Terminology

Let's introduce some terms (copied from ReliableRaid/History):

• component: a single block device node used to make up a part of an array. e.g. "block device" for md (/dev/sda1), "physical volume" for LVM (also /dev/sda1). It is a component only if the array software understands it as a component (usually via some form of superblock, etc).

• array: a single logical unit made up of components. e.g. "RAID device" for md (/dev/md1), "volume group" for LVM (/dev/vg-name/).

• logical device: a block device made available from an array. e.g. "RAID device" for md (/dev/md1), "logical volume" for LVM (/dev/vg-name/lv-name or /dev/mapper/vg--name-lv--name; yes, "-" is escaped with "--" for mapper names).

• mount point: final / top-level allocation of filesystem type & mount point.

Devices

Note that below devices can be stacked one, on top of the other, on top of the other...

Just like a Matryoshka doll

Physical Disk / usb pen drive / SDcard

• regular disk (attached as sata), name /dev/sda

  • has MBR (for bootloader)
  • can become a component of another array as a whole
• components

  • can be partitioned into components aka partitions, e.g. (/dev/sda1, /dev/sda2)

  • /dev/sda1 can become formatted filesystems / mountpoints
  • /dev/sda1 can become a component of another array

LVM - Logical Volume Group

• combines multiple devices into a single array ( volume group )

  • e.g. combine /dev/sda (100GB) & /dev/sdb2 (300GB) into /dev/vg-big (400GB)

• creates variable length logical devices ( logical volume )
  • logical volumes can become mount-points.

  • e.g. create /dev/vg-big/lv-medium1 (200GB) and /dev/vg-big/lv-medium2 (200 GB)

LUKS

LUKS aka cryptsetup, dm-crypt, full-disk encryption

• takes 1 component & creates 1 encrypted device from it

• e.g. /dev/sda -> /dev/crypt1

• /dev/crypt1 can be used as a mountpoint, or as a component of another array (e.g. LVM)

• hopefully (?!) cannot be partitioned, use LVM on top of it.

• recommended to have /boot mountpoint / filesystem which is not encrypted due to current implementation

RAID

• takes 2+ components and creates an array /dev/md

• There are many different RAID levels, requiring different minimum amount of disks
• Can optionally add more disks, then required, to be used as spares
• resulting array can be used as component of another array (e.g. LUKS/LVM) or become a mountpoint
• hopefully (?!) cannot be partitioned, use LVM on top of it

Installation types

Typical single disk installation

Pre-requisites:

• one disk
• no-other operating systems

Reasoning:

• want to custom specify amount of swap
• want to leave empty space for future use

Final disk layout:

• 	/	swap fs	empty
  mbr	/dev/sda1	swap	empty

Steps:

• Create sda1 partition, specify size
• Create swap partition, specify size

• Select / mountpoint & filesystem (e.g. ext4)

• Select use as swap

Single full-disk encryption

Pre-requisites:

• have 1 disk

Reasoning:

• want / require full-disk encryption
• want simplicity (no other additional layers)
• will not have swap or will use a swapfile

Final disk layout:

• 		/
  	/boot	/dev/crypt1
  mbr	/dev/sda1	/dev/sda2

Steps:

• Create smallish (300MB) sda1
• Create sda2 with the remaining disk
• Create crypt1 device from sda2

• Assign /boot mount point to sda1, select filesystem (e.g. ext4)

• Assign / to crypt1, select filesystem (e.g. ext4)

Single full-disk LVM

Pre-requisites:

• have 1 very large disk

Reasoning:

• want ability to take snapshot backups
• want ability to dynamically resize partitions

Final disk layout:

• 	/	swap fs
  	/dev/vg-internalhdd/lv-root	/dev/vg-internalhdd/lv-swap	reserved space in this volume group
  	/dev/vg-internalhdd
  mbr	/dev/sda (no partitions)

Steps:

• Create physical volume group /dev/vg-internalhdd from /dev/sda

• Create 2 logical volumes from the volume group
• Allocate mount points and file system sizes

Single full-disk encrypted LVM

Pre-requisites:

• have 1 very large disk

Reasoning:

• want ability to take snapshot backups
• want ability to dynamically resize partitions
• and have full disk encryption

Final disk layout:

• 		/	swap fs
  		/dev/vg-internallhdd/lv-root	/dev/vg-internallhdd/lv-swap	reserved space in this volume group
  		/dev/vg-internallhdd
  	/boot	/dev/crypt1
  mbr	/dev/sda1	/dev/sda2

Steps:

• Create smallish (300MB) sda1
• Create sda2 with the remaining disk

• Create physical volume group /dev/vg-internalhdd from /dev/sda

• Create 2 logical volumes from the volume group
• Allocate mount points and file system sizes

LVM on top of RAID1

Pre-requisites:

• have 2 disks or same capacity

• preferably of different brands & wear

Reasoning:

• if one disk fails, I want my system to keep working
• want ability to take snapshot backups
• want ability to dynamically resize partitions

Final disk layout: (imagine a 3D table with sda/sdb stacked on top of md0 in third dimention )

• 	/	swap fs
  	/dev/vg-internalhdd/lv-root	/dev/vg-internalhdd/lv-swap	reserved space in this volume group
  	/dev/vg-internalhdd
  	/dev/md0
  mbr	/dev/sda (no partitions)
  mbr	/dev/sdb (no partitions)

• Create RAID1 device md0 form sda & sdb

• Create physical volume group /dev/vg-internalhdd from /dev/md0

• Create 2 logical volumes from the volume group
• Allocate mount points and file system sizes

Full Disk encryption with LVM on top of RAID1

Pre-requisites:

• have 2 disks or same capacity

• preferably of different brands & wear

Reasoning:

• if one disk fails, I want my system to keep working
• want ability to take snapshot backups
• want ability to dynamically resize partitions
• and have full disk encryption

Final disk layout: (imagine a 3D table with sda/sdb stacked on top of md0 in third dimention )

• 		/	swap fs
  		/dev/vg-internalhdd/lv-root	/dev/vg-internalhdd/lv-swap	reserved space in this volume group
  		/dev/vg-internalhdd
  	/boot	/dev/crypt1
  	/dev/md0	/dev/md1
  mbr	/dev/sda1	/dev/sda2
  mbr	/dev/sdb1	/dev/sdb2

• Equally Partition sda & sdb:

  • small partition (300MB) for /boot
  • large partition with remaining space
• Create RAIDs:

  • md0: RAID1 from sda1 & sdb1

  • md1: RAID1 from sda2 & sdb2

• Add encryption:
  • create crypt1 from md1
• Add LVM:
  • create physical volume group from md1
• Add extra logical volumes

• Assign mountpoints & filesystems:

  • md0, is mountpoint /boot with ext4 filesystem
  • logical volumes are: swap, /, etc.

CategorySpec