Setting Up RAID Storage

Mesh Hypervisor nodes are diskless by default, but you can add local RAID storage for data persistence—like for backups or file shares. This guide shows how to set up a RAID array with encryption on a remote node, using the storage group and a custom machine config. Commands run via SSH to the central orchestration node’s CLI (e.g., ssh root@<central-ip>). For node basics, see Configuring Nodes.

Prerequisites

Ensure:

A remote node with spare disks (e.g., /dev/sda, /dev/sdb) is online (mesh node info).
You’ve got a machine folder (e.g., /host0/machines/storage-node/).
The storage group is in /host0/groups/storage/—it’s prebuilt with RAID and encryption tools.

Step 1: Boot and Inspect the Node

Add Storage Group: In /host0/machines/storage-node/groups:
```
baseline
storage
```
- baseline sets essentials; storage adds mdadm, cryptsetup, etc.
Set UUID: In /host0/machines/storage-node/UUID, use the node’s UUID (e.g., 10eff964) from mesh node info.

Apply: Rebuild and reboot:

mesh system configure
mesh node ctl -n 10eff964 "reboot"

SSH In: Connect to the node:
```
mesh node ctl -n 10eff964
```
Check Disks: List available drives:
```
lsblk
```
- Example: See /dev/sda and /dev/sdb—unpartitioned, ready for RAID.

Step 2: Create the RAID Array

Build RAID: Make a RAID1 array (mirrored):
```
mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sda /dev/sdb
```
- /dev/md0: Array name.
- --level=1: Mirror (RAID1)—swap for 5 or 10 if you’ve got more disks.
- Adjust /dev/sda, /dev/sdb to your drives.
Save Config: Write the array details:
```
mdadm --detail --scan > /etc/mdadm.conf
```
- Example output: ARRAY /dev/md0 metadata=1.2 name=q-node:0 UUID=abcd1234:5678...
Monitor: Check progress:
```
cat /proc/mdstat
```
- Wait for [UU]—array’s synced.

Step 3: Encrypt the Array

Create LUKS: Encrypt /dev/md0:
```
cryptsetup luksFormat /dev/md0
```
- Enter a passphrase (e.g., mysecret)—you’ll generate a keyfile next.

Generate Keyfile: Make a random key:

dd if=/dev/urandom of=/etc/data.luks bs=4096 count=1
chmod 600 /etc/data.luks

4KB keyfile, locked to root.

Add Key: Link it to LUKS:
```
cryptsetup luksAddKey /dev/md0 /etc/data.luks
```
- Enter the passphrase again—keyfile’s now an alternate unlock.

Open LUKS: Unlock the array:

cryptsetup luksOpen /dev/md0 data --key-file /etc/data.luks

Creates /dev/mapper/data.

Step 4: Format and Mount

Format: Use ext4 (or xfs, etc.):
```
mkfs.ext4 /dev/mapper/data
```
Mount: Test it:
```
mkdir /mnt/data
mount /dev/mapper/data /mnt/data
df -h
```
- See /mnt/data listed—unmount with umount /mnt/data after.

Step 5: Configure the Machine

Exit Node: Back to the central node:
```
Ctrl+D
```

Update Manifest: In /host0/machines/storage-node/manifest:

# RAID config
O MODE=root:root:0644 SRC=/host0/machines/storage-node/mdadm.conf TGT=/etc/mdadm.conf
# Encryption
A MODE=root:root:0644 SRC=/host0/machines/storage-node/dmcrypt TGT=/etc/conf.d/dmcrypt
O MODE=root:root:0600 SRC=/host0/machines/storage-node/data.luks TGT=/etc/data.luks
# Filesystem mount
A MODE=root:root:0644 SRC=/host0/machines/storage-node/fstab TGT=/etc/fstab
D MODE=root:root:0755 TGT=/mnt/data

Add Files: In /host0/machines/storage-node/:
- mdadm.conf: Copy from node (scp root@<node-ip>:/etc/mdadm.conf .).
- dmcrypt:
```
target=data
source=/dev/md0
key=/etc/data.luks
```
- data.luks: Copy from node (scp root@<node-ip>:/etc/data.luks .).
- fstab:
```
/dev/mapper/data /mnt/data ext4 defaults,nofail 0 2
```

Apply: Rebuild and reboot:

mesh system configure
mesh node ctl -n 10eff964 "reboot"

Verify: SSH in, check:
```
mesh node ctl -n 10eff964 "df -h"
```
- /mnt/data should be mounted.

Notes

The storage group handles boot-time RAID assembly and LUKS unlocking—your machine config locks in the specifics. RAID setup is manual first; configs make it persistent. For multi-disk setups (e.g., RAID5), adjust --level and add drives—update dmcrypt and fstab too. See Managing Nodes for CLI tips; Recovery Procedures for RAID fixes.

Next, explore Running Docker.