How do I image a LUKS system disk with Clonezilla without including all the empty space?

Question

I have a 1 TB NVMe disk with Ubuntu 22 installed with vanilla options, except I used LVM, and enabled LUKS. I'd like to image the disk for easy restores. Simply backing up the files is not enough for me, because I also want to revert partition/LVM information when restoring. However, I don't want to end up with a 1 TB image file that is 95% empty space.

How do I get Clonezilla to do this? I can unlock/mount the encrypted volumes, and image them, but that doesn't maintain the underlying partition structure. If I image the underlying partitions, it images the LUKS partitions like they're just a 900ish GB slab of binary.

What's a workaround here?

Answer 1

Is it LVM-on-LUKS or LUKS-on-LVM?

A typical LVM-on-LUKS is just a single LUKS container set up as a LVM physical volume, and then any number of LVM logical volumes on it. You could backup the unlocked LUKS container with Clonezilla to get the whole LVM setup at once.

But if each logical volume is encrypted separately, you have LUKS-on-LVM and pretty much your only option would be to back up each unlocked container as its own image, and then capture the LVM and partition setup information separately.

LVM actually maintains a backup of the configuration of each LVM volume group in the form of a text file at /etc/lvm/backup/. With LUKS-on-LVM, you could grab that to enable easy restoring of the LVM setup with pvcreate --uuid <PV UUID from LVM backup file>, then vgcfgrestore.

That leaves the partitioning layer. sfdisk --dump /dev/nvme0n1 > NVMe.dump produces a partition table description that can be applied to a disk with sfdisk /dev/nvme1n1 < NVMe.dump.