Hello all,
I have a couple of Debian installations that I have to provide to users elsewhere. These boxes host a back-end and a web front-end.
The apps of these boxes have to reconfigured (which is not my problem) and security to these boxes has to be tight (which is). A specific policy should be established between these systems, as well as between each system and the net. Therefore, having some sort of firewalling to manage things would be great.
Instead of creating two separate software installations, I was thinking about prototyping two LXC containers in a PVE node and provide these, in the form of ready-to-restore backups. This is feasible, AFAIK.
I was wondering though if it would be possible to have a prototyped/fast-deployed proxmox environment to bundle with these LXC containers. A single installation that is, that would include everything, including NTP servers, firewalling policies for the containers etc.
One would only perhaps have to change the ip address of the pve (locally obviously) and possibly some extra configuration from the web interface.
Anyone done something like this? If it is not possible, then I'd simply have to write instructions on how to install PVE, configure base networking, create the 2 VMs from the backups and finally do the firewalling...
I have a couple of Debian installations that I have to provide to users elsewhere. These boxes host a back-end and a web front-end.
The apps of these boxes have to reconfigured (which is not my problem) and security to these boxes has to be tight (which is). A specific policy should be established between these systems, as well as between each system and the net. Therefore, having some sort of firewalling to manage things would be great.
Instead of creating two separate software installations, I was thinking about prototyping two LXC containers in a PVE node and provide these, in the form of ready-to-restore backups. This is feasible, AFAIK.
I was wondering though if it would be possible to have a prototyped/fast-deployed proxmox environment to bundle with these LXC containers. A single installation that is, that would include everything, including NTP servers, firewalling policies for the containers etc.
One would only perhaps have to change the ip address of the pve (locally obviously) and possibly some extra configuration from the web interface.
Anyone done something like this? If it is not possible, then I'd simply have to write instructions on how to install PVE, configure base networking, create the 2 VMs from the backups and finally do the firewalling...