this is a general question about deploying and maintaining nodes. I am not a sysadmin.
I am considering the following 'naive' strategy:
- Pick a linux flavor and stick to it.
- Create an image with my linux flavor.
- Install my application, scripts and all packages on the image.
- Strip all unnecessary packages and applications.
- Configure security (blocking ports, monitoring tools).
- Backup my image.
- Copy my image on each new node when necessary.
- Install security updates (eventually create an updated version of my image).
- Run set-up scripts + configuration.
Is that common practice? Is there a better strategy? Are there any additional angles I should think about?