feature@encryption tank | |
527 | NAME PROPERTY VALUE SOURCE | |
528 | tank feature@encryption disabled local | |
529 | ||
530 | # zpool set feature@encryption=enabled | |
531 | ||
532 | # zpool get feature@encryption tank | |
533 | NAME PROPERTY VALUE SOURCE | |
534 | tank feature@encryption enabled local | |
535 | ---- | |
536 | ||
537 | WARNING: There is currently no support for booting from pools with encrypted | |
538 | datasets using Grub, and only limited support for automatically unlocking | |
539 | encrypted datasets on boot. Older versions of ZFS without encryption support | |
540 | will not be able to decrypt stored data. | |
541 | ||
542 | NOTE: It is recommended to either unlock storage datasets manually after | |
543 | booting, or to write a custom unit to pass the key material needed for | |
544 | unlocking on boot to `zfs load-key`. | |
545 | ||
546 | WARNING: Establish and test a backup procedure before enabling encryption of | |
5dfeeece | 547 | production data. If the associated key material/passphrase/keyfile has been |
cca0540e FG |
548 | lost, accessing the encrypted data is no longer possible. |
549 | ||
550 | Encryption needs to be setup when creating datasets/zvols, and is inherited by | |
551 | default to child datasets. For example, to create an encrypted dataset | |
552 | `tank/encrypted_data` and configure it as storage in {pve}, run the following | |
553 | commands: | |
554 | ||
555 | ---- | |
556 | # zfs create -o encryption=on -o keyformat=passphrase tank/encrypted_data | |
557 | Enter passphrase: | |
558 | Re-enter passphrase: | |
559 | ||
560 | # pvesm add zfspool encrypted_zfs -pool tank/encrypted_data | |
561 | ---- | |
562 | ||
563 | All guest volumes/disks create on this storage will be encrypted with the | |
564 | shared key material of the parent dataset. | |
565 | ||
566 | To actually use the storage, the associated key material needs to be loaded | |
7353437b | 567 | and the dataset needs to be mounted. This can be done in one step with: |
cca0540e FG |
568 | |
569 | ---- | |
7353437b | 570 | # zfs mount -l tank/encrypted_data |
cca0540e FG |
571 | Enter passphrase for 'tank/encrypted_data': |
572 | ---- | |
573 | ||
574 | It is also possible to use a (random) keyfile instead of prompting for a | |
575 | passphrase by setting the `keylocation` and `keyformat` properties, either at | |
229426eb | 576 | creation time or with `zfs change-key` on existing datasets: |
cca0540e FG |
577 | |
578 | ---- | |
579 | # dd if=/dev/urandom of=/path/to/keyfile bs=32 count=1 | |
580 | ||
581 | # zfs change-key -o keyformat=raw -o keylocation=file:///path/to/keyfile tank/encrypted_data | |
582 | ---- | |
583 | ||
584 | WARNING: When using a keyfile, special care needs to be taken to secure the | |
585 | keyfile against unauthorized access or accidental loss. Without the keyfile, it | |
586 | is not possible to access the plaintext data! | |
587 | ||
588 | A guest volume created underneath an encrypted dataset will have its | |
589 | `encryptionroot` property set accordingly. The key material only needs to be | |
590 | loaded once per encryptionroot to be available to all encrypted datasets | |
591 | underneath it. | |
592 | ||
593 | See the `encryptionroot`, `encryption`, `keylocation`, `keyformat` and | |
594 | `keystatus` properties, the `zfs load-key`, `zfs unload-key` and `zfs | |
595 | change-key` commands and the `Encryption` section from `man zfs` for more | |
596 | details and advanced usage. | |
68029ec8 FE |
597 | |
598 | ||
e06707f2 FE |
599 | [[zfs_compression]] |
600 | Compression in ZFS | |
601 | ~~~~~~~~~~~~~~~~~~ | |
602 | ||
603 | When compression is enabled on a dataset, ZFS tries to compress all *new* | |
604 | blocks before writing them and decompresses them on reading. Already | |
605 | existing data will not be compressed retroactively. | |
606 | ||
607 | You can enable compression with: | |
608 | ||
609 | ---- | |
610 | # zfs set compression=<algorithm> <dataset> | |
611 | ---- | |
612 | ||
613 | We recommend using the `lz4` algorithm, because it adds very little CPU | |
614 | overhead. Other algorithms like `lzjb` and `gzip-N`, where `N` is an | |
615 | integer from `1` (fastest) to `9` (best compression ratio), are also | |
616 | available. Depending on the algorithm and how compressible the data is, | |
617 | having compression enabled can even increase I/O performance. | |
618 | ||
619 | You can disable compression at any time with: | |
620 | ||
621 | ---- | |
622 | # zfs set compression=off <dataset> | |
623 | ---- | |
624 | ||
625 | Again, only new blocks will be affected by this change. | |
626 | ||
627 | ||
42449bdf | 628 | [[sysadmin_zfs_special_device]] |
68029ec8 FE |
629 | ZFS Special Device |
630 | ~~~~~~~~~~~~~~~~~~ | |
631 | ||
632 | Since version 0.8.0 ZFS supports `special` devices. A `special` device in a | |
633 | pool is used to store metadata, deduplication tables, and optionally small | |
634 | file blocks. | |
635 | ||
636 | A `special` device can improve the speed of a pool consisting of slow spinning | |
51e544b6 TL |
637 | hard disks with a lot of metadata changes. For example workloads that involve |
638 | creating, updating or deleting a large number of files will benefit from the | |
639 | presence of a `special` device. ZFS datasets can also be configured to store | |
640 | whole small files on the `special` device which can further improve the | |
641 | performance. Use fast SSDs for the `special` device. | |
68029ec8 FE |
642 | |
643 | IMPORTANT: The redundancy of the `special` device should match the one of the | |
644 | pool, since the `special` device is a point of failure for the whole pool. | |
645 | ||
646 | WARNING: Adding a `special` device to a pool cannot be undone! | |
647 | ||
648 | .Create a pool with `special` device and RAID-1: | |
649 | ||
eaefe614 FE |
650 | ---- |
651 | # zpool create -f -o ashift=12 <pool> mirror <device1> <device2> special mirror <device3> <device4> | |
652 | ---- | |
68029ec8 FE |
653 | |
654 | .Add a `special` device to an existing pool with RAID-1: | |
655 | ||
eaefe614 FE |
656 | ---- |
657 | # zpool add <pool> special mirror <device1> <device2> | |
658 | ---- | |
68029ec8 FE |
659 | |
660 | ZFS datasets expose the `special_small_blocks=<size>` property. `size` can be | |
661 | `0` to disable storing small file blocks on the `special` device or a power of | |
662 | two in the range between `512B` to `128K`. After setting the property new file | |
663 | blocks smaller than `size` will be allocated on the `special` device. | |
664 | ||
665 | IMPORTANT: If the value for `special_small_blocks` is greater than or equal to | |
51e544b6 TL |
666 | the `recordsize` (default `128K`) of the dataset, *all* data will be written to |
667 | the `special` device, so be careful! | |
68029ec8 FE |
668 | |
669 | Setting the `special_small_blocks` property on a pool will change the default | |
670 | value of that property for all child ZFS datasets (for example all containers | |
671 | in the pool will opt in for small file blocks). | |
672 | ||
51e544b6 | 673 | .Opt in for all file smaller than 4K-blocks pool-wide: |
68029ec8 | 674 | |
eaefe614 FE |
675 | ---- |
676 | # zfs set special_small_blocks=4K <pool> | |
677 | ---- | |
68029ec8 FE |
678 | |
679 | .Opt in for small file blocks for a single dataset: | |
680 | ||
eaefe614 FE |
681 | ---- |
682 | # zfs set special_small_blocks=4K <pool>/<filesystem> | |
683 | ---- | |
68029ec8 FE |
684 | |
685 | .Opt out from small file blocks for a single dataset: | |
686 | ||
eaefe614 FE |
687 | ---- |
688 | # zfs set special_small_blocks=0 <pool>/<filesystem> | |
689 | ---- |