Merge pull request #108460 from simonesavi/linuxdiskpartitions

Add Linux partitions in example

Author: PRMerger7

articles/virtual-machines/extensions/azure-disk-enc-linux.md

@@ -12,7 +12,7 @@ ms.service: virtual-machines-linux
 ms.topic: article
 ms.tgt_pltfrm: vm-linux
 ms.workload: infrastructure-services
-ms.date: 06/10/2019
+ms.date: 03/19/2020
 ms.author: ejarvi
 
 ---

articles/virtual-machines/extensions/azure-disk-enc-windows.md

@@ -12,7 +12,7 @@ ms.service: virtual-machines-windows
 ms.topic: article
 ms.tgt_pltfrm: vm-windows
 ms.workload: infrastructure-services
-ms.date: 06/12/2018
+ms.date: 03/19/2020
 ms.author: ejarvi
 
 ---
@@ -30,7 +30,7 @@ For a full list of prerequisites, see [Azure Disk Encryption for Windows VMs](..
 - [Networking requirements](../windows/disk-encryption-overview.md#networking-requirements)
 - [Group Policy requirements](../windows/disk-encryption-overview.md#group-policy-requirements)
 
-## Extension schema
+## Extension Schema
 
 There are two versions of extension schema for Azure Disk Encryption (ADE):
 - v2.2 - A newer recommended schema that does not use Azure Active Directory (AAD) properties.

articles/virtual-machines/linux/disk-encryption-linux.md

@@ -203,9 +203,9 @@ The following table lists Resource Manager template parameters for existing or r
 |  keyEncryptionKeyURL | URL of the key encryption key that's used to encrypt the encryption key. This parameter is optional if you select **nokek** in the UseExistingKek drop-down list. If you select **kek** in the UseExistingKek drop-down list, you must enter the _keyEncryptionKeyURL_ value. |
 | volumeType | Type of volume that the encryption operation is performed on. Valid values are _OS_, _Data_, and _All_. 
 | forceUpdateTag | Pass in a unique value like a GUID every time the operation needs to be force run. |
-| resizeOSDisk | Should the OS partition be resized to occupy full OS VHD before splitting system volume. |
 | location | Location for all resources. |
 
+For more information about configuring the Linux VM disk encryption template, see [Azure Disk Encryption for Linux](https://docs.microsoft.com/azure/virtual-machines/extensions/azure-disk-enc-linux).
 
 ## Use EncryptFormatAll feature for data disks on Linux VMs
 
@@ -215,7 +215,7 @@ The **EncryptFormatAll** parameter reduces the time for Linux data disks to be e
 
 >[!WARNING]
 > EncryptFormatAll shouldn't be used when there is needed data on a VM's data volumes. You may exclude disks from encryption by unmounting them. You should first try out the EncryptFormatAll first on a test VM, understand the feature parameter and its implication before trying it on the production VM. The EncryptFormatAll option formats the data disk and all the data on it will be lost. Before proceeding, verify that disks you wish to exclude are properly unmounted. </br></br>
- >If you’re setting this parameter while updating encryption settings, it might lead to a reboot before the actual encryption. In this case, you will also want to remove the disk you don’t want formatted from the fstab file. Similarly, you should add the partition you want encrypt-formatted to the fstab file before initiating the encryption operation. 
+ >If you're setting this parameter while updating encryption settings, it might lead to a reboot before the actual encryption. In this case, you will also want to remove the disk you don't want formatted from the fstab file. Similarly, you should add the partition you want encrypt-formatted to the fstab file before initiating the encryption operation. 
 
 ### EncryptFormatAll criteria
 The parameter goes though all partitions and encrypts them as long as they meet **all** of the criteria below: 
@@ -261,17 +261,22 @@ We recommend an LVM-on-crypt setup. For all the following examples, replace the
 - Add the data disks that will compose the VM.
 - Format, mount, and add these disks to the fstab file.
 
-    1. Format the newly added disk. We use symlinks generated by Azure here. Using symlinks avoids problems related to device names changing. For more information, see the [Troubleshoot Device Names problems](troubleshoot-device-names-problems.md) article.
+    1. Choose a partition standard, create a partition that spans the entire drive, and then format the partition. We use symlinks generated by Azure here. Using symlinks avoids problems related to device names changing. For more information, see the [Troubleshoot Device Names problems](troubleshoot-device-names-problems.md) article.
 
-         `mkfs -t ext4 /dev/disk/azure/scsi1/lun0`
+         ```azurepowershell-interactive
+         parted /dev/disk/azure/scsi1/lun0 mklabel gpt
+         parted -a opt /dev/disk/azure/scsi1/lun0 mkpart primary ext4 0% 100%
+         
+         mkfs -t ext4 /dev/disk/azure/scsi1/lun0-part1
+         ```
 
     1. Mount the disks.
 
-         `mount /dev/disk/azure/scsi1/lun0 /mnt/mountpoint`
+         `mount /dev/disk/azure/scsi1/lun0-part1 /mnt/mountpoint`
 
     1. Add to fstab.
 
-        `echo "/dev/disk/azure/scsi1/lun0 /mnt/mountpoint ext4 defaults,nofail 1 2" >> /etc/fstab`
+        `echo "/dev/disk/azure/scsi1/lun0-part1 /mnt/mountpoint ext4 defaults,nofail 0 2" >> /etc/fstab`
 
     1. Run the Set-AzVMDiskEncryptionExtension PowerShell cmdlet with -EncryptFormatAll to encrypt these disks.
 
@@ -404,7 +409,7 @@ Azure Disk Encryption does not work for the following Linux scenarios, features,
 - Dynamic volumes.
 - Ephemeral OS disks.
 - Encryption of shared/distributed file systems like (but not limited to): DFS, GFS, DRDB, and CephFS.
-- Moving an encrypted VMs to another subscription.
+- Moving an encrypted VM to another subscription.
 - Kernel Crash Dump (kdump).
 
 ## Next steps