I see comments that people are using software raid (md rescue disk, set up the EFI partition (which you have already allocated) and install grub on thadm), but I don’t see any good instructions for how to do it. I just finished a software raid install, so I’m putting instructions here for the next person.

Notes:

• Please mention any information/comments you have to add to this procedure
• This procedure is written for qubes 4.2 installs
• This procedure will assume you have 2 hard drives. If you have more, then whenever it says to do something “for the 2nd hard drive”, do it for each of the hard drives that are left
• This procedure assumes the drives are blank, and do not already have a partition table
• The graphical install procedure seems to fully work for the stated case, but this will always be a work in progress as i’d like people to add information that can help optimize the procedure, and there is always more that can be added (like adding a real /boot/efi2)

What is mdadm?

There are 3 known ways to do software raid on qubes.

• Mdadm (the traditional way)
• zfs (a really cool way, with a strange licensing quirk)
• and btrfs (tries to do zfs like things, but without the licensing quirk).
• This article documents the mdadm way.

If you want to try the zfs way, you can start by looking here: ZFS in Qubes OS
If you want to try the btrfs way, you can try starting here: BTRFS redundant disk setup (RAID alternative)

Graphical Software Raid installation procedure:

1. Do the standard steps listed in Installation guide | Qubes OS , up to the part about configuring the “Installation Destination” (after the anchor: Installation guide | Qubes OS)
2. Select “Installation Destination”
3. Select all media
4. Select “advanced custom Blivet-GUI”
5. Click “Done”

NOTE: There is the CLI way to set up the partitions, and the graphical way to set up the partitions. Below is the graphical way, but see “If it breaks during the install” section at the end of this document for the beginning of the discussion of CLI related ways of doing things.

Create the (blank) partition tables

1. Click on disk 1
2. Right click on “Free space” → Edit → Set partition table
3. Set it to GPT
4. Click on disk 2
5. Right click on “Free space” → Edit → Set partition table
6. Set it to GPT

Create the partitions

Note: One of the problems that we will run into is that once we create the raid device is that we wont be able to just say “use the new raid device and do your automatic partitioning thing using that”. We will have to make partitions manually.

Create the MBR partition (optional)

The first 1 meg on a drive should normally be reserved for MBR related things. You may end up needing this space if UEFI does not go well for you.
Some partition editors automatically reserve the first meg for you in some way. The current version of the blivet-gui partition editor that Qubes installer uses appears to set the default for the starting block of new partitions to be after the first meg, so as long as you leave the defaults, you don’t need to create a 1 meg partition for MBR (and then do nothing with it, just so nothing else uses it)

Create the EFI filesystem

1. Click on disk 1

2. Right click “Free space” → New

3. Set the following:

   Field	Setting
   Device type	partition
   size	1 Gib
   Filesystem	“EFI System partition”
   label	EFI
   mountpoint	/boot/efi
   encryption	no. do not encrypt the EFI partitions

4. Then do the same for the 2nd drive, but instead of /boot/efi as the mountpoint, use /boot/efi2 as the mountpoint
   (Note: This procedures still does not use /boot/efi2 for anything, but maybe someday we can have it set up /boot/efi2 so the 2nd drive can be booted from as well (I.E. without a rescue disk))

Create the boot filesystem

1. Click on “Free space” of one of the drives

2. Right click → new

3. Select type “software raid”

4. See the list of drives spring up and add the 2nd drive

5. Set raid level to “raid1”

6. Set the following:

   Field	Setting
   Device type	Software RAID
   size	2 Gib
   Filesystem	“ext4”
   label	boot
   name	boot
   mountpoint	/boot
   encryption	no. do not encrypt the boot partition

7. Click “OK” when done

Create the root filesystem

1. Click on “Free space” of one of the drives

2. Right click → new

3. Select type “software raid”

4. See the list of drives spring up and add the 2nd drive

5. Set raid level to “raid1”

6. Set the following:

   Field	Setting
   Device type	Software RAID
   size	Take all the space
   Filesystem	“physical volume LVM”
   name	pv-encrypted
   encryption	yes! if you want encryption, enable it here

Create the volume group

1. On the left hand side, under “RAID” (instead of under "Disks), select the new pv-encrypted device
2. Right click in the area to the right that normally said “free space” of the new pv-encrypted volume → new
3. Set the name to “qubes_dom0”

Create the swap volume

1. Right click on empty space of the new volume group → new

2. Set the following:

   Field	Setting
   Device type	“LVM2 Logical Volume”
   size	10 Gib
   Filesystem	swap
   label	swap
   name	swap
   encryption	no. do not encrypt (already encrypted)

Create the thinpool

(Note: if we do not create the thinpool, do we not have to select “use pre-existing pool” at the end and it automatically creates one? I have no idea but itd be interesting to investigate)

1. Right click on empty space of the new volume group → new
2. Select device type: “LVM2 ThinPool”
3. Set size to: take it all
4. Set name to “pool00”
5. do not encrypt (already encrypted)

Create the root volume

1. Right click on new lvmthinpool → New

2. Set the following:

   Field	Setting
   Device type	“LVM2 Thin Logical Volume”
   size	take it all
   Filesystem	ext4
   label	root
   name	root
   mountpoint	/
   encryption	no. do not encrypt (already encrypted)

At this point click the “done” button in the upper left hand corner. it should complain at the bottom of the screen. You can view the issues, and it should say something like: “/boot” is on a RAID volume, but EFI is not! If your boot drive goes down you wont be able to boot.

EFI filesystem is not intended for RAID, so thats not a real option. And undoing raid for /boot won’t help the situation. So you can ignore the message.

However, if it says something else, like 'you forgot to put a root mountpoint for “/” ', then you should go fix that.

After all problems (other then the one you are ignoring) are resolved:

1. Click “done”
2. If nothing happens, Click “done” again
3. Start the installation

WARNING:

1. It did not save the partitions you just set up. If you reboot now it will be gone.
2. Going back into the “Installation Device” will clear out all the work you just did.
3. You are not done! The installer will install stuff, then when it reboots you will still need to do one last thing! (shown in the very next line on this page)
4. If it breaks during install, jump to section “If it breaks during the install”

After install works and it tries to reboot into the new qubes system

You’ll get the “Out Of Box” configuration options. Under “Advanced configuration” select “use existing LVM thin pool” with “qubes_dom0” (the only option) and LVM thin pool “Pool00” (the only option).

This might mean we did not need to manually create the thin-pool lvm thing from the partition editor??

If it breaks during the install (or if you did it the CLI way)

If it breaks during the install, it probably write the partitions, so after the reboot:

1. Hit control-alt-F2
2. If you can’t read the screen because the text is too small on a high-res screen, type: setfont solar24x32{enter}

Note: Many other CLI instructions that can be typed here are available from Custom installation | Qubes OS

3. cat /proc/mdstat to view what raid drives are currently active
   (it will say none are active)
4. do: mdadm --assemble --scan
   (hopefully it will find the raid drives)
5. cat /proc/mdstat to view what raid drives are currently active
   (this time it should show both as active)
6. Hit Alt-F6 (to get back to the graphical screen)

Now the fun part. If you hit “rescan” to get the graphical partitioner to acknowledge the RAID drives, the “rescan” process will deactivate the RAID drives!

Basically switch back and fourth between doing “mdadm --assemble --scan” and being in different partitioning screens until something works. I believe what worked for me was doing “mdadm --assemble --scan” after clicking “Installation Device” and before clicking “advanced custom - blivet-gui”, then “Done” (to get to the advanced screen). Whatever I did, when i got to blivet-gui, it recognized the raid disks and I was able to reassign the mount points and then start the install (which worked this time)

CLI Software Raid installation procedure:

This section is not complete. For now, see Custom installation | Qubes OS for ideas

Aftermath

How to tell if a drive fails

You can type cat /proc/mdstat to check if both drives are working. (Note: there is a good chance it’s still syncing the drive at this moment)
You will probably want to write a script that checks it and notifies you if there is a problem, and then put it the script in cron. something like this:

NUMBER_OF_RAIDS=2

#NOTE: You can run a test of this, to make sure nootifications are working by setting NUMBER_OF_RAIDS to more then you have

if [ $NUMBER_OF_RAIDS != `grep '[[]UUU*[]]' /proc/mdstat | wc -l` ]
then  
    notify-send --expire-time=360000  "RAID issue!" "A drive may have failed, or other raid issue.  (or you have NUMBER_OF_RAIDS set wrong).  do: cat /proc/mdstat to see details"
    exit
fi
exit

Things that would be cool

Once it’s installed, it would be cool to mount the 2nd efi partition as /boot/efi2 and adjust the grub installer to install to both partitions. As it stands, if your boot drive goes out, then you will have to boot to a rescue disk, set up the EFI partition (which you have already allocated) and install grub on the other disk

Dear @ddevz ,
After giving your post a well deserved , I decided I must thank you “in person” since your guide just saved me a HUGE headache trying to figure out how to install Qubes with RAID1. Thank you, Thank you, Thank you
ps. the installer use the abbreviation “Gib”, not Gig"

@redmind You are welcome! It’s good to know people get actual use out of what I write

(also, changed s/Gig/Gib/)

Something strange during this part:

after step 1, it shows that we can choose anywhere between 0G and 230G. However, after setting type “LVM2 ThinPool”, it suddenly says it can only be between 0G and 190G (or something like that). After creating the maximum thinpool (190G), it says there is still 40G of free space. I can create another thinpool, but that still leaves space free.

Anyone know what’s going on here?

Actually, anyone know why root is thin provisioned to take everything? (hopefully dom0 runs trim on root regularly). (I did it that way cause that’s how qubes installer with default options seems to do it)

@ddevz I had that happen to me as well, but after trying a few times and making sure it wasn’t something I did wrong, I figured this space must be reserved on purpose and just moved on. If anyone more knowledgeable than myself can point to the explanation it would be nice.

This is not an option for me. (using 4.2.4 installer)

I did this in the past here: Unable to get fully functional system when installing Qubes 4.1 on a RAID1

But I found that ext4 in a RAID1 seemed to prevent me from doing backups in Qubes. I’m assuming you are not having this problem in 4.2? The only filesystem that was useable for my system was XFS at the time. BTRFS was too slow.

Following my instructions at the link above seems to only work with MBR partitioning, not GPT. And GPT is recommended for RAID and UEFI from what I’ve read. And GPT is what requires creating the separate partition for /boot/efi - yet as I said above, I don’t have that option in my installer.

Any advice?

To bypass my limitation above I created the EFI partitions in the command-line with fdisk.

Then I followed the rest of your instructions. But the installer won’t install. When I click DONE in the partitioning I get the errors:

Your BIOS-based system needs a special partition to boot from a GPT disk label.

I think I see your issue.

When on github they said:
You may want to reinstall R4.1 with one of the three supported automatic partitioning schemes:

• LVM Thin Provisioning (the default)*
• Btrfs*

LVM Thin Provisioning does not mean that you are not using ext4. It means that you create a LVM thin partition, then create a root ext4 in the LVM thin partition.

See the section above called “Create the thinpool” which is right before “create the root volume”.

This link discusses how the default install is normally set up. As you see it uses LVM think provisioning, then puts root on it. (normally it Custom installation | Qubes OS
All we are doing is adding a raid layer at the very start, then manually doing everything that it normally does automatically for us.

Good point! I think I’ve only done the above procedure, with UEFI booting.

I knew about the possibility of needing the special partition, which is why I had the the “Create the MBR partition (optional)” part above, however, I’m not sure how the installer handles this.
maybe see if there is a option for partition type similar to “EFI System partition”, but that says “BIOS boot partition” or “MBR” or “Master Boot Record”, or something like that?

You may want to see if anyone knows how to create a “BIOS boot GPT disk” from the custom screen of anaconda (i beileve the installer is anaconda). If so, we could add those instructions to the “MBR” section for people not using UEFI.

Have anybody managed to have software RAID and two thin pools (root-pool and vm-pool)? Or at least leave empty space in LVM for the vm-pool to be created after first reboot? I haven’t…

The only way I managed this is to partition everything in CLI. Here is my monster command to do this (assuming two nvme disks):

printf '
g\n
n\n
\n
\n
+1G\n
t\n
1\n
n\n
\n
\n
+1G\n
t\n
2\n
42\n
n\n
\n
\n 
\n
t\n
3\n
42\n
w\n' | fdisk /dev/nvme0n1
&& sfdisk -d /dev/nvme0n1 | sfdisk /dev/nvme1n1
&& sgdisk -G /dev/nvme1n1
&& partprobe /dev/nvme?n1
&& sleep 1
&& mdadm -C -n 2 -e 1.0 -l 1 /dev/md0 /dev/nvme[01]n1p1
&& mdadm -C -n 2 -e 1.0 -l 1 /dev/md1 /dev/nvme[01]n1p2
&& mdadm -C -n 2 -e 1.0 -l 1 --assume-clean /dev/md2 /dev/nvme[01]n1p3
&& mkfs.vfat /dev/md0
&& mkfs.ext4 /dev/md1
&& cryptsetup luksFormat /dev/md2
&& cryptsetup open /dev/md2 luks
&& vgcreate qubes_dom0 /dev/mapper/luks
&& lvcreate -T -n root-pool -L 20GiB qubes_dom0
&& lvcreate -V 20GiB -n root qubes_dom0/root-pool
&& mkfs.ext4 /dev/qubes_dom0/root
&& lvcreate -L 4GiB -n swap qubes_dom0
&& mkswap /dev/qubes_dom0/swap

“luksFormat” step will ask to choose disk passphrase.

After that, reboot (I haven’t managed to reload otherwise - looks buggy, and doesn’t fully recognize raid devices), and then go to “custom” (not “advanced”) partitioning and select what should be where:

• md0 - /boot/efi
• md1 - /boot (select to format this partition)
• qubes_dom0/root - / (select to format this partition)
• qubes_dom0/swap - swap (try to select formatting, but sometimes it’s inactive…)

To be clear my current systm is UEFI and I’m using GPT. That’s what makes the message confusing about my “BIOS-based system”.

In the past I have installed Qubes on RAID1 with MBR successfully (see my link above).

Oh, wow. Didn’t see that comming.

Are you absolutely sure that your BIOS settings are configured for UEFI?
Also, please confirm that secure boot is not enabled (I think that the installer wouldnt even run if secure boot was on, but I’m just trying to cover all the possibilities)

If both of those are set correctly, then my best guess would be a BIOS bug. Are there any updates available for your BIOS? possibly web search on the BIOS your system uses and the “BIOS-based system” error message?

I’m using Dasharo, which I understand is UEFI only.

EDIT: My problem was Heads not supporting mdadm, so most of this is not helpful to this topic. see: The NitroPC Pro 2 is Qubes-certified! - #3 by scallyob

ORIGINAL POST Thanks for the CLI example. I did it manually, line by line. However, I ended up in the same place after doing Custom and going to Manual Partitioning page in the GUI installer and setting the mount points an error shows in bottom left. When i click it the popup reads:

Your BIOS-based system needs a special partition to boot from a GPT disk label
To continue, please create a 1MiB ‘biosboot’ type partition on the nvme0n1 disk.
[repeats for nvme1n1]
It is recommended to create a new file system on your /boot partition

As mentioned above, this is using the Dasharo boot loader.

I believe @ddevz has based on the original post, right?

Neat. What motherboard are you using?

Anyway, I’d recomend contacting dashero support, as this does seem like a BIOS issue (unless anyone else sees this behavior?).

No, the orignial post does it with one thinpool that both root and the vms share (somehow) because that was what was documented on the qubes official page as the standard procedure. He is trying for 2 seperate thinpools, which differs from the standard procedure.

Btw btrfs supports RAID natively (without mdadm), i.e. installing Qubes OS as usual on btrfs and then later adding disks for whatever RAID you like should just work.

Thanks, I may try that, though my past experience with BTRFS and Qubes was that it was too resource hungry to be useable. Maybe I hadn’t done it correctly though.

There’s already some users using it as btrfs or xfs are a pre-requisite for the reflink pool. In fact it may become the default sooner or later [1].

Zfs is another file system that supports native RAID. However it’s currently not available in Qubes OS dom0. IIRC it may become available with Qubes 4.3.

[1] Switch default pool from LVM to BTRFS-Reflink · Issue #6476 · QubesOS/qubes-issues · GitHub