from CorrectAlias@piefed.blahaj.zone to selfhosted@lemmy.world on 25 Jun 18:34
https://piefed.blahaj.zone/c/selfhosted/p/835757/icymi-unraid-now-supports-internal-boot-and-tpm-licensing
First, I know that Unraid is not FOSS and I’m a month late, just to get that out of the way. But for those that are running Unraid and haven’t updated to >7.3.0, there’s good reason to (other than for security patches): internal boot and TPM licensing.
This update allows you to boot from an internal drive, no more chewing up flash drives. As a long time Unraid user (for over a decade), this was a long time coming. My server ate several flash drives. Setting it up was a breeze, once I updated to 7.3.x, the wizard to configure it came up and I was able to move it to one of my internal SSDs. All I had to do after that was go into the BIOS and set the boot priority correctly.
Internal boot works without a TPM, however you’d still need the flash drive with your license on it plugged in at boot. If you have a TPM on your server, though, you can migrate your license from your flash to your TPM, with another simple wizard. After migration, you no longer need a boot flash drive.
I had to get a Supermicro AOM-TPM-9665V TPM chip for my motherboard, but I’ve got it all set now. It’s a relief to no longer have to rely on flash drives now - my server’s rear exhaust fans were blowing directly on them, causing them to overheat and eventually crash my server.
Unraid posted about this in their blog here: https://unraid.net/blog/unraid-7-3-0
#selfhosted
threaded - newest
That’s pretty neat that the TPM can be used that way, maybe worth migrating over. The flash drive always made me so nervous.
So after the migration, my boot drive and flash drive could both fail, and I could plug in a new unraid boot/flash drive, it’d read my license, and it’d just work?
Yep! Your license would be tied to your TPM GUID and not your flash drive after migration. You might have to activate your license if it’s a fresh install, but it should be read from your TPM.
Very neat! I’ll try it out sometime. What does it use for a boot device? Cache drive?
It uses an individual drive for it - so your cache and array are separate and you’ll need to install a drive for boot purposes. It does support pooling though, so you can have multiple boot drives in the boot pool, for example. In that case, it will fail over to the secondary drive if your primary dies.
You can use your cache drive for internal boot too, though it’s likely easier to use a separate drive
If they had done this 6 months ago, I would have probably picked Unraid. I hated the idea of using a USB boot device, so I went with TrueNAS instead.
Yeah, that’s absolutely understandable. It was definitely a much needed option for far too long.
How old is your CPU that it doesn’t have onboard TPM? It’s been a standard feature for quite a while now
My Epyc 7702 does have onboard TPM, but my supermicro H11DSi-NT doesn’t pass it through to the OS, for some reason. It seems like it’s a common thing for supermicro boards - the enterprise ones like mine have TPM headers instead. I do wish that weren’t the case, though.
On my second Unraid server (which I use for transcoding), the i9-12900T’s TPM does pass through properly and I was able to use it, no external TPM needed.
Huh… That’s interesting. At my workplace we have Linux EPYC servers with working TPM (it’s mandated that all computers, both clients and servers, must have TPM 2.0), but I’m not a hardware person and don’t know exactly how they’re configured.
Yeah, I’m guessing it’s a Supermicro thing for sure, and maybe they’ve changed that now that TPM is completely commonplace, because my Epyc does support TPM, 100%.
This is good to know. I haven’t had issues with using a USB drive though, since it doesn’t receive many reads or writes - the system is copied to a RAM drive on boot and runs off that rather than the USB.
I assume this means I’d need another drive to boot it from? My current setup is that I have 2 x 22TB drives in a ZFS mirror for data storage, and 2 x 2TB NVMe SSDs in a ZFS mirror for things like VMs, Docker containers, documents, etc.
Yeah, YMMV on the USB drive. While running Unraid for a little more than a decade, my main server chewed through around 2-3 drives causing crashes each time. It could have been bad luck with the flash lottery, though.
That is correct. You’d need a drive just for booting, outside of any array or pool that you might have. I bought a tiny 32GB Samsung mSATA SSD for $15 (new) for my transcoding server, and I somehow scored a brand new Micron 250gb 2.5 SSD for ~$25 for my main server (both from ebay) which I use for this purpose.
An mSATA or small NVMe in a USB enclosure is the best way to go. No wasting a precious internal slot, and they can be super tiny (2230/2242 enclosures are dime a dozen).
This is actually what I did for the mSATA! I used an Eluteng USB adapter.
For my main server, though, I have a 36 + 2 2.5in bays, so I was fine using one of those bays for this.
That always seemed like a no-brainer to me.
It certainly should have been a feature a long time ago.
As a former unraid user and a certified unraid hater—Finally a problem solved by computers since their inception has been solved by unraid… cannot imagine why one uses unraid outside of having a mixed set of drives and only one device.
I mean, it’s all personal preference in this community. Other than this flash drive issue, Unraid has been rock solid for me.
I originally started using it more than a decade ago to be able to mix drives.
I also do have multiple Unraid servers as well.
Why would you pay for something, now annually, that is essentially a bad Linux webgui , which can be easily achieved for free with any Linux distro? Outside of mixed drives…
I don’t pay annually. I’m locked in with permanent licensing because I’ve used it for over a decade (see: legacy licensing). Unless that changes, and something else can do the mixed drives as well as Unraid, I don’t see that changing for me any time soon.
For my servers that aren’t mixed JBOD, I use Fedora/CoreOS with Quadlets, so believe me when I say that I know that outside of that specific use case, there are better options.
But I use Unraid specifically for the ability to mix drive sizes and easily emulate and rebuild failed disks. That’s it. That’s the whole reasoning as to why I still use it.
Oh, also, while yes, it did become a subscription (which does not apply to me anyway), it’s not necessarily a standard annual subscription, it’s a one time purchase and then you can choose to stop paying until you want to update again. The subsequent payments are less than the first purchase of the license and do last for a year. You still own your license when you stop paying, you just stop getting updates until you pay that lesser amount again. While similar (and I personally wouldn’t buy a license today), it isn’t what an annual subscription normally implies.
I think we have different definitions of “easily”.
I totally missed this announcement, thanks for surfacing it!
Any idea if TPM licensing is as easy a transfer to new hardware as flash drive was? Don’t want to lose my legacy license in future by fixing it to this motherboard.