#46 a pass through on the server installation doc
Closed 2 years ago by pboy. Opened 3 years ago by langdon.
langdon/fedora-server langdon-server-install  into  main

@@ -12,71 +12,73 @@ 

  image::serverinstall-summaryscreen.png[Anaconda Installation Summary]

  

  While Fedora Server Edition uses the same package set as all Fedora editions, the defaults are different and more

- taylored to a server install. These defaults are outlined in the following sections, and can of cour.se be overridden either in kickstart or the installer itself

+ tailored to a server install. These defaults are outlined in the following sections, and can, of course, be overridden either in https://docs.fedoraproject.org/en-US/fedora/rawhide/install-guide/advanced/Kickstart_Installations/[kickstart] or the installer itself

  

- And of course, the installation planning depends in many details on the target environment. As an example, a virtual machine installation requires a different approach to storage than a bare metal installation. Thus, in the former case, one does not need to worry about a RAID system. 

+ And of course, the installation planning depends on the details of the target environment. As an example, a virtual machine installation requires a different approach to storage than a bare metal installation. In the former case, one does not need to worry about a RAID system.

  

- These instructions and notes primarily concern a **bare metal installation**.

+ These instructions and notes primarily concern a **bare metal installation**. A "bare metal installation" is one where the Operating System (Fedora Server Edition in this case) is installed directly on the computer vs a virtual machine, in the cloud, etc.

  

  == Choosing the right installation medium

  

- Fedora Server comes with its own special installation iso image, either as a full local installation or as a network installation. If at all possible, use one of the two Fedora Server Edition alternatives and avoid booting from another image, for example 'Everything' and then selecting Fedora Server as the installation target, or changing the installation source to 'Fedora Server' afterwards. Anaconda, the installation program and the GUI look alike for any edition or spin, but are tailored differently under the skin, e.g. with different configuration defaults.

+ Fedora Server comes with its own special installation ISO image, either as a full local installation or as a network installation. If at all possible, use one of the two https://getfedora.org/en/server/download/[Fedora Server Edition] alternatives ("Standard" or "Netinstall") and avoid booting from another image.  Anaconda, the installation program and the GUI look alike for any edition or spin, but are tailored differently under the surface, e.g. with different configuration defaults.

  

  == Disk partitioning

  

- If you ask 3 system administrators about the best practice for hard disk partitioning, you will get at least 5 different answers. There is no clear best way regarding partitioning. It depends on different goals and weightings.

+ If you ask 3 system administrators about the best practice for hard disk partitioning, you will get at least 5 different answers. There is no clear, best way to partition your disks. While this subject is beyond the scope of this document, we can offer that we expect at least **XXXX** GB for a complete install. Talk to your friends, read up on the subject, search for articles, and make your own judgment. Many solutions are editable after installation (but not all!).

  

  === What default partitioning does

  

- By default, Anaconda as tailored for Fedora Server Edition creates in case of a bios boot machine a small /boot partition on the first drive, used by Grub2 bootloader. The remaining area is filled with another partition and one volume group (VG) created therein. In case of a disk larger then 2 TB it uses a GPT partition table and adds a BIOSboot partition to the described scheme, otherwise the traditional DOS partition table.

+ By default, on a BIOS booting machine, Anaconda creates  a small ```/boot``` partition on the first drive, used by the Grub2 bootloader. The remaining area is filled with another partition and one volume group (VG) created therein. In case of a disk larger then 2 TB it uses a GPT partition table and adds a BIOSboot partition to the described scheme, otherwise it uses the traditional DOS partition table.

  

- In case of a UEFI boot system it creates first the required 'EFI System' partiion and then adds the aforementioned /boot partition and LVM partition and Volume Group.

+ In the case of a UEFI boot system, Anaconda creates first the required 'EFI System' partition and then adds the aforementioned ```/boot``` partition and LVM partition and Volume Group (VG).

  

- Therein, a logical volume of approx. 15 GB (the exact value depends on the disk capacity) is created for the operating system and its software. The other available space remains free for the creation of logical volumes (LVs) for user data, which are to be mounted at the appropriate positions in the directory tree of the system area.

+ A logical volume of approximately 15 GB (the exact value depends on the disk capacity of your system) is created for the operating system and its software. The other available space remains free for the creation of Logical Volumes (LVs) for user data, which are to be mounted at the appropriate positions in the directory tree of the system area.

  

- === The rationale 

+ === The rationale

  

- The rationale behind this is a separation of system and user data. This should ease system administration, increase security, and decrease error-proneness. The system area, i.e. the operating system including installed utility programs and software must be maintainable completely independently of the storage of user data. System maintenance must not jeopardise user data under any circumstances. If necessary, it must be possible to unmount user data. 

-  

- === Further rationale reinforcement

+ The rationale behind this is a separation of system and user data, which eases system administration, increases security, and decreases the likelihood of errors. The system area (i.e. the operating system including installed software) must be maintainable completely independently of the storage of user data. System maintenance must not jeopardize user data under any circumstances. If necessary, it must be possible to unmount user data.

  

- You may reinforce that rationale even further and create another small partition and VG dedicated to the operating system (in addition to the partition for /boot). A good size for this volume group, eg. sysvg, is approx. 30 GiB. Create an LV, e.g. 'sys_root' of 15 GiB for the operating system and maybe additional LVs for the runtime environment, e.g. a LV 'sys_log' of about 5 GiB. Mount it at /var/log to prevent log files to flood and block the system and vice versa prevent that any other space issue on root partition blocks your log files. The remaining free space is left for disposal as needed for whatever maintenance work. The remaining area of the hard disk is filled by a large partition and VG for user data, e.g. usrvg. Similar to the default partitioning, all user data is created as LVs in usrvg and mounted in corresponding directories of the system area. This is the maximum possible separation of system and user data if only one hard disk is available. And with today's typical hard drive size of 2 TB and more, those dedicated 30 GiB don't interfere with effective use of disk space anymore.

+ === Taking the Rationale Further

  

- === Raid system 

+ If you are a more experienced administrator, you may wish further the rationale above with increased separation.

  

- If there is more than one disk available, the default partitioning creates on each of the other disks one big partition with a physical volume (pv) and adds it to the volume group.

+ Create another small partition and VG dedicated to the operating system (resulting in three partitions: system, user, & boot). A good size for this VG (eg. ```sysvg```) is, approximately, 30 GB. Create a LV (e.g. ```sys_root```) of 15 GB for the operating system and maybe additional LVs for the runtime environment (e.g. a LV ```sys_log```) of about 5 GB. Mount it at ```/var/log``` to prevent log files from flooding and blocking the system and, vice versa, prevent that any other space issue on the root partition blocking your logs. The remaining free space is left for distribution as needed over time. The remaining area of the hard disk is filled by a large partition and a VG for user data (e.g. ```usrvg```). Similar to the default partitioning, all user data is created as LVs in ```usrvg``` and mounted in the corresponding directories of the system. This is the maximum possible separation of system and user data with only one hard disk is available. And with today's typical hard drive size of 2 TB and more, those dedicated 30 GBs don't interfere with the effective use of disk space anymore.

  

- On a server, this is usually not optimal. Rather, several disks should store data redundantly in order to maintain operation in the event of a hardware failure. Technically, you will prefer to configure a RAID system. For details you may hava a look at the Fedora https://docs.fedoraproject.org/en-US/fedora/f34/install-guide/install/Installing_Using_Anaconda/#sect-installation-gui-manual-partitioning-swraid[Installation Guide]. 

+ === Raid system

  

- Manual partitioning is necessary for this. Select "Installation Destination" in the Summary Screen, the options "Custom" and "Advanced Custom (Blivet-GUI)" both enable manual partitioning.

+ If there is more than one disk available, the default partitioning creates, on each of the other disks, one big partition with a Physical Volume (PV) and adds it to the VG.

  

- On Bios boot machines and hard disks with a maximum of 2 TB, select the comfortable "Custom" option.

+ On a server, this is usually not optimal. Rather, several disks should store data redundantly in order to maintain operation in the event of a hardware failure. Configuring a RAID system is one such solution. For details see the https://docs.fedoraproject.org/en-US/fedora/f34/install-guide/install/Installing_Using_Anaconda/#sect-installation-gui-manual-partitioning-swraid[Creating Software RAID] section of the https://docs.fedoraproject.org/en-US/fedora/f34/[Installation Guide]. _NOTE: both of these links are to the Fedora 34 version of the docs. Please confirm your are using that version or find the same docs for your version._

  

- - If exist, delete any partition (use the '-' sign at the bottom of the left box).

+ Manual partitioning is necessary for RAID setup. Select "Installation Destination" in the Summary Screen, the options "Custom" and "Advanced Custom (Blivet-GUI)" both enable manual partitioning.

  

- - Add a Partition, select mount point /boot, type changes from default LVM to standard, select size 1 Gib.

+ On BIOS boot machines and hard disks with a maximum of 2 TB, select the comfortable "Custom" option.

+ 

+ - If any exist, delete any partitions (use the '-' sign at the bottom of the left box).

+ 

+ - Add a Partition, select a mount point (e.g. ```/boot```), type changes from default LVM to standard, select size 1 Gib.

  

  - After creation modify the partition type to RAID.

  

- - Anaconda later detects the raid configuration of /boot and installs the mbr on each included disks. If the first disk fails it can boot using the other one.

+ - Anaconda later detects the raid configuration of /boot and installs the ```MBR``` on each included disk. If the first disk fails it can boot using the other one.

  

- - Add additional raid partitions as needed.

+ - Add additional RAID partitions as needed.

  

- Hard disks larger than 2 TB require a GPT disk label and an additional BIOSboot partition. The Custom option can't handle this in a RAID configuration. You have to choose the 'Advanced custom' option.

+ NOTE: Hard disks larger than 2 TB require a ```GPT``` disk label and an additional ```BIOSboot``` partition. The Custom option can't handle this in a RAID configuration. You have to choose the 'Advanced custom' option.

  

  == Networking

  

- By default the installation program creates a DHCP configuration for each network interface. In case of an active connection it is automatically started during boot. 

+ By default the installation program creates a DHCP configuration for each network interface. In the case of an active connection it is automatically started during boot.

  

- In case of servers it is often preferrable to configure a static IP address. This ensures a valid network connection at system start even if the DHCP server is defective. Select the network interface, activate the IPv4 rsp. IPv6 tab. Switch from DHCP to manual and add an IP specification.

+ In case of servers it is often preferable to configure a static IP address. This ensures a valid network connection at system start even if the DHCP server is defective. Select the network interface, activate the IPv4 or IPv6 tab. Switch from "Automatic (DHCP)" to "Manual" and add an IP specification.

  

- Note: Post F32 NetworkManager stores the configuration in __/etc/NetworkManager/connected_systems/*.network__!

+ NOTE: Post Fedora 32, NetworkManager stores the configuration in __/etc/NetworkManager/connected_systems/*.network__

  

  == Creating users

  

- As a minimum, you must set a password for the ROOT account. Select 'Root Password' below 'USER SETTINGS' and enter an appropriate password. For security reasons, ssh login as root is only allowed with key-file, but the account is not locked. It is not advisable to modify these security settings! This way, secure root access via ssh key file is still an option and, in an emergency, also with a password via an attached console or Cockpit login. 

+ At a minimum, you must set a password for the ROOT account. Select 'Root Password' below 'USER SETTINGS' and enter an appropriate password. For security reasons, ssh login as root is only allowed with key-file, but the account is not locked. It is not advisable to modify these security settings! Secure root access via ssh key file is an option and, in an emergency, access with a password via an attached console or Cockpit login.

  

- If there is no direct terminal access available create a fall back user (e.g. hostmin) with password authentication active and administration privilege (group wheel & sudo su). In such a case, this is the only way to get access to the server after the reboot! And even later, it is the only way to get administrative access if for some reason the private key file is not available.

+ If there is no direct terminal access available create a fall back user (e.g. ```hostmin```) with password authentication active and administrative privilege (group ```wheel```). In such a case, this is the only way to get access to the server after the reboot! And even later, it is the only way to get administrative access if the private key file is not available.

  

  == Time zone and time synchronization

  
@@ -86,7 +88,7 @@ 

  

  == Start Installation

  

- Then, when all settings and configurations fit, select _Begin Installation_ and lean back. When finished, confirm a restart. Log in and follow the post installation suggestions in the Fedora Server Edition System Administration Guide.

+ Then, when all settings and configurations fit, select _Begin Installation_ and lean back (or get a coffee!). When finished, confirm the option to restart the computer. Log in and follow the post installation suggestions in the https://docs.fedoraproject.org/en-US/fedora-server/server-administration/[Fedora Server Edition System Administration Guide].

  

  

  

no initial comment

Hi Langdon.
thanks for your refinement of the installation page.

I was about to do a merge when I noticed the XXXX in line 21/22. Unfortunately I do not understand it. Is this really intentional or did you overlook to enter a correct value?

Pardon my perhaps limited comprehension. :-)

In accordance with Langdon I changed part of the text (the placeholder XXXX). Close the pull request, since it has been superseded by request 49.

Pull-Request has been closed by pboy

2 years ago
Metadata