Determining your server's role

While at this point your goal is most likely to set up an Ubuntu Server installation for the purposes of practicing the concepts contained within this book, it's also important to understand how a typical server roll-out is performed. Every server must have a purpose, also known as its Role. This role could be that of a database server, web server, and so on. Basically, it's the value the server adds to your network or your organization. Sometimes, servers may be implemented solely for the purpose of testing experimental code. And this is important too—having a test environment is a very common (and worthwhile) practice.

Once you understand the role your server plays within your organization, you can plan for its importance. Is the system mission critical? How would it affect your organization if for some reason this server malfunctioned? Depending on the answer to this question, you may only need to set up a single server for this task, or you may wish to plan for redundancy such that the server doesn't become a central point of failure. An example of this may be a DNS server, which would affect your colleague's ability to resolve local host names and access required resources. It may make sense to add a second DNS server to take over in the event that the primary server becomes unavailable.

Another item to consider is how confidential the data residing on a server is going to be for your environment. This directly relates to the installation procedure we're about to perform, because you will be asked whether or not you'd like to utilize encryption. The encryption that Ubuntu Server offers during installation is known as encryption at rest, which refers to the data stored within the storage volumes on that server. If your server is destined to store confidential data (accounting information, credit card numbers, employee or client records, and so on), you may want to consider making use of this option. Encrypting your hard disks is a really good idea to prevent miscreants with local access from stealing data. As long as the miscreant doesn't have your encryption key, they cannot steal this confidential information. However, it's worth mentioning that anyone with physical access can easily destroy data (encrypted or not), so definitely keep your server room locked!

At this point in the book, I'm definitely not asking you to create a detailed flow chart or to maintain an IP roll-out spreadsheet, just to keep in mind some concepts that should always be part of the conversation when setting up a new server. It needs to have a reason to exist, it should be understood how critical and confidential the server's data will be, and the server should then be set up accordingly. Once you practice these concepts as well as the installation procedure, you can make up your own server roll-out plan to use within your organization going forward.