Changes between Initial Version and Version 1 of install_debian/server


Ignore:
Timestamp:
Jun 22, 2012, 4:33:40 PM (7 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • install_debian/server

    v1 v1  
     1= Server Installation
     2
     3== Initial steps ==
     4
     5 * Plug in monitor and keyboard
     6 * Boot machine while USB stick is inserted (or while a network cable is plugged directly into the PXE boot machine)
     7 * Enter Bios/Setup. Specify that Bios should output to serial console and make our [wiki:bios_changes standard bios changes]
     8 * Ensure that server skips errors like no keyboard attached
     9 * Reboot and select Boot Options and choose to boot to USB stick (or network)
     10 * Choose Expert install
     11 * For DNS servers,  use:
     12{{{
     13Telehouse: 209.51.163.29 209.51.169.83
     14XO: 209.234.253.168
     15}}}
     16 * When prompted for component to use, include all of them to be safe (but be sure to include the SSH server one)
     17 * When given the option - choose to continue your installation via ssh - this will give you the ability to easily set and record pass phrases
     18== Drive partioning/Disk setup ==
     19
     20Our servers are now coming with four hot swappable disks.
     21
     22=== The big picture is ===
     23
     24  * One approximately 512MB partition on all four disks: configured as RAID1, used as boot partition
     25  * The rest of the space on each disk: configured as RAID10, used as encrypted disk
     26  * Encrypted disk: used as physical volume for LVM
     27  * Create on volume group: vg_${server_name}0
     28  * Create standard partitions as logical volume
     29
     30=== Details ===
     31
     32  Since we are using disks at are 2TB or bigger, we need to ensure that the partitions are created properly. Open a new ssh session and choose to switch to console.
     33{{{
     34parted /dev/sda -- mklabel gpt
     35parted /dev/sda -- unit s mkpart biosboot 8192 16383
     36parted /dev/sda -- set 1 bios_grub on
     37parted /dev/sda -- unit s mkpart boot 16384 1015807
     38parted /dev/sda -- set 2 raid on
     39parted /dev/sda -- unit s mkpart pv 1015808 -1
     40parted /dev/sda -- set 3 raid on
     41
     42parted /dev/sdb -- mklabel gpt
     43parted /dev/sdb -- unit s mkpart biosboot 8192 16383
     44parted /dev/sdb -- set 1 bios_grub on
     45parted /dev/sdb -- unit s mkpart boot 16384 1015807
     46parted /dev/sdb -- set 2 raid on
     47parted /dev/sdb -- unit s mkpart pv 1015808 -1
     48parted /dev/sdb -- set 3 raid on
     49}}}
     50
     51When done, type:
     52
     53{{{
     54parted /dev/sda -- unit s p
     55parted /dev/sdb -- unit s p
     56}}}
     57
     58And you should get:
     59
     60{{{
     610 sittingbull:~# parted /dev/sda unit s p
     62Model: ATA Hitachi HUA72303 (scsi)
     63Disk /dev/sda: 5860533168s
     64Sector size (logical/physical): 512B/512B
     65Partition Table: gpt
     66
     67Number  Start     End          Size         File system  Name      Flags
     68 1      8192s     16383s       8192s                     biosboot  bios_grub
     69 2      16384s    1015807s     999424s                   boot      raid
     70 3      1015808s  5860533134s  5859517327s               pv
     71
     720 sittingbull:~#
     73}}}
     74
     75You should be able to return to the graphical installer to do the rest.
     76
     77For the record - here's how you can do it by hand:
     78
     79RAID:
     80
     81{{{
     82mdadm --create --raid-devices=4 --level=1 --metadata=1.0 --verbose /dev/md0 /dev/sda2 /dev/sdb2 /dev/sdc2 /dev/sdd2
     83mdadm --create --raid-devices=4 --level=10 --metadata=1.0 --verbose /dev/md1 /dev/sda3 /dev/sdb3 /dev/sdc3 /dev/sdd3
     84}}}
     85
     86Now cryptsetup:
     87
     88{{{
     89anna-install cryptsetup-udeb
     90cryptsetup luksFormat /dev/md1
     91cryptsetup luksOpen /dev/md1 md1_crypt
     92
     93pvcreate /dev/mapper/md1_crypt
     94vgcreate vg_nameofserver0 /dev/mapper/md1_crypt
     95lvcreate --name swap --size 1GB vg_nameofserver0
     96etc.
     97}}}
     98
     99Choose manual partition in the Debian Installer. Then:
     100
     101 * Choose "Congifure software RAID" (skip step if one disk system)
     102  * Choose "Create MD Device"
     103  * Choose RAID1
     104  * Number of active devices: 4
     105  * Number of spare devices: 0
     106  * Now select the second partition on each device.
     107  * Click Continue. Repeat for third partition on each device but select RAID10 instead of RAID1.
     108  * When you are done, click Finish. Now you are back at the partition menu.
     109 * Scroll down to the raid devices (or apply straight to your partitions if it's a one disk system). Modify the 512 MB RAID device: Filesystem: ext3, mount on /boot
     110 * Encrypt the larger, remaining device. Save passphrase in [wiki:keyringer].
     111 * Choose "Congifure LVM" (selecting the device encrypted in the previous step)
     112 * Create a volume group called `vg_`''nameofserver''`0`
     113 * Create logical volumes in this volume group based on your needs. Suggestions: 3GB for /, 1GB swap.
     114
     115== Last steps ==
     116
     117 * After returning to the main disk config menu, click on each logical volume that you create and specify how it should be formatted and mounted.
     118 * Enter root password. Save in [wiki:keyringer].
     119 * Do not install the server package or the base package - deselect all of them.