Chapter 5

Provisioning Linux

ISO, kickstart, partitioning, first boot checklist.

Learning objectives

  • Plan disk partitioning for Linux on bare metal
  • Install from ISO or automated kickstart
  • Complete first-boot hardening checklist

Provisioning workflow

Swift Host delivers Workshop Co.’s dedicated server with blank drives or a minimal rescue OS. Your job: install Ubuntu Server LTS, configure networking, deploy the stack from Book 2.

  1. Mount Ubuntu 24.04 ISO via IPMI virtual media
  2. Boot installer; configure RAID in controller or software RAID
  3. Partition disks; install base system
  4. Set static public IP, gateway, DNS
  5. First boot: updates, SSH keys, firewall, deploy app

Partitioning example

MountSizePurpose
/boot/efi512 MBUEFI boot (if not hardware RAID boot)
/50 GBOS and packages
/var100 GBLogs, PHP sessions, mail queue
/var/lib/mysqlremainderDatabase on fast volume
swap8 GBEmergency memory (or swap file)

With hardware RAID presenting one volume, LVM simplifies future resize — optional but common on bare metal.

Network config (netplan snippet)

# /etc/netplan/01-public.yaml
network:
  version: 2
  ethernets:
    eno1:
      addresses: [203.0.113.10/24]
      routes:
        - to: default
          via: 203.0.113.1
      nameservers:
        addresses: [1.1.1.1, 1.0.0.1]

First-boot checklist

Before exposing to traffic
  • apt update && apt upgrade
  • Create deploy user, SSH keys only, disable root login
  • Configure UFW: allow 22, 80, 443; default deny inbound
  • Set hostname workshopco-prod-01
  • Install Nginx, PHP-FPM, MySQL — restore from backup
  • Point DNS only after smoke tests via /etc/hosts or staging

Worked example — automated install

For repeatability, Swift Host uses cloud-init or kickstart for Workshop Co.’s second server:

#cloud-config
hostname: workshopco-prod-02
users:
  - name: deploy
    ssh_authorized_keys:
      - ssh-ed25519 AAAA... workshopco-deploy
packages:
  - nginx
  - php8.3-fpm
  - mysql-server

Try it yourself — install order

Put these steps in correct order: enable UFW, mount ISO, restore DB dump, update DNS A record, run apt upgrade, install Nginx.

Answer
  1. Mount ISO → install OS
  2. apt upgrade
  3. Install Nginx (+ stack)
  4. Restore DB dump
  5. Enable UFW
  6. Update DNS A record (last — after verification)

Quick quiz

  1. Why defer DNS cutover until after smoke tests?
  2. What is cloud-init used for?
  3. Where should MySQL data live on a busy booking app?
Answers
  1. Avoid sending customers to a broken server during provisioning.
  2. Automate first-boot config — users, packages, network on fresh instances/servers.
  3. Fast dedicated partition or volume — /var/lib/mysql on NVMe/RAID.