Rescue System

Story of creating a rescue system, where the system to be booted will be an Arch install media, and I will use a USB drive for this. The plan is to have a GPT partition table on the drive, where one partition will hold the ARCH installation on a FAT32 filesystem, there will also be a cloud-init user-data drive, so that the live arch system's cloud-init will process it and set up an ssh server on the rescue system. I will also create an encrypted ext4 filesystem that will hold any data that I would like to save/transfer.

Partitioning

I will be using my /dev/sdb device, so let's first export some variable for that:

export BLOCKNAME=sdb
export STICKDEV=/dev/$BLOCKNAME

I first started with some partitioning with parted using 1MiB as a starting of the first partition, but then I got several warnings from parted, so I need to calculate the optimal sector alignment for the drive.

https://rainbow.chard.org/2013/01/30/how-to-align-partitions-for-best-performance-using-parted/

Here are the parameters that are relevant for the calculation:

[root@mw ~]# cat /sys/block/$BLOCKNAME/queue/optimal_io_size 
33553920
[root@mw ~]# cat /sys/block/$BLOCKNAME/alignment_offset 
0
[root@mw ~]# cat /sys/block/$BLOCKNAME/queue/physical_block_size 
512

So my alignment is 33553920 / 512 = 65535

• First partition's start will be then this sector: 655535
• I want that partition to be 1GiB in size. 1GiB in sectors is: 1 * 1024 ** 3 // 512 = 2097152
• Last sector is then 65535 + 2097152 = 2162687
• Align that to the closest: 2162687 // 65535 * 65535 = 2162655
• So the last sector shall be 2162654 and the next partition should start at 2162655

parted "$STICKDEV" --script mklabel gpt
parted "$STICKDEV" --script mkpart RESCUE fat32 65535s 2162654s
parted "$STICKDEV" --script mkpart CIDATA fat32 2162655s 4259774s
parted "$STICKDEV" --script mkpart DATA ext4 4259775s 100%

Checking the alignment:

[root@mw ~]# parted "$STICKDEV"
GNU Parted 3.5
Using /dev/sdb
Welcome to GNU Parted! Type 'help' to view a list of commands.
(parted) align-check opt 1                                                
1 aligned
(parted) align-check opt 2
2 aligned
(parted) align-check opt 3
3 aligned

All good.

Formatting

Now let's format the RESCUE partition (https://wiki.archlinux.org/title/USB_flash_installation_medium#UEFI_only)

mkfs.fat -F 32 /dev/sdb1

Also I want the cloud-init data to be formatted as well:

mkfs.vfat -n cidata /dev/sdb2

Extract files

Again, the same reference (https://wiki.archlinux.org/title/USB_flash_installation_medium#UEFI_only)

mount /dev/sdb1 /mnt/
bsdtar -x -f archlinux-2023.11.01-x86_64.iso -C /mnt
umount /mnt

Setup Cloud-init data

mount /dev/sdb2 /mnt/
printf "" > /mnt/meta-data

Here is what the other files look like:

$ cat /mnt/network-config 
version: 2
config: disabled

$ cat /mnt/user-data 
#cloud-config
users:
  - name: root
    ssh_authorized_keys:
      - ssh-ed25519 <my public key>

Setting up data

The data partition will be encrypted:

cryptsetup -y -v luksFormat /dev/sdb3

Interestingly I see these logs:

Ignoring bogus optimal-io size for data device (33553920 bytes).

There seems to be a discussion about drives connected via USB and how to handle such messages. The problem seems to be related to UAS (https://en.wikipedia.org/wiki/USB_Attached_SCSI), here is the explanation why is it causing issues: https://unix.stackexchange.com/a/496606

Anyways, moving on:

cryptsetup open /dev/sdb3 backup-data
mkfs.ext4 /dev/mapper/backup-data
cryptsetup close backup-data