[root@node2 ~]# cryptsetup luksFormat /dev/vdb1 创建/dev/vdb1加密分区
WARNING!
This will overwrite data on /dev/vdb1 irrevocably.
Are you sure? (Type uppercase yes): YES 加密YES
Enter passphrase:
Verify passphrase:
redhat123456
[root@node2 ~]# cryptsetup open /dev/vdb1 westos 打开westos加密分区
Enter passphrase for /dev/vdb1:
redhat123456
[root@node2 ~]# ls /dev/mapper/ 查看加密文件
control westos
[root@node2 ~]# mkfs.xfs /dev/mapper/westos
meta-data=/dev/mapper/westos isize=256 agcount=2, agsize=6144 blks
= sectsz=512 attr=2, projid32bit=1
= crc=0
data = bsize=4096 blocks=12288, imaxpct=25
= sunit=0 swidth=0 blks
naming =version 2 bsize=4096 ascii-ci=0 ftype=0
log =internal log bsize=4096 blocks=853, version=2
= sectsz=512 sunit=0 blks, lazy-count=1
realtime =none extsz=4096 blocks=0, rtextents=0
[root@node2 ~]# mount /dev/mapper/westos /mnt/ 用加密用户挂载
[root@node2 ~]# touch /mnt/file{1..10}
[root@node2 ~]# ls /mnt/
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[root@node2 ~]# umount /mnt/
[root@node2 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3155640 7318260 31% /
devtmpfs 469344 0 469344 0% /dev
tmpfs 484932 472 484460 1% /dev/shm
tmpfs 484932 12816 472116 3% /run
tmpfs 484932 0 484932 0% /sys/fs/cgroup
[root@node2 ~]# ls /mnt/
加密挂载必须要添加
[root@node2 ~]# cryptsetup close westo 关闭密分区挂载
[root@node2 ~]# ll /dev/mapper/
total 0
crw——-. 1 root root 10, 236 Apr 29 22:42 control
[root@node2 ~]# cryptsetup open /dev/vdb1 westos
Enter passphrase for /dev/vdb1:
[root@node2 ~]# mount /dev/mapper/westos /mnt/
显示挂载
[root@node2 ~]# df
Filesystem 1K-blocks Used Available Use% Mounted on
/dev/vda1 10473900 3155592 7318308 31% /
devtmpfs 469344 0 469344 0% /dev
tmpfs 484932 472 484460 1% /dev/shm
tmpfs 484932 12816 472116 3% /run
tmpfs 484932 0 484932 0% /sys/fs/cgroup
/dev/mapper/westos 45740 2552 43188 6% /mnt
[root@node2 ~]# ls /mnt/
file1 file10 file2 file3 file4 file5 file6 file7 file8 file9
[root@node2 ~]#
0 0 不备份 不检测
加密分区开机挂载
vim /root/diskpass 写入密码
chmod 600 /root/diskpass 改变密码
cryptsetup luksAddKey /dev/vdb1 /root/diskpass
vim /etc/crypttab vim crypttab文件
1 westos /dev/vdb1 /root/diskpass 第一行
vim /etc/fstab
10 /dev/mapper/westos /mnt xfs defaults 0 0
df
/dev/mapper/westos 45740 2552 43188 6% /mnt
umount /mnt/
reboot
df
/dev/mapper/westos 45740 2552 43188 6% /mnt
fdisk -l
cat /var/log/boot.log 查看启动文件
df
重新启动失败的话 开机
删除10 /dev/mapper/westos /mnt xfs defaults 0 0
删除加密分区配置
umount /mnt/
vim /etc/fstab
删除里面的内容
vim /etc/crypttab
删除里面的内容
rm -fr /root/diskpass
mkfs.xfs /dev/vdb1 -f
mkfs.xfs /dev/vdb1
cryptsetup luksRemoveKey /dev/vdb
cryptsetup luksRemovekey /dev/
cryptsetup close westos
mkfs.xfs /dev/vdb1 -f
cryptsetup luksRemoveKey /dev/vdb1
两个硬盘一起读写 磁盘阵列
0 写入速度快 1 一块写 一块读
5 最少三块硬盘 两快硬盘相同 双通道
fdisk /dev/vdb
输入t 选择fd
配置磁盘阵列
Device Boot Start End Blocks Id System
/dev/vdb1 2048 2099199 1048576 fd Linux raid autodetect
/dev/vdb2 2099200 4196351 1048576 fd Linux raid autodetect
/dev/vdb3 4196352 6293503 1048576 fd Linux raid autodetect
硬盘3闲载
mdadm -C /dev/md0 -a yes -l 1 -n 2 -x 1 /dev/vdb{1..3}