Encrypted partition or file for running a virtual machine on am SSD?
Linux - HardwareThis forum is for Hardware issues.
Having trouble installing a piece of hardware? Want to know if that peripheral is compatible with Linux?
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Encrypted partition or file for running a virtual machine on am SSD?
My new PC will be booting from a PCIe Gen3 x4 NVMe SSD. Should be a real screamer. In addition to the host OS and various programs I will place several VMWare virtual machines on the SSD. One of them will be placed either on an encrypted partition of its own or in an encrypted file on an ext4 filesystem on the SSD.
I have read recommendations about placing swap in a file on an SSD rather than a partition. The idea being that the SSD's controller can shuffle the file around the SSD for wear leveling purposes whereas a swap partition would stay on the same real estate and subject that portion of the SSD to excessive use/wear. Sounds reasonable.
I am planning to use dm-crypt (cryptsetup & LUKS) as I have experience with these programs. My question is... would an encrypted file mounted by loopback as a file system suffer a performance as opposed to an encrypted partition mounted as a file system?
TIA,
Ken
p.s. The reason for this setup/experiment is a real life business experience 30 years ago involving an out of date procedure, an even more out of date government publication, data "leakage" and an electrical contractor falling through the ceiling of a classified documents "vault." A rather funny story if someone wants to prompt me to tell it
I have read recommendations about placing swap in a file on an SSD rather than a partition. The idea being that the SSD's controller can shuffle the file around the SSD for wear leveling purposes whereas a swap partition would stay on the same real estate and subject that portion of the SSD to excessive use/wear. Sounds reasonable.
No, it doesn't. The SSD works at the block level. It has no idea whether that block is part of a filesystem or not. If you repeatedly write to block 224236, that block will be reallocated to different parts of the SSD regardless of what OS structure caused that block to be written.
People have a great fear of actually using an SSD. Those fears lead to a lot of superstitions about "daemons in the night" and mystical incantations to provide protection from them.
That is great information. Still, I wonder if partiton or file would provide better performance in the situation I described?
I don't fear using SSDs. I have about a dozen of them. The first was a 16 GB drive in a little sub-notebook I purchased in 2009. When I upgraded the laptop I used 16 GB drive as the OS drive in a server - for about 6 years until the ancient server died. The little SSD still lives - and it does not even support trim.
I had also read that it was good practice to leave a little bit of the drive unpartitioned so that the drive would have "spare" blocks to make use of if needed. Based on your description I wonder if that is really necessary. I suppose a bad sector would simply be marked out and ignored.
That is great information. Still, I wonder if partiton or file would provide better performance in the situation I described?
I don't fear using SSDs. I have about a dozen of them. The first was a 16 GB drive in a little sub-notebook I purchased in 2009. When I upgraded the laptop I used 16 GB drive as the OS drive in a server - for about 6 years until the ancient server died. The little SSD still lives - and it does not even support trim.
I had also read that it was good practice to leave a little bit of the drive unpartitioned so that the drive would have "spare" blocks to make use of if needed. Based on your description I wonder if that is really necessary. I suppose a bad sector would simply be marked out and ignored.
Ken
All modern drives have spare blocks already built into them for overprovisioning. As a block wears out, the controller marks it defective and activates a block from it's overprovisioned area, thus allowing the drive to continue working even once it begins to wear out.
The only time nowadays you MAY want to leave unpartitioned data is if it's an eMMC or gigantic flash drives. Because these don't have the overprovisioning, once blocks start wearing out there's nothing you can do about it.
Last edited by Timothy Miller; 01-17-2017 at 07:32 PM.
The 240 GB drive I am looking at has a 5 year/700TB warranty. I imagine it would take me a while to wear it out. By then the replacement would be bigger, cheaper, faster. My first mechanical hard drive - a 42 MB Seagate cost $400 in 1989. I can get a couple of 6 TB drives for that amount today.
There is little performance difference between a swap file and a swap partition. Writing to a swap file doesn't have to go through the space allocator since it is required that the file be completely allocated. It's just that the mapping of offsets to disk addresses is a bit more complex for a file, and that's just a tiny part of the overhead for swapping.
Leaving some unallocated space beyond the built-in overprovisioning does increase the size that a burst of write activity can be before it depletes the drive's supply of erased blocks. Whether that is significant depends on your usage pattern.
I can't answer about the performance of a loopback file device vs. a partition. I've never played with that or examined the code. The voices in my head tell me there's got to be some, but I really just don't know.
Generally I do not use swap - at least on machines with at least 4 GB of RAM. I will look at the specs of the new drive to see how much over provisioning space is available.
The new PC's CPU and the new SSD are both supposed to "support" AES encryption. Exactly what that will do the dm-crypt I have no idea. I may try a partition and a file and see if I can observe any difference. Or I may just choose whichever one seems most convenient.
Generally I do not use swap - at least on machines with at least 4 GB of RAM. I will look at the specs of the new drive to see how much over provisioning space is available.
The new PC's CPU and the new SSD are both supposed to "support" AES encryption. Exactly what that will do the dm-crypt I have no idea. I may try a partition and a file and see if I can observe any difference. Or I may just choose whichever one seems most convenient.
Ken
One thing that I like is with SSD's, because the boot time is already so low, if you ever use sleep on laptops, I prefer to use swap so I can hibernate instead. It's not QUITE as quick to come back on, but it's fully off while it's hibernating, so it'll last indefinitely without any further drain on the battery. But hibernate requires swap, so I still use swap myself for that one reason.
Last edited by Timothy Miller; 01-17-2017 at 09:15 PM.
I agree. The boot time is really quick. But you are not supposed to have to reboot Linux except when you do a kernel update The ones which have amazed me are the PCs with an M.2 SSD. I have three Dell Inspiron 3050 Micros - about the size of a smaller Intel NUC. The SSD is only SATA speed but my test machine - which I reboot often - will bring up CentOS 7 + Mate to the login screen in 18 seconds including 5 seconds at the grub menu. And it is only a dual core Pentium! I can hardly wait to see what my new Precision Workstation with an i7-6700 and a PCIe 3 x4 SDD card will do. It might boot up before I even hit the power switch
I don't want to pay the power cost of having my machines run 24/7, so they get shut down/hibernated if I'm not actively using them. Who cares if it needs it, I don't need to pay the price for electric, it's already bad enough that the AC runs 9 months of the year here.
I agree with that. My "servers" get booted up only when I need to archive files to them or retrieve files from them. My desktop gets suspended when I am not using it. This reduces the power consumption to less than the various dog house transformers which run the DSL modem, router, switch, sound bar and who knows what else. I have considered running a 12 VDC bus from a deep cycle storage battery to power all of this crap - and charge it with a solar panel. Not sure what sort of ground loop issues I would get into if I hooked all that stuff together...
I have one of the Insprion 3050s dedicated as a video player hooked to the TV and is also serves as my download PC. If I have a big file to download - a distro iso file or something from Usenet - I queue it up on that machine. It only draws 6 - 7 watts per my measurements.
As to the AC... I replaced my heat pump a few years back. The 3rd unit since the house was built in 1980. It is almost as big as an out house. The first one was barely bigger than a bread box. The capacity is the same. Heat exchanger surface area is the key to efficiency. It also has a dual range compressor - sort of like the Cadillac 4-6-8 engine of some years back which would loaf along on 4 cylinders on the highway and then bring on more cylinders when power was needed. When the AC compressor shifts into high - with the outside temperature in the mid to upper 90s - the air coming out of the registers will frost bite your toes if you step on one bare footed.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.