Red Hat Summit Red Hat SummitApoyoConsolaDesarrolladoresIniciar una pruebaContacto

Chapter 24. Setting up Stratis file systems

Stratis is a local storage-management solution for Red Hat Enterprise Linux. It is focused on simplicity, ease of use, and gives you access to advanced storage features.

Stratis runs as a service to manage pools of physical storage devices, simplifying local storage management with ease of use while helping you set up and manage complex storage configurations.

Important

Stratis is a Technology Preview feature only. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview.

Stratis can help you with:

  • Initial configuration of storage
  • Making changes later
  • Using advanced storage features

The central concept of Stratis is a storage pool. This pool is created from one or more local disks or partitions, and file systems are created from the pool. The pool enables features such as:

  • File system snapshots
  • Thin provisioning
  • Caching
  • Encryption

24.1. Components of a Stratis file system

Externally, Stratis presents the following file system components on the command line and through the API:

blockdev
Block devices, such as disks or disk partitions.
pool

Composed of one or more block devices.

A pool has a fixed total size, equal to the size of the block devices.

The pool contains most Stratis layers, such as the non-volatile data cache using the dm-cache target.

Stratis creates a /dev/stratis/my-pool/ directory for each pool. This directory contains links to devices that represent Stratis file systems in the pool.

filesystem

Each pool can contain zero or more file systems. A pool containing file systems can store any number of files.

File systems are thinly provisioned and do not have a fixed total size. The actual size of a file system grows with the data stored on it. If the size of the data approaches the virtual size of the file system, Stratis grows the thin volume and the file system automatically.

The file systems are formatted with the XFS file system.

Important

Stratis tracks information about file systems that it created which XFS is not aware of, and changes made using XFS do not automatically create updates in Stratis. Users must not reformat or reconfigure XFS file systems that are managed by Stratis.

Stratis creates links to file systems at the /dev/stratis/my-pool/my-fs path.

Stratis uses many Device Mapper devices, which appear in dmsetup listings and the /proc/partitions file. Similarly, the lsblk command output reflects the internal workings and layers of Stratis.

24.2. Block devices compatible with Stratis

Storage devices that can be used with Stratis.

Supported devices

Stratis pools have been tested to work on these types of block devices:

  • LUKS
  • LVM logical volumes
  • MD RAID
  • DM Multipath
  • iSCSI
  • HDDs and SSDs
  • NVMe devices

Unsupported devices

Because Stratis contains a thin-provisioning layer, Red Hat does not recommend placing a Stratis pool on block devices that are already thinly-provisioned.

24.3. Installing Stratis

Install the required packages for Stratis.

Procedure

  1. Install packages that provide the Stratis service and command-line utilities: 

    # dnf install stratisd stratis-cli
    Copy to Clipboard

  2. To start the stratisd service and enable it to launch at boot: 

    # systemctl enable --now stratisd
    Copy to Clipboard

Verification

  • Verify that the stratisd service is enabled and is running: 

    # systemctl status stratisd
stratisd.service - Stratis daemon
Loaded: loaded (/usr/lib/systemd/system/stratisd.service; enabled; preset:>
Active: active (running) since Tue 2025-03-25 14:04:42 CET; 30min ago
Docs: man:stratisd(8)
Main PID: 24141 (stratisd)
Tasks: 22 (limit: 99365)
Memory: 10.4M
CPU: 1.436s
CGroup: /system.slice/stratisd.service
└─24141 /usr/libexec/stratisd --log-level debug
    Copy to Clipboard

24.4. Creating an unencrypted Stratis pool

You can create an unencrypted Stratis pool from one or more block devices.

Prerequisites

  • Stratis is installed and the stratisd service is running. For more information, see Installing Stratis.
  • The block device on which you are creating a Stratis pool is not in use, unmounted, and is at least 1 GB in space.

  • On the IBM Z architecture, the /dev/dasd* block devices must be partitioned. Use the partition device for creating the Stratis pool.

    For information about partitioning DASD devices, see Configuring a Linux instance on IBM Z.

Note

You can only encrypt a Stratis pool during creation, and not later.

Procedure

  1. Erase any file system, partition table, or RAID signatures that exist on each block device that you want to use in the Stratis pool: 

    # wipefs --all block-device
    Copy to Clipboard

    The block-device value is the path to the block device; for example, /dev/sdb.

  2. Create the new unencrypted Stratis pool on the selected block device: 

    # stratis pool create my-pool block-device
    Copy to Clipboard

    The block-device value is the path to an empty or wiped block device.

    You can also specify multiple block devices on a single line by using the following command: 

    # stratis pool create my-pool block-device-1 block-device-2
    Copy to Clipboard

Verification

  • Verify that the new Stratis pool was created: 

    # stratis pool list
    Copy to Clipboard

24.5. Creating an unencrypted Stratis pool by using the web console

You can use the web console to create an unencrypted Stratis pool from one or more block devices.

Prerequisites

  • You have installed the RHEL 8 web console.
  • You have enabled the cockpit service.

  • Your user account is allowed to log in to the web console.

    For instructions, see Installing and enabling the web console.

  • Stratis is installed and the stratisd service is running. For more information, see Installing Stratis.
  • The block device on which you are creating a Stratis pool is not in use, unmounted, and is at least 1 GB in space.
Note

You cannot encrypt an unencrypted Stratis pool after it is created.

Procedure

  1. Log in to the RHEL 8 web console.

    For details, see Logging in to the web console.

  2. Click Storage.
  3. In the Storage table, click the menu button and select Create Stratis pool.
  4. In the Name field, enter a name for the Stratis pool.
  5. Select the Block devices from which you want to create the Stratis pool.
  6. Optional: If you want to specify the maximum size for each file system that is created in the pool, select Manage filesystem sizes.
  7. Click Create.

Verification

  • Go to the Storage section and verify that you can see the new Stratis pool in the Devices table.

24.6. Creating an encrypted Stratis pool using a key in the kernel keyring

To secure your data, you can use the kernel keyring to create an encrypted Stratis pool from one or more block devices.

When you create an encrypted Stratis pool this way, the kernel keyring is used as the primary encryption mechanism. After subsequent system reboots this kernel keyring is used to unlock the encrypted Stratis pool.

When creating an encrypted Stratis pool from one or more block devices, note the following:

  • Each block device is encrypted using the cryptsetup library and implements the LUKS2 format.
  • Each Stratis pool can either have a unique key or share the same key with other pools. These keys are stored in the kernel keyring.
  • The block devices that comprise a Stratis pool must be either all encrypted or all unencrypted. It is not possible to have both encrypted and unencrypted block devices in the same Stratis pool.
  • Block devices added to the data cache of an encrypted Stratis pool are automatically encrypted.

Prerequisites

  • Stratis v2.1.0 or later is installed and the stratisd service is running. For more information, see Installing Stratis.
  • The block device on which you are creating a Stratis pool is not in use, unmounted, and is at least 1 GB in space.

  • On the IBM Z architecture, the /dev/dasd* block devices must be partitioned. Use the partition in the Stratis pool.

    For information about partitioning DASD devices, see Configuring a Linux instance on IBM Z.

Procedure

  1. Erase any file system, partition table, or RAID signatures that exist on each block device that you want to use in the Stratis pool: 

    # wipefs --all block-device
    Copy to Clipboard

    The block-device value is the path to the block device; for example, /dev/sdb.

  2. If you have not set a key already, run the following command and follow the prompts to create a key set to use for the encryption: 

    # stratis key set --capture-key key-description
    Copy to Clipboard

    The key-description is a reference to the key that gets created in the kernel keyring. You will be prompted to enter a key value at the command-line. You can also place the key value in a file and use the --keyfile-path option instead of the --capture-key option.

  3. Create the encrypted Stratis pool and specify the key description to use for the encryption: 

    # stratis pool create --key-desc key-description my-pool block-device
    Copy to Clipboard
    key-description
    References the key that exists in the kernel keyring, which you created in the previous step.
    my-pool
    Specifies the name of the new Stratis pool.
    block-device

    Specifies the path to an empty or wiped block device.

    You can also specify multiple block devices on a single line by using the following command: 

    # stratis pool create --key-desc key-description my-pool block-device-1 block-device-2
    Copy to Clipboard

Verification

  • Verify that the new Stratis pool was created: 

    # stratis pool list
    Copy to Clipboard

24.7. Creating an encrypted Stratis pool by using the web console

To secure your data, you can use the web console to create an encrypted Stratis pool from one or more block devices.

When creating an encrypted Stratis pool from one or more block devices, note the following:

  • Each block device is encrypted using the cryptsetup library and implements the LUKS2 format.
  • Each Stratis pool can either have a unique key or share the same key with other pools. These keys are stored in the kernel keyring.
  • The block devices that comprise a Stratis pool must be either all encrypted or all unencrypted. It is not possible to have both encrypted and unencrypted block devices in the same Stratis pool.
  • Block devices added to the data tier of an encrypted Stratis pool are automatically encrypted.

Prerequisites

  • You have installed the RHEL 8 web console.
  • You have enabled the cockpit service.

  • Your user account is allowed to log in to the web console.

    For instructions, see Installing and enabling the web console.

  • Stratis v2.1.0 or later is installed and the the stratisd service is running.
  • The block device on which you are creating a Stratis pool is not in use, unmounted, and is at least 1 GB in space.

Procedure

  1. Log in to the RHEL 8 web console.

    For details, see Logging in to the web console.

  2. Click Storage.
  3. In the Storage table, click the menu button and select Create Stratis pool.
  4. In the Name field, enter a name for the Stratis pool.
  5. Select the Block devices from which you want to create the Stratis pool.

  6. Select the type of encryption, you can use a passphrase, a Tang keyserver, or both:

  7. Optional: If you want to specify the maximum size for each file system that is created in pool, select Manage filesystem sizes.
  8. Click Create.

Verification

  • Go to the Storage section and verify that you can see the new Stratis pool in the Devices table.

24.8. Renaming a Stratis pool by using the web console

You can use the web console to rename an existing Stratis pool.

Prerequisites

  • You have installed the RHEL 8 web console.
  • You have enabled the cockpit service.

  • Your user account is allowed to log in to the web console.

    For instructions, see Installing and enabling the web console.

  • Stratis is installed and the stratisd service is running.

    The web console detects and installs Stratis by default. However, for manually installing Stratis, see Installing Stratis.

  • A Stratis pool is created.

Procedure

  1. Log in to the RHEL 8 web console.

    For details, see Logging in to the web console.

  2. Click Storage.
  3. In the Storage table, click the Stratis pool you want to rename.
  4. On the Stratis pool page, click edit next to the Name field.
  5. In the Rename Stratis pool dialog box, enter a new name.
  6. Click Rename.

24.9. Setting overprovisioning mode in Stratis file system

By default, every Stratis pool is overprovisioned meaning the logical file system size can exceed the physically allocated space. Stratis monitors the file system usage, and automatically increases the allocation by using available space when needed. However, if all the available space is already allocated and the pool is full, no additional space can be assigned to the file system.

Note

If the file system runs out of space, users might lose data. For applications where the risk of data loss outweighs the benefits of overprovisioning, this feature can be disabled.

Stratis continuously monitors the pool usage and reports the values using the D-Bus API. Storage administrators must monitor these values and add devices to the pool as needed to prevent it from reaching capacity.

Prerequisites

Procedure

To set up the pool correctly, you have two possibilities:

  1. Create a pool from one or more block devices: 

    # stratis pool create pool-name /dev/sdb
    Copy to Clipboard

  2. Set overprovisioning mode in the existing pool: 

    # stratis pool overprovision pool-name <yes|no>
    Copy to Clipboard
    • If set to "yes", you enable overprovisioning to the pool. This means that the sum of the logical sizes of the Stratis file systems, supported by the pool, can exceed the amount of available data space. If the pool is overprovisioned and the sum of the logical sizes of all the file systems exceeds the space available on the pool, then the system cannot turn off overprovisioning and returns an error.

Verification

  1. View the full list of Stratis pools: 

    # stratis pool list

Name       Total Physical                    Properties    UUID                                  Alerts
pool-name  1.42 TiB / 23.96 MiB / 1.42 TiB  ~Ca,~Cr,~Op    cb7cb4d8-9322-4ac4-a6fd-eb7ae9e1e540
    Copy to Clipboard
  2. Check if there is an indication of the pool overprovisioning mode flag in the stratis pool list output. The " ~ " is a math symbol for "NOT", so ~Op means no-overprovisioning.

  3. Optional: Check overprovisioning on a specific pool: 

    # stratis pool overprovision pool-name yes

# stratis pool list

Name          Total Physical                    Properties     UUID                                   Alerts
pool-name     1.42 TiB / 23.96 MiB / 1.42 TiB   ~Ca,~Cr,~Op    cb7cb4d8-9322-4ac4-a6fd-eb7ae9e1e540
    Copy to Clipboard

24.10. Binding a Stratis pool to NBDE

Binding an encrypted Stratis pool to Network Bound Disk Encryption (NBDE) requires a Tang server. When a system containing the Stratis pool reboots, it connects with the Tang server to automatically unlock the encrypted pool without you having to provide the kernel keyring description.

Note

Binding a Stratis pool to a supplementary Clevis encryption mechanism does not remove the primary kernel keyring encryption.

Prerequisites

Procedure

  • Bind an encrypted Stratis pool to NBDE: 

    # stratis pool bind nbde --trust-url my-pool tang-server
    Copy to Clipboard
    my-pool
    Specifies the name of the encrypted Stratis pool.
    tang-server
    Specifies the IP address or URL of the Tang server.

24.11. Binding a Stratis pool to TPM

When you bind an encrypted Stratis pool to the Trusted Platform Module (TPM) 2.0, the system containing the pool reboots, and the pool is automatically unlocked without you having to provide the kernel keyring description.

Prerequisites

Procedure

  • Bind an encrypted Stratis pool to TPM: 

    # stratis pool bind tpm my-pool
    Copy to Clipboard
    my-pool
    Specifies the name of the encrypted Stratis pool.
    key-description
    References the key that exists in the kernel keyring, which was generated when you created the encrypted Stratis pool.

24.12. Unlocking an encrypted Stratis pool with kernel keyring

After a system reboot, your encrypted Stratis pool or the block devices that comprise it might not be visible. You can unlock the pool using the kernel keyring that was used to encrypt the pool.

Prerequisites

Procedure

  1. Re-create the key set using the same key description that was used previously: 

    # stratis key set --capture-key key-description
    Copy to Clipboard

    key-description references the key that exists in the kernel keyring, which was generated when you created the encrypted Stratis pool.

  2. Verify that the Stratis pool is visible: 

    # stratis pool list
    Copy to Clipboard

24.13. Unbinding a Stratis pool from supplementary encryption

When you unbind an encrypted Stratis pool from a supported supplementary encryption mechanism, the primary kernel keyring encryption remains in place. This is not true for pools that are created with Clevis encryption from the start.

Prerequisites

Procedure

  • Unbind an encrypted Stratis pool from a supplementary encryption mechanism: 

    # stratis pool unbind clevis my-pool
    Copy to Clipboard

    my-pool specifies the name of the Stratis pool you want to unbind.

24.14. Starting and stopping Stratis pool

You can start and stop Stratis pools. This gives you the option to disassemble or bring down all the objects that were used to construct the pool, such as file systems, cache devices, thin pool, and encrypted devices. Note that if the pool actively uses any device or file system, it might issue a warning and not be able to stop.

The stopped state is recorded in the pool’s metadata. These pools do not start on the following boot, until the pool receives a start command.

Prerequisites

Procedure

  • Use the following command to stop the Stratis pool. This tears down the storage stack but leaves all metadata intact: 

    # stratis pool stop --name pool-name
    Copy to Clipboard

  • Use the following command to start the Stratis pool. The --unlock-method option specifies the method of unlocking the pool if it is encrypted: 

    # stratis pool start --unlock-method <keyring|clevis> --name pool-name
    Copy to Clipboard
    Note

    You can start the pool by using either the pool name or the pool UUID.

Verification

  • Use the following command to list all active pools on the system: 

    # stratis pool list
    Copy to Clipboard

  • Use the following command to list all the stopped pools: 

    # stratis pool list --stopped
    Copy to Clipboard

  • Use the following command to view detailed information for a stopped pool. If the UUID is specified, the command prints detailed information about the pool corresponding to the UUID: 

    # stratis pool list --stopped --uuid UUID
    Copy to Clipboard

24.15. Creating a Stratis file system

Create a Stratis file system on an existing Stratis pool.

Prerequisites

Procedure

  1. Create a Stratis file system on a pool: 

    # stratis filesystem create --size number-and-unit my-pool my-fs
    Copy to Clipboard
    number-and-unit
    Specifies the size of a file system. The specification format must follow the standard size specification format for input, that is B, KiB, MiB, GiB, TiB or PiB.
    my-pool
    Specifies the name of the Stratis pool.
    my-fs

    Specifies an arbitrary name for the file system.

    For example:

    Example 24.1. Creating a Stratis file system

    # stratis filesystem create --size 10GiB pool1 filesystem1
    Copy to Clipboard

Verification

  • List file systems within the pool to check if the Stratis file system is created: 

    # stratis fs list my-pool
    Copy to Clipboard

24.16. Creating a file system on a Stratis pool by using the web console

You can use the web console to create a file system on an existing Stratis pool.

Prerequisites

  • You have installed the RHEL 8 web console.
  • You have enabled the cockpit service.

  • Your user account is allowed to log in to the web console.

    For instructions, see Installing and enabling the web console.

  • The stratisd service is running.
  • A Stratis pool is created.

Procedure

  1. Log in to the RHEL 8 web console.

    For details, see Logging in to the web console.

  2. Click Storage.
  3. Click the Stratis pool on which you want to create a file system.
  4. On the Stratis pool page, scroll to the Stratis filesystems section and click Create new filesystem.
  5. Enter a name for the file system.
  6. Enter a mount point for the file system.
  7. Select the mount option.
  8. In the At boot drop-down menu, select when you want to mount your file system.

  9. Create the file system:

    • If you want to create and mount the file system, click Create and mount.
    • If you want to only create the file system, click Create only.

Verification

  • The new file system is visible on the Stratis pool page under the Stratis filesystems tab.

24.17. Mounting a Stratis file system

Mount an existing Stratis file system to access the content.

Prerequisites

Procedure

  • To mount the file system, use the entries that Stratis maintains in the /dev/stratis/ directory: 

    # mount /dev/stratis/my-pool/my-fs mount-point
    Copy to Clipboard

The file system is now mounted on the mount-point directory and ready to use.

Note

Unmount all file systems belonging to a pool before stopping it. The pool will not stop if any file system is still mounted.

24.18. Setting up non-root Stratis file systems in /etc/fstab using a systemd service

You can manage setting up non-root file systems in /etc/fstab using a systemd service.

Prerequisites

Procedure

  • As root, edit the /etc/fstab file and add a line to set up non-root file systems: 

    /dev/stratis/my-pool/my-fs mount-point xfs defaults,x-systemd.requires=stratis-fstab-setup@pool-uuid.service,x-systemd.after=stratis-fstab-setup@pool-uuid.service dump-value fsck_value
    Copy to Clipboard
Important

Persistently mounting a Stratis filesystem from an encrypted Stratis pool can cause the boot process to stop until a password is provided. If the pool is encrypted using any unattended mechanism, for example, NBDE or TPM2, the Stratis pool will be unlocked automatically. If not, the user will need to enter a password in the console.

Volver arriba
Red Hat logoGithubredditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar. Explore nuestras recientes actualizaciones.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

Theme

© 2025 Red Hat