Introduction
Compared to my Raspberry PI description, a Linux Ubuntu server is installed in a virtual machine
here. This installation will be used for a test system only. For a productive environment, there
is certainly a lot more that needs to be done in relation to cyber security.
VMware
For the virtual machine, VMware Fusion is used with the Ubuntu Server 18.04.3 LTS. When installing
in VMware, the "easy installation" was deselected. And for the BIOS, the "old BIOS" option was used.
For the other settings of the VMware the following values was used:
- 2 CPU cores
- 4096 MB RAM
- 3D acceleration has been switched off
- Hard drives size 64GB, divided into multiple files
Then the default settings can be used during installation. Only the keyboard was identified manually
and the "Install OpenSSH server" option was used. The installation can take a few minutes.
Updating & upgrading
After logging in for the first time, an update and upgrade should now be done:
- sudo apt update
- sudo apt upgrade
This can take a while. But at the end the software is up to date.
Static IP address
The default settings for the IP address in VMware are DHCP with NAT translation. But here
I want to use a static IP address in bridged mode. Furthermore I do not want to use the new
netplan, I want to use the ifupdown functionality. Therefore use the following command first:
- sudo apt install ifupdown
- sudo apt purge netplan.io
In VMware, the mode can now be switched from NAT to Bridged. In general some changes must be done
in /etc/network/interfaces. Here I will use nano for the editor. Therefor the following command is used:
- sudo nano /etc/network/interfaces
ens33 is the ethernet interface in my VMware. The next lines are just an example. They need to be changed
according to your infrastructure:
auto lo ens33
iface lo inet loopback
iface ens33 inet static
address 192.168.0.24
netmask 255.255.255.0
network 192.168.0.0
gateway 192.168.0.254
The DNS server must be set in /etc/systemd/resolved.conf:
- sudo nano /etc/systemd/resolved.conf
Set the DNS entry according to your infrastructure:
DNS=192.168.0.254
After these changes make a reboot with:
After the reboot the new values should be used by the system.
Disabling IPv6
For disabling IPv6 the content of /etc/sysctl.conf must be changed. Therefore type:
- sudo nano /etc/sysctl.conf
And add the following lines [Source]:
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
To apply the changes, the following command has to be executed:
Now IPv6 is disabled.
Timezone
To set the timezone for Europe/Berlin use the following command:
- sudo timedatectl set-timezone Europe/Berlin
The settings can be checked with the command timedatectl.
Housekeeping
From time to time you should check for updates and upgrade your system. In short, use the following commands:
- sudo apt update
- sudo apt upgrade
- sudo apt clean
Docker / Docker Compose
For the installation of docker the following commands are needed:
- cd
- curl -fsSL get.docker.com -o get-docker.sh
- sh get-docker.sh
- sudo usermod -aG docker <username>
- sudo reboot
To verify that Docker is installed and running type:
- docker version
- docker info
You should see now some information about versions and other things. Another test is the Docker hello-world:
If everything is installed correctly, the message "Hello from Docker!" should appear.
If Docker has now been installed correctly, the "Docker Compose" tool can be
installed. The following commands are used for this purpose:
- sudo curl -L "https://github.com/docker/compose/releases/download/1.25.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
- sudo chmod +x /usr/local/bin/docker-compose
To verify that Docker Compose is installed type:
If you see some version information now, Docker and Docker Compose have been installed correctly.
|