Wednesday, April 19, 2017

Replacing a failed hard drive in an (encrypted) ZFS Pool on FreeNAS

Disk Failure Email Alert

Device: /dev/ada5, failed to read SMART Attribute Data
Device: /dev/ada5, not capable of SMART self-check
Device: /dev/ada5, Read SMART Self-Test Log Failed
The volume tank (ZFS) state is DEGRADED: One or more devices could not be opened. Sufficient replicas exist for the pool to continue functioning in a degraded state.
Device: /dev/ada5, Read SMART Error Log Failed
Disk went to UNAVAIL on FreeNAS. It was a complete disk failure where the drive would not even turn on.

Checking status of zfs pools:

  pool: tank
 state: DEGRADED
status: One or more devices could not be opened.  Sufficient replicas exist for
 the pool to continue functioning in a degraded state.
action: Attach the missing device and online it using 'zpool online'.
  scan: scrub repaired 0 in 3h22m with 0 errors on Sat Mar 11 15:55:33 2017

 NAME                                                STATE     READ WRITE CKSUM
 tank                                                DEGRADED     0     0     0
   raidz1-0                                          DEGRADED     0     0     0
     gptid/2dc7c53c-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
     gptid/2e7247c8-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
     gptid/2f1f7b49-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
     9773863262585734395                             UNAVAIL      0     0     0  was /dev/gptid/2fa84005-2b99-11e6-94d8-0015177adaa2.eli
     gptid/306d3755-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0

errors: No known data errors

 Here's how to replace the failed disk:
  1.  Offline the disk if you can by going to Storage > Volumes > Select your pool (e.g. tank) > Volume Status (on the status bar at the bottom).  I could not do this since the disk was already unavailable and hence offline
  2. NOTE the disk's name, like ada5xx
  3. Next, navigate to the Storage > View Disks and jot down the disk's serial number.  You will need this to physically identify the disk later.
  4. Shutdown your computer
  5. Physically remove the disk and replace it with a new one. 
  6. Boot up your machine
  7. Go back to  Storage > Volumes > Select your pool (e.g. tank) > Volume Status
  8. Select the defective disk's slot and click on Replace
  9. If it's an encrypted pool, enter your passphrase as well
  10. The resilvering process should start
For encrypted pools, once resilvering is completed do the following to avoid losing the pool on the next reboot. Go to Storage > Volumes > Select your pool containing the new disk

  1. Re-key your pool's encryption passphrase 
  2. Re-create a passphrase
  3. Download your key
  4. Add a recovery key.
For more detailed information, refer to the FreeNAS documentation.

 You can watch the pool rebuilding (resilvering) either on the GUI or on the CLI:

[root@freenas] ~# zpool status tank
  pool: tank
 state: ONLINE
status: One or more devices is currently being resilvered.  The pool will
        continue to function, possibly in a degraded state.
action: Wait for the resilver to complete.
  scan: resilver in progress since Wed Apr 19 21:42:55 2017
        49.1G scanned out of 5.89T at 301M/s, 5h39m to go
        9.79G resilvered, 0.81% done

        NAME                                                STATE     READ WRITE CKSUM
        tank                                                ONLINE       0     0     0
          raidz1-0                                          ONLINE       0     0     0
            gptid/2dc7c53c-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
            gptid/2e7247c8-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
            gptid/2f1f7b49-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0
            gptid/c3e3e9d1-2583-11e7-8b27-0015177adaa2.eli  ONLINE       0     0     0  (resilvering)
            gptid/306d3755-2b99-11e6-94d8-0015177adaa2.eli  ONLINE       0     0     0

errors: No known data errors

Monday, April 29, 2013

Excellent read on cloud management

PCWorld: 21 tips for supercharging your cloud storage.

Monday, December 17, 2012

[Halo] Forerunner Timeline as I understand it

So far, this is how I picture the events to have taken place during the Human-Forerunner and Forerunner-Flood Wars

  • Human-Forerunner War
  • Ur-Didact defeats the Humans and devolves them
  • Discovery of the Flood by the Forerunners
  • Brief Forerunner-Flood War
  • Commissioning of Halos to eradicate the Flood should they emerge again
    •  Ur-Didact opposes to this for his belief in the Mantle and eventually exiled on Erde-Tyrene
  • Bornstellar discovers Ur-Didact's Cryptum and wakes him
  • The two travel to various scarred Worlds and Ur-Didact bestows his memories and knowledge to Bornstellar via a Brevet Mutation
  • They are found by Master Builder Faber who exiles Ur-Didact to a Flood invested planet
  • Bornstellar is returned to Forerunner territory and becomes the new Didact
  • Forerunner capital attacked by Mendicant Bias and Faber executed due to War Crimes
  • Bornstellar finds Mendicant's installation (Halo 7), commandeers it to obtain the Composer

  • [Unknown Events]
  • Flood threat arises again
  •  Ur-Didact returns and prepares for battle
    • Uses human population on Halos to compose an army of Prometheans
  • The Librarian seriously abhors this act and imprisons the Ur-Didact on Requiem
  • The Librarian completes Indexing of Sentient Species
  • [Unknown Events .. but include implantation of Genesong to John-117's ancestors, possibly with an imprint of Forthencho (wild wild guess since he was the greatest threat to the Ur-Didact)]

  • (Presumably) Bornstellar activates the Halo Array to cleanse the Galaxy

Thursday, August 16, 2012

[Rant] Thanks HTC

Thanks for the update HTC. It made it much easier to decide whether I should buy a One XL. I am now the proud owner of a Galaxy Nexus. After using HTC devices since the Nexus One, I'm afraid to say its time to break-up. Loved my DHD for the past years - it shall now reside proudly on a plynth. Seeing how you have listened to your loyal fanbase recently, my next phones are definitely going to be Nexuses (unless Google decides to award you the contract, in which case, I shall stick with the other players in the market). Thanks for the ride though.


My rant is about HTC not releasing an update to the all-so-good Desire HD after telling customers since early 2012 that the device would indeed be upgraded to Ice Cream Sandwich or version 4.0 (ICS).

The fact remains that the device is capable of running ICS.

So, if you are planning to buy an HTC phone; think again.  Although HTC used to be very attentive to customers, they have been very uncooperative on this matter even though a petition was sent through. They should atleast have made an ICS version available without their Sense UI or provide (power-) users with the option to choose whether they want to upgrade or not.

The minute I switched on my Galaxy Nexus, I was provided the option to upgrade to version 4.1 Jelly Bean of Android.  I could not be any happier about my decision to drop buying an HTC One XL; which is a great phone as per the reviews but with such support from HTC, the phone will be obsolete by the next update to Android. 

The Galaxy Nexus on the other hand will receive the next update of Android since even a Nexus S (predecessor to the Galaxy Nexus) obtained an upgrade to 4.1 (not just 4.0).  The Nexus S was released around the same time as the HTC Desire HD with the latter being more powerful specs-wise!!!

18 Aug: XDA-devs have officially done what HTC could not! Hallelujah!

Saturday, October 29, 2011

Weather codes

Melbourne: asxx0075
Sydney: asxx0112

AOL weather search seems to have the codes necessary for widgets.

Monday, May 02, 2011

My Matrix Moment

I filmed this while at ACMI on 1st May 2011.


Friday, March 18, 2011

Configuring OpenVPN on FreeBSD [Quick Guide]

[Note: This post is a work in progress.]

pkg_add -r openvpn


mkdir -p /usr/local/etc/openvpn
cd /usr/local/etc/openvpn
touch openvpn.conf

cp -R /usr/local/share/doc/openvpn/easy-rsa .

cd easy-rsa/2.0/

[Edit the vars file to reflect your details. This will save you the trouble of having to type your organisation's details every time you generate a certificate. You may also need to change your shell to sh to execute the scripts. I also had to do a chmod +x * in that directory.]


[Generate Server Key named server1]
./build-key-server server1

[Generate Keys for clients]
./build-key hpserver
./build-key acerlaptop

[Generate Diffie-Hellman keys]

#The following keys have been copied from /usr/local/etc/openvpn/easy-rsa/2.0/keys

ca /usr/local/etc/openvpn/keys/ca.crt
cert /usr/local/etc/openvpn/keys/server.crt
key /usr/local/etc/openvpn/keys/server.key
dh /usr/local/etc/openvpn/keys/dh1024.pem

Now, edit openvpn.conf (on the server-end) as follows. Substitute IP addresses as required.

[OpenVPN Server Config]
#Configuration of OpenVPN Server

port 1194
proto tcp
dev tun

ca keys/ca.crt
cert keys/server.crt
key keys/server.key

dh keys/dh1024.pem

ifconfig-pool-persist ipp.txt

client-config-dir ccd #Client specific settings, e.g. Fixed IP Addresses
client-to-client #Allow clients to communicate with each other

push "route"

keepalive 60 120


status open-status.log
verb 3

Copy the generated client keys to /etc/openvpn/. You will need to copy, for example, acerlaptop.crt, acerlaptop.key and ca.crt and mentioned them in openvpn.conf on the client as follows.

[OpenVPN Client Config]
#Configuration of OpenVPN Client

dev tun
proto tcp

remote 1194 #public ip address and port of vpn server


#client certificates
ca ca.crt
cert acerlaptop.crt
key acerlaptop.key
ns-cert-type server
verb 3

[Auto-start openvpn]
Add the following in /etc/rc.conf on the server.


If not already present, also add the following knob in /etc/rc.conf to allow the server to route between your LAN and VPN subnets.  


Note: Some documentation propose adding if_tun_load="YES" to /boot/loader.conf. I found that is not necessary. Openvpn will start the required device drivers automatically. You can try adding it, if openvpn fails to start or dynamically start it at a prompt by issuing kldload if_tun.


The OpenVPN documentation provides more in depth explanation. It can be viewed at :