CentOS 7 Server Setup on Google Cloud Platform

CentOS 7 Server Setup on Google Cloud Platform.

When you first configure your VM Instance in Google Compute Engine, there are few steps to be done as a basic setup.

Not using CentOS 7? Choose a different OS:

This guide demonstrates how to manually configure your new CentOS 7 server in Compute Engine.

Prerequisites

1. Your Compute Engine Instance running.
2. For setting up Compute Engine, see the Setting up Compute Engine Instance with CentOS 7.

Server Setup

Once your server is up and running, SSH into your VM Instance and perform the following steps.

Once you create a VM Instance in Google Cloud a new user is created automatically by Google, so you need not to create a new user.

Update Packages

To begin, ensure your CentOS 7 system is up-to-date by typing the command below.

sudo yum update

Install nano text editor using the command below.

sudo yum install nano

Setup Password

It’s recommended to setup a password for the user you currently logged in. This is because if you have locked out of your SSH or cannot access SSH, you need to use the serial port console to access your instance and recover your SSH.

To access your instance your Serial Port Console you need to enter the username and password to log in. So let’s set up a password for your user with the following command.

sudo passwd

You will be prompted to enter password and confirm your password. Once done you can set up basic firewall.

Basic Firewall setup

Ubuntu can use the Uncomplicated Fire Wall (UFW) to allow connections to certain services. You can see all available applications with the following command.

Install UFW in CentOS 7

sudo yum install epel-release
sudo yum install ufw

Type the command below to allow all outgoing and deny or incoming requests.

sudo ufw default deny incoming
sudo ufw default allow outgoing

We need to make the firewall to allow SSH connections so that we can access the instance by SSH.

sudo ufw allow ssh

If you are running a web server, you should enable the http and https ports.

sudo ufw allow http
sudo ufw allow https

Once you have whitelisted all connections for your instance you can enable the firewall.

sudo ufw enable

Type y followed by Enter to enable UFW.

You can view the allowed connections with the following command.

sudo ufw status

Now Firewall is enabled and blocks all connections except SSH. So, if you install and configure additional services you need to allow connections to accept traffic.

Set up Fail2Ban

Fail2Ban is a tool which works alongside with Firewall and blocks the offending host for a period of time. It adds the IP Address which shows malicious host to your firewall rules.

sudo yum install fail2ban
sudo systemctl enable fail2ban

Configure Time Zone on Your CentOS 7 Server

You can check the default timezone settings with the below command.

sudo timedatectl

You need to set the correct time zone especially if you are running cron jobs on your CentOS 7 server. To list the available timezones, use the command below.

sudo timedatectl list-timezones

Next, set the time zone using the following command.

sudo timedatectl set-timezone America/Chicago

These are the initial setup to be done on your new CentOS server.

Done! Once this setup is done you install any applications on your CentOS 7 server in Google Cloud.