Manual Hard Drive Partitioning
If you don’t care about the underlying principles of what we’re doing here, feel free to skip ahead to the screenshots. If you do care, keep reading.
Understanding how this process works will make the whole thing go a lot more smoothly, and should prepare you to set up variations of this partitioning/encryption scheme in the future.
For instance, perhaps you want to set up a RAID5 instead of a RAID1. You can do that using the same principles that I’m using in this tutorial.
In this tutorial we have two hard drives of the same size (8 GB). We are going to create two partitions on each drive. One partition is 550 MB. This is for the /boot partition. The other one is the rest of the drive — approximately 7.5 GB — and will be used for the root filesystem. You might want to create a separate partition for /home, /tmp, /var, or any other directory in the filesystem, but I’m not interested in that, so I’m only using these two. If you want to add others, feel free.
Whatever partitions you make need to be identical on each drive because we are going to use those partitions to create our arrays. After we have things partitioned, we create a RAID1 array for each partition. If you have more hard drives, this is where you can choose a different RAID set up if you’d like. Just make sure you partition the drives the same way.
Once the arrays are set up, we are going to create a volume group on the array for the root filesystem. Inside that volume group will be a logical volume for the swap space and one for the root filesystem.
After those are created, we will create an encrypted filesystem in each of the logical volumes: an encrypted filesystem for the swap space, and one for the root filesystem.
So in summary we will have our physical drives creating RAIDs, on which we will have a logical volumes that each contain an encrypted filesystem. Again: Drives > RAIDs > LVM > LUKS. Some guides will recommend doing Drives > RAIDs > LUKS > LVM, but having the LUKS inside the LVM instead of the other way around is the better way to have it in case you ever want to increase your logical volumes (which is half the point of having LVM in the first place).
According to this Linux RAID guide having LUKS inside LVM is the only way to be able to increase the LVM size. In my experience when people say something is impossible with Linux, they are usually wrong, however it’s easier to do things the way they were designed to be done.
Enough chit-chat. Let’s get to it.