Can I span ssd's for reinstall of Qubes-OS

Ok, so I am very comfortable now with learning my qubes-os and I believe I have a good understanding of it and linux. So i want to reinstall my Qubes-OS v 4.0.x…BUT I have (4) internal ssd’s. During installation of qubes is there or is it possible or can i “span” the (4) ssd’s so that qubes-os now has 1tb to work with instead of just (1) 250gb ssd that it is installed on??? And now qubes-os has a shit ton of space for my templates,domains and data having 1tb…

Cause I am running out of space on just (1) 250 gb ssd

You can use a separate ssd for VM storage if you’d like, Secondary storage | Qubes OS

Thank you but i am having a hard time understanding all of that. You would think their would be a easier way to “span” many ssd’s and i find it hard to believe that you couldn’t just do it upon installing/reinstalling. Where qubes would see all drives and ask you to span or single drive useage.

While yes the documents for qubes-os have helped me is many ways their are some that leave much to be desired and could be explained better and have better examples on “what/how to do”, like the one you suggested.

You can install Qubes normally on one of the SSD’s, then configure each of the other SSD’s as VM pools. That’s the equivalent of “spanning” all four SSD’s. dom0 will be installed on one SSD, and you can store all your other qubes on different SSD’s, in different pools. Sure it’s not automatic, but it wouldn’t take long to set up.

Great but as you said <configure each of the other SSD’s as VM pools.>
That’s were i get lost. Upon reading and rereading that document…

So
Step #1 is… In dom0 type which command???

sudo pvs
sudo lvs

Are these interchangeable?

The document states…
Take note of the VG and thin pool names for your HDD, then register it with Qubes:

-I didn’t make any “VG” or “thin pools” names for these ssd’s yet. So did dom0 just assign them?

What is the difference between “VG” and “Thin pool”?

Which one is better to have/use? (VG or Thin pool)

Then register it with Qubes
And how do i do this?

# <pool_name> is a freely chosen pool name
# <vg_name> is LVM volume group name
# <thin_pool_name> is LVM thin pool name
qvm-pool --add <pool_name> lvm_thin -o volume_group=<vg_name>,thin_pool=<thin_pool_name>,revisions_to_keep=2

Now you can create qubes in that pool:

qvm-create -P <pool_name> --label red <vmname>

If i can do this right now on my existing install/setup of my qubes would be great.

So i want to create a VG or thin pool with (2) ssd’s (250gb) each. Make them 1 big “ssd” which would be 500gb.
My layout will be then
-1 (250gb) ssd with qubes-os installed on it
-1 (250gb) ssd for my backups/misc stuff
-2 (250gb) for a now total size of (500gb) ssd as
a what (VG or thin pool) for domains/templates

Step#2… How would i now tell qubes to more all my domains and or templates to this now?

-How safe is this now newly created pool?
-Does it still run under the hyper visor with all the security features alotted with qubes-os?
-Does it pose a security/privacy risk?
-Will qubes-os see this as part of itself and treat it the same or will their have to be added security features (that i don’t know of)!

Any help, direction or instuction would be awesome.

So basically, you can use each of the 4 SSD’s for storing data, just not as a “span”. On one you install Qubes, and the others you use for VM storage.
For example, if you have 4 internal drives, say they’re represented as /dev/sda, … , /dev/sdd
You could decide to layout like this:
/dev/sda: Qubes (dom0, etc)
/dev/sdb: Backup VM pool
/dev/sdc: VM pool
/dev/sdd: VM pool
This will use all your available storage, just spread over the multiple drives.

If you’ve already installed Qubes, it’s probably on /dev/sda. Which means you have /dev/sdb, /dev/sdc, and /dev/sdd left to partition as VM pools.

For each drive, steps to create a VM pool on it: (following the guide on the Qubes-OS website)

1. You want the drive to be encrypted, so set up a LUKS volume on it: (this will completely erase all data on the drive)
   You can set it up for encryption by doing this in a dom0 terminal (use the same passphrase as the main Qubes disk to avoid a second password prompt at boot):

sudo cryptsetup luksFormat --hash=sha512 --key-size=512 --cipher=aes-xts-plain64 --verify-passphrase /dev/sdb
sudo blkid /dev/sdb

Note the device’s UUID. (use this instead of “b209…” in the examples)

2. Edit /etc/crypttab to automount the new volume by doing:

sudo nano /etc/crypttab

3. Add the following to this file:
   (change both “b209…” for your device’s UUID from blkid in both places)

luks-b20975aa-8318-433d-8508-6c23982c6cde UUID=b20975aa-8318-433d-8508-6c23982c6cde none

4. Reboot the computer so the new luks device appears at /dev/mapper/luks-b209… (your UUID will be different)

That leaves us with an encrypted drive, now we create the pools necessary for qubes VM storage.

5. Create the physical volume: (substitute your UUID)

sudo pvcreate /dev/mapper/luks-b20975aa-8318-433d-8508-6c23982c6cde

6. Create the LVM volume group, named “volumesdb”: (substitute your UUID and drive letter)

sudo vgcreate volumesdb /dev/mapper/luks-b20975aa-8318-433d-8508-6c23982c6cde

7. Create the logical volume: (substitute “poolsdb” with whichever drive letter you are using)

sudo lvcreate -T -n poolsdb -l +100%FREE volumesdb

8. Create a Qubes pool on the logical volume:

qvm-pool --add poolsdb_qubes lvm_thin -o volume_group=volumesdb,thin_pool=poolsdb,revisions_to_keep=2

9. By default all new VM’s are created on the main SSD, in your case probably /dev/sda, so when creating VM’s, specify which pool to create them on like this:
   “qvm-create -P poolsdb_qubes --label red unstrusted-hdd”

That creates a qubes pool on a logical volume on a logical volume group on a physical volume on a LUKS encrypted drive, which sounds complicated but is just what Qubes needs to store VM’s on it.

Repeat those steps for the two remaining drives (/dev/sdc, /dev/sdd) substituting drive letters and UUIDs as needed.

This will give you three SSDs you can save individual VMs to. Now you just need to partition your qubes on to the different disks. If I had a large “backup VM” that stored tons of data and was expected to be very large, I would put it on it’s own pool, for example poolsdb. All my personal VMs and templates could go on poolsdc, and everything work-related could go on poolsdd. Thus, all drives are being used, and I’d be less likely to run out of space.

To answer the second part of your post:

It should be the same security as the rest of your Qubes install, it’s just an encrypted storage drive, Qubes still runs the VMs exactly the same as if they were on /dev/sda.

Hope that helps, let me know if you have questions

Disclaimer: it’s been quite a while since I’ve had to do this myself, I might be a bit rusty on how I had set things up.

Since you want to reinstall and not using “custom configuration”, have you try with selecting 4 disk when installing ? installer is smart enough to configure the rest for you.

@EncryptedGiraffe thank you very much for this greatly explained walkthrough and it now makes sense to me. Though i would fined it time consuming as it would be my first go at this.

@51lieal …Really!!
Yes i want to reinstall my qubes-os because basically this build was a learning/testing ground for me. If the installer is smart enough to allow me to make all (4) ssd’s one big “pool” and work i would prefer to go this route. I will before reinstalling save data i have in my vault first before doing this…

So do you know what steps i will have to take then during reinstall? You said “custom configiration”
Of course i will have to update/upgrade after this reinstall. You know fedora and the like.

I never try with 4 disk, but it works with 2 disk and 3 disk (1 usb + 2 nvme) and i believe it will support even with 4 disk even if can’t, we can achieve this with manual configuration like @EncryptedGiraffe say.

just select 4 disk, and go with automatic configuration.

Thank you both so much for this helpful information. So it looks like my weekend project is a go. I will inform of my outcome over the weekend. Until then

Well all is complete and what a journey that was!! 2.5 day turn around and late this evening it has come to an end. Boy did i learn more then i thought i could in these past few days. Re-reading notes, docs on qubes, recreating “sys-whatever” I needed. Then restoring my custome builds i have,updating/upgrading, reapplying settings & configs, re-establising my enviroment. This wasn’t for the faint of heart I will tell you all that but in the end well worth it. Only one thing left to do now, ( 1 more custom template). I may take a break as i may still trying to understand HVM’s.

My qubes is “fat & happy” after all is said and left with @ 690gb. So much room to play now!!!