CentOS, RHEL – Protect /boot/efi when using software RAID


The EFI specification used on many new motherboards mandates the firmware recognize a FAT32 partition as the EFI System Partition. The firmware does not recognize a Linux Software RAID Partition as a valid EFI System Partition. For this reason, Linux does not allow a Software RAID Partition to be typed as a EFI System Partition.

To protect the EFI System Partition, the FAT32 partition that has a mount point of /boot/efi must be duplicated on a separate physical device and partition –

sda (first drive)
– sda1 – FAT32 – /boot/efi – in firmware boot menu as “CentOS Primary EFI”
– sda2 – Linux software RAID – /boot
– sda3 – Linux software RAID – /

sdb (second drive)
– sdb1 – FAT32 – copy of /boot/efi – in firmware boot menu as “CentOS Backup EFI”
– sdb2 – Linux software RAID – /boot
– sdb3 – Linux software RAID – /

The “dd” command can be used to make an exact device to device copy
# dd if=/dev/sda1 of=/dev/sdb1

The EFI Boot Manager is used to add an entry in the server boot list that uses the Backup EFI
# efibootmgr –create –disk /dev/sdb –label “Backup EFI” –load “\\EFI\\readhat\\grub.efi”

Leave a comment