How Qubes / and /home/user mounting as different disks works?

[Guerlan]

I'm curious about how Qubes does this:

mounts /home/user and other user-related directories from disk B

mounts the / from disk A, but when VM shutdowns, disk is discarded

I'm curious on how it mounts disk A. I don't think it makes a copy of disk A to a temporary disk A', because that'd move lots of gigabytes on every VM startup.

However, it also can't mount disk A as read-only, because I can write to it, it just gets discarded.

How does this work? And is it exclusive of Xen? Couldn't I do the same in KVM? It's very useful

[Chris Laprise]

Qubes uses copy-on-write snapshots to achieve this. With a default
install, that means an LVM "thin pool" holds all of the VM volumes, and
when a VM starts a snapshot is taken of both "disk A" and "disk B" (the
*-root and *-private volumes). With a normal AppVM (base on a template)
the root and private volumes are treated differently on shutdown: Root
snapshot is discarded, and private is rotated to replace the persistent
copy (what appears in the VM as /rw and /home).

A similar snapshot routine is used if you installed Qubes with Btrfs
format instead of LVM (Btrfs is a copy-on-write filesystem).

Copy-on-write provides the ability to create new representations or
snapshots of an existing file or volume, instantly. Snapshotting is like
copying, but using a collection of pointers instead of the data itself.
Thus, when a new snapshot is changed, the system only needs to write
some new blocks in a different location and replace some pointers in the
snapshot's metadata to point to the new location. This all can save a
lot of time and disk space.

--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886

[Chris Laprise]

On 3/4/20 10:19 PM, Guerlan wrote:

As to whether this can be done with KVM, yes you can. But Linux vendors
are very confused about which copy-on-write technologies to promote so
they tend to push the least common denominator, which is partitions or
VMDK files. OTOH, Qubes decided copy-on-write storage was too useful to
ignore and integrated it into VM management functions.

You could use LVM thin pools with KVM, but IIRC you would have to
automate snapshot handling yourself or find an additional package to do
it (if such exists).

[Guerlan]

so if I understood correctly, all the work is done inside the VM, not outside? I can imagine mounting the root disk as read only and then setting up my VM to 'write' to this disk using these pointers you mentioned. Is this how it work?

Which solution Qubes uses and do you know one for Ubuntu? I don't want to have lots of different VMs, Ubuntu is enough