Maas Config Across Local and Cloud Servers

Hi, I am going to install Maas on Monday and I’d like some advice please so I can start planning and researching the soltuions needed.

I would like to install openstack for testing purposes. I would like to use maas to host other solutions for my company whether the soltuions are installed in openstack or directly in a VM running in maas not sure yet.

I will be using a physical server(regiond 1 and rackd 1) and Ill have three VPS’(regiond 2, rackd 2, rackd 3 and rackd 4) in the cloud. I possibly may use two physical servers.

Phyiscal devices:

2x Physical Server (exceeds recommended spec)
Physical Firewall (Pfsense)
Network Switch

VPS:

3x VPS (2 cores, 8GB RAM, 500GB)

I would like to make everything as secure as possible and highly available. I will purchase SSLs or use lets encrypt between servers.

Please can you suggest solutions Ill need to get everything up and running.

Im new to Ubuntu and MAAS but would like to start learning.

What solution/s do you recommend for the physical server to communicate with the VPS’s?
How do I make communication as secure as possible?
How do I make Maas as secure as possible?
How do I make Ubuntu as secure as possible?
What do you recommend as a backup solution for Ubuntu?

Id prefer the above to be open source solutions.

I know a lot of work needs to be done and can’t wait to get started.

I appreicate your advice or a point in the right direction.

Thank you

Hi sircam, welcome to the MAAS community!

I know this doesn’t cover all your questions, but https://maas.io/docs/security has guidance on how to harden your MAAS server, and set up a TLS terminating load balancer.

For backups, the Ubuntu Server team recommend Bacula and the MAAS docs for backup - https://maas.io/docs/backup cover what you need to be concerned about.

Thank you @sparkiegeek your advice is appreciated.

I’ve started researching TLS Terminating and Bacula. Ill do the same with all docs on maas tonight.

Is there a solution that you are aware of that will put my cloud VPS’ and local server on the same network? VPN? Or will maas handle that when I add a new rackd/regiond?

For example:
Local server 192.168.0.1
VPS1 192.168.0.2
VPS2 192.168.0.3
VPS3 192.168.0.4

My friend will be assisting me with a better IP range. I do not have a clue when it comes to IPs and subnets.

What server monitoring solutions are recommended?