Good day,
Foreground:
Server newbie here. I came to Rocky after trying to search for CentOS ISO to install on a server. The purpose of the server is to host a home cloud with only VPN access, as well as a website+git. This server is behind a service provider router that has dynamic IP. This is the first server I set up so I’m still in the early stages of the learning process.
Initially I thought about creating VM for each “service” that is, a VM for the cloud and another VM for the website+git. Then I realized that there are containers too, so I’m leaning on the container path, specifically, Podman, because for what I’ve read, using Podman containers avoids the overhead of the VM and, Podman is rootless, thus increases security [read about this too].
Note: Never used Podman before. This is going to be the first time.
Therefore, the goal is to create two rootless pods, a Pod for the home cloud and a Pod for the website+git using dockerhub images. These pods will be ran by an user without administrative privileges.
Plan was to set up a BTRFS RAID 1 install, so could also create subvolumes to assign as storage to each pod, while being them invisible to the other pod.
I understand that these questions have a lot of my ignorance on the topic in them. I’m willing to learn though, and do my research. I haven’f found though, many articles regarding those questions.
Installing Rocky
I just installed Rocky today, on a “future server” hardware. Initial idea was to install on BTRFS though not available in the installer ISO [minimal install]. The install process went fine but the btrfs thing, minimal system was installed on RAID 1 without issues, boot to prompt without issues, everything fine. Just two partitions, EFI and / on XFS. I understand BTRFS is not available in the minimal install, so here are the first questions:
Q1- Can I install Rocky on RAID 1 with BTRFS? If so, should I pick an ISO different from the minimal as minimal doesn’t show option to use BTRFS as default FS for install?
[maybe I got the Podman storage wrong, and just a plain directory would suffice]
Q2- The partition layout is not definitive yet, I may play with it a little bit though I just used that said layout thinking on btrfs and its subvolumes. Should I use a different one for XFS? I.e. with /home on a separate partition, another partition for Podman storage? Thinking about pod storage.
Containers
This server is going to be headless, no DE. No display no keyboard, just the CPU, accessible through the LAN, via SSH and via Cockpit. I need to alter the router configuration to open the needed ports to redirect incoming traffic to the proper container. Nonetheless, I’m going to test that everything works locally [inside LAN] before going out.
So here come the questions regarding containers:
Q3- Using wireguard for the VPN, I could install it in Rocky [system wide], or could add it as a container to the pod where it is needed. Which would be the best option here?
Q4- Same with Dynamic DNS server. Each pod is going to be associated with a different domain, so the dynamic dns server should be installed system wide or inside each pod?
<—end questions
I would appreciate any insight to throw some light on these topics.
Regards,
RR