This tutorial is about preparing a very secure hosting/computing environment using proven products (i.e. CentOS 5.1 & OpenVZ). This tutorial is prepared based on my own experiences gained during the setup process of my first dedicated server (Celeron-2.8 ghz, 512MB, 80GB).
Step 1: Prepare a very minimal CentOS system.
The only way we can prepare a true ‘minimal centos’ is using graphics-mode manual-install. I have made many attempt to achieve the same using text-mode or kick-start but all resulted into 340+ packages and tons of useless services.
Please seek more guidance from these manuals if your are new to CentOS (or RedHat linux).
So back to topic, my recommendation for partition scheme is:
root (/) use 4GB
swap use 2 * RAM (up to maximum of 2GB)
VZ (/vz) use all remainings
And make sure you pick ‘Customize now’ during package group selection and de-select everything (Yes, I repeat it! Deselect everything including base.)
This should give you a True Minimal CentOS installation with only 148 packages installed (and very few system services).
Step 2: Update the system for OpenVZ support
Nothing much to mention here. Please consult this excellent documentation at openvz.org for details.
Step 3: Install VZ containers (preferably one for each set of applications to keep them secure).
- Lighttpd - Lighty setup
- PDNS - PowerDNS with MySQL backend
- MySQL - No network configuration