With the architecture designed, Phase 2 involves hands-on deployment. A System Administrator installs the base operating systems, sets up virtual environments, deploys network and application services, and handles server upgrades and migrations.
Detailed Explanation: Installing a server OS is fundamentally different from a desktop OS. Administrators typically install "Headless" (CLI-only) distributions to save resources and reduce the attack surface. In enterprise environments, installations are rarely done manually via CD/USB; instead, automated provisioning tools are used.
When spinning up a new Ubuntu server in a cloud environment or hypervisor, administrators inject a user-data script to automatically install packages, add SSH keys, and update the system on first boot.
#cloud-config
# This script runs automatically during OS installation/first boot
# Update apt database and upgrade packages on first boot
package_update: true
package_upgrade: true
# Install essential admin tools immediately
packages:
- htop
- curl
- net-tools
- vim
- fail2ban
# Automatically create the main admin user and inject SSH key
users:
- name: sysadmin
groups: sudo
shell: /bin/bash
sudo: ['ALL=(ALL) NOPASSWD:ALL']
ssh_authorized_keys:
- ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC3... admin@workstation
Detailed Explanation: Shared resources allow multiple servers or users to access the same storage pool. Network File System (NFS) is standard for Linux-to-Linux sharing, while Samba (SMB/CIFS) is used for Windows cross-compatibility.
#!/bin/bash # 1. Install the NFS Kernel Server sudo apt-get update sudo apt-get install nfs-kernel-server -y # 2. Create the directory to be shared sudo mkdir -p /mnt/shared_data sudo chown nobody:nogroup /mnt/shared_data sudo chmod 777 /mnt/shared_data # 3. Configure the NFS export file to allow a specific subnet echo "/mnt/shared_data 192.168.1.0/24(rw,sync,no_subtree_check)" | sudo tee -a /etc/exports # 4. Export the share and restart the service sudo exportfs -a sudo systemctl restart nfs-kernel-server sudo ufw allow from 192.168.1.0/24 to any port nfs echo "NFS Share successfully deployed."
Detailed Explanation: Server upgrades apply to both Hardware (adding RAM/CPU to a node) and Software (upgrading the OS version). For software, administrators must differentiate between routine patch management (security updates) and full distribution upgrades (e.g., Ubuntu 20.04 to 22.04), which carry higher risk of application breakage.
#!/bin/bash
# Routine OS upgrade script for Debian/Ubuntu based systems
echo "Starting routine server patching..."
# Update package lists
sudo apt-get update
# Upgrade packages safely (does not remove installed packages)
sudo apt-get upgrade -y
# Clean up unused dependencies left over from older versions
sudo apt-get autoremove -y
# Check if a reboot is required (e.g., after a kernel update)
if [ -f /var/run/reboot-required ]; then
echo "CRITICAL: A system reboot is required to complete the upgrade."
# In production, do not auto-reboot. Alert the admin to schedule downtime.
else
echo "Upgrade complete. No reboot required."
fi
Detailed Explanation: Migration is the process of moving workloads from one environment to another, such as Physical-to-Virtual (P2V) or On-Premise to Cloud. The goal is zero data loss and minimal downtime.
Detailed Explanation: Modern infrastructure relies heavily on virtualization. Installing a virtual server involves setting up a hypervisor (like KVM, VMware ESXi, or Microsoft Hyper-V) and provisioning virtual machines (VMs) that act exactly like physical computers.
#!/bin/bash # 1. Install KVM, libvirt, and required utilities sudo apt install qemu-kvm libvirt-daemon-system libvirt-clients bridge-utils virtinst -y # 2. Add current user to libvirt group sudo adduser `id -un` libvirt # 3. Provision a new Virtual Machine from the command line # This creates a VM named "web-node-01" with 2GB RAM, 2 CPUs, and a 20GB disk virt-install \ --name web-node-01 \ --ram 2048 \ --vcpus 2 \ --disk path=/var/lib/libvirt/images/web-node-01.qcow2,size=20 \ --os-variant ubuntu22.04 \ --network bridge=virbr0 \ --graphics none \ --console pty,target_type=serial \ --location 'http://archive.ubuntu.com/ubuntu/dists/jammy/main/installer-amd64/' \ --extra-args 'console=ttyS0,115200n8 serial'
Detailed Explanation: Network services form the backbone of the infrastructure. The most common are DNS (Domain Name System, resolving names to IPs), DHCP (Dynamic Host Configuration Protocol, assigning IPs), and NTP (Network Time Protocol, keeping server clocks perfectly synchronized for security logs).
# Accurate time is critical for cryptography and log correlation. # Install Chrony sudo apt update sudo apt install chrony -y # Ensure the service starts automatically on boot sudo systemctl enable chrony # Start the service sudo systemctl start chrony # Verify synchronization with public time servers chronyc tracking chronyc sources -v
Detailed Explanation: Application services are what actually serve the end-user or business logic. The classic example is a web server and a database. Installing these securely ensures the platform is ready for developers to deploy their code.
#!/bin/bash # Script to install the base Application Services (LEMP Stack) # 1. Install Nginx (Web Server) sudo apt install nginx -y sudo systemctl enable nginx sudo systemctl start nginx # 2. Install MySQL (Database Server) sudo apt install mysql-server -y sudo systemctl enable mysql sudo systemctl start mysql # Post-install: Run 'sudo mysql_secure_installation' manually to set root password # 3. Install PHP (Application Logic) sudo apt install php-fpm php-mysql -y echo "LEMP Stack successfully installed." # Note: Configuration of these services happens in Phase 3!