Fixes involving conversion from stand-alone document to book

docs/books/.pages

@@ -5,6 +5,6 @@ nav:
     - Learning Ansible: learning_ansible
     - Learning Bash: learning_bash
     - Learning Rsync: learning_rsync
-    - LXD Production Server: lxd_server
+    - LXD Server: lxd_server
     - DISA STIG: disa_stig
     - ...

docs/books/lxd_server/00-toc.md

@@ -1,5 +1,5 @@
 ---
-title: LXD Server
+title: Introduction 
 author: Steven Spencer
 contributors: Ezequiel Bruni
 tested with: 8.5, 8.6, 9.0

docs/books/lxd_server/01-install.md

@@ -11,7 +11,7 @@ tags:
 
 # Chapter 1: Install and Configuration
 
-Throughout this section you will need to be the root user or you will need to be able to _sudo_ to root.
+Throughout this chapter you will need to be the root user or you will need to be able to _sudo_ to root.
 
 ## Install EPEL and OpenZFS Repositories
 
@@ -195,51 +195,3 @@ net.core.bpf_jit_limit = 3000000000
 ```
 
 Do the same with a few other settings in the override file (above) to verify that changes have been made.
-
-### Enabling ZFS And Setting Up The Pool (8.6 Only)
-
-If you have UEFI secure boot turned off, this should be fairly easy.  First, load the ZFS module with modprobe:
-
-```
-/sbin/modprobe zfs
-```
-
-This should not return an error, it should simply return to the command prompt when done. If you get an error, stop now and begin troubleshooting. Again, make sure that secure boot is off as that will be the most likely culprit.
-
-Next we need to take a look at the disks on our system, determine what has the OS loaded on it, and what is available to use for the ZFS pool. We will do this with _lsblk_:
-
-```
-lsblk
-```
-
-Which should return something like this (your system will be different!):
-
-```
-AME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
-loop0    7:0    0  32.3M  1 loop /var/lib/snapd/snap/snapd/11588
-loop1    7:1    0  55.5M  1 loop /var/lib/snapd/snap/core18/1997
-loop2    7:2    0  68.8M  1 loop /var/lib/snapd/snap/lxd/20037
-sda      8:0    0 119.2G  0 disk
-├─sda1   8:1    0   600M  0 part /boot/efi
-├─sda2   8:2    0     1G  0 part /boot
-├─sda3   8:3    0  11.9G  0 part [SWAP]
-├─sda4   8:4    0     2G  0 part /home
-└─sda5   8:5    0 103.7G  0 part /
-sdb      8:16   0 119.2G  0 disk
-├─sdb1   8:17   0 119.2G  0 part
-└─sdb9   8:25   0     8M  0 part
-sdc      8:32   0 149.1G  0 disk
-└─sdc1   8:33   0 149.1G  0 part
-```
-
-In this listing, we can see that */dev/sda* is in use by the operating system, so we are going to use */dev/sdb* for our zpool. Note that if you have multiple free hard drives, you may wish to consider using raidz (a software raid specifically for ZFS).
-
-That falls outside the scope of this document, but should definitely be a consideration for production, as it offers better performance and redundancy. For now, let's create our pool on the single device we have identified:
-
-```
-zpool create storage /dev/sdb
-```
-
-What this says is to create a pool called "storage" that is ZFS on the device */dev/sdb*.
-
-Once the pool is created, it's a good idea to reboot the server again at this point.

docs/books/lxd_server/02-zfs_setup.md

@@ -11,7 +11,9 @@ tags:
 
 # Chapter 2: ZFS Setup
 
-If you are using Rocky Linux 8.6 and have already installed ZFS, this section will walk you through ZFS setup.
+Throughout this chapter you will need to be the root user or able to `sudo` to become root.
+
+If you have already installed ZFS, this section will walk you through ZFS setup.
 
 ## Enabling ZFS and setting Up the pool
 

docs/books/lxd_server/03-lxdinit.md

@@ -12,7 +12,7 @@ tags:
 
 # Chapter 3: LXD Initialization and User Setup
 
-There are separate procedures for Rocky Linux 8.6 and 9.0 below, with the 8.6 version assuming that you are using a ZFS storage pool.
+Throughout this chapter you will need to be root or able to `sudo` to become root. In addition, we are assuming that you have setup a ZFS storage pool as described in [Chapter 2](02-zfs_setup). You can use a different storage pool if you have chosen not to use ZFS, but you will need to make adjustments to the initialization questions and answers.
 
 ## LXD Initialization
 

docs/books/lxd_server/04-firewall.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 4: Firewall Setup
 
+Throughout this chapter you will need to be root or able to `sudo` to become root.
+
 As with any server, you need to make sure that it is secured from the outside world and on your LAN. While our example server only has a LAN interface, it is totally possible to have two interfaces, one each facing your LAN and WAN networks. While we cover `iptables` rules in this procedure, we **highly** recommend using the `firewalld` procedure instead (see the note below). 
 
 ## Firewall Set Up - iptables
@@ -19,6 +21,8 @@ As with any server, you need to make sure that it is secured from the outside wo
 
     Starting with Rocky Linux 9.0, `iptables` and all of the associated utilities are officially deprecated. This means that in future versions of the OS, perhaps as early as 9.1, they will disappear altogether. For this reason, you should skip down to the `firewalld` procedure below before continuing.
 
+    It's actually a good idea to use `firewalld` for Rocky Linux 8.6 as well, but we *do* offer you the option of using `iptables` if you really want it.
+
 Before continuing, you will want a firewall set up on your server. This example is using _iptables_ and [this procedure](../../guides/security/enabling_iptables_firewall.md) to disable _firewalld_. If you prefer to use _firewalld_, simply substitute in _firewalld_ rules using the instructions below this section.
 
 Create your firewall.conf script:

docs/books/lxd_server/05-lxd_images.md

@@ -11,7 +11,7 @@ tags:
 
 # Chapter 5: Setting Up and Managing Images
 
-Throughout this chapter and from here on out unless otherwise noted, you will be running commands as your unprivileged user. ("lxdadmin" if you are following along with these documents).
+Throughout this chapter you will need to execute commands as your unprivileged user ("lxdadmin" if you have been following this book from the beginning).
 
 ## List Available Images
 

docs/books/lxd_server/06-profiles.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 6: Profiles
 
+Throughout this chapter you will need to execute commands as your unprivileged user ("lxdadmin" if you've been following from the beginning in this book).
+
 You get a default profile when you install LXD, and this profile cannot be removed or modified. That said, you can use the default profile to create new profiles to use with your containers.
 
 If you look at our container listing you will notice that the IP address in each case is assigned from the bridged interface. In a production environment, you may want to use something else. This might be a DHCP assigned address from your LAN interface or even a statically assigned address from your WAN.

docs/books/lxd_server/07-configurations.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 7: Container Configuration Options
 
+Throughout this chapter you will need to execute commands as your unprivileged user ("lxdadmin" if you've been following from the beginning in this book).
+
 There are a wealth of options for configuring the container once you have it installed. Before we get into how to see those, however, let's take a look at the info command for a container. In this example, we will use the ubuntu-test container:
 
 ```

docs/books/lxd_server/08-snapshots.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 8: Container Snapshots
 
+Throughout this chapter you will need to execute commands as your unprivileged user ("lxdadmin" if you've been following along from the beginning of this book).
+
 Container snapshots, along with a snapshot server (which we will get to more later), are probably the most important aspect of running a production LXD server. Snapshots ensure quick recovery, and can be used for safety when you are, say, updating the primary software that runs on a particular container. If something happens during the update that breaks that application, you simply restore the snapshot and you are back up and running with only a few seconds worth of downtime.
 
 The author used LXD containers for PowerDNS public facing servers, and the process of updating those applications became so much more worry-free, since you can snapshot the container first before continuing.

docs/books/lxd_server/09-snapshot_server.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 9: Snapshot Server
 
+This chapter uses a combination of the privileged (root) user, and the unprivileged (lxdadmin) user, based on the tasks we are executing.
+
 As noted at the beginning, the snapshot server for LXD should be a mirror of the production server in every way possible. The reason is that you may need to take it to production in the event of a hardware failure, and having not only backups, but a quick way to bring up production containers, keeps those systems administrator panic phone calls and text messages to a minimum. THAT is ALWAYS good!
 
 So the process of building the snapshot server is exactly like the production server. To fully emulate our production server set up, do all of **Chapters 1-4** again on the snapshot server, and when completed, return to this spot.
@@ -32,7 +34,7 @@ In our lab, the primary LXD server is running on 192.168.1.106 and the snapshot
 
 Next, we need to allow all traffic between the two servers. To do this, we are going to modify the /etc/firewall.conf file with the following. First, on the lxd-primary server, add this line:
 
-### IPTables - Rocky Linux 8.6 and below only
+### Iptables - (Use the `firewalld` procedure if possible)
 
 ```
 IPTABLES -A INPUT -s 192.168.1.141 -j ACCEPT
@@ -46,7 +48,7 @@ IPTABLES -A INPUT -s 192.168.1.106 -j ACCEPT
 
 This allows bi-directional traffic of all types to travel between the two servers.
 
-### Firewalld - Rocky Linux 9.0 (also works with 8.x)
+### Firewalld
 
 ```
 firewall-cmd zone=trusted add-source=192.168.1.141 --permanent
@@ -66,7 +68,7 @@ firewall-cmd reload
 
 ## Setting Up The Primary and Snapshot Server Relationship (continued)
 
-Next, as the "lxdadmin" user, we need to set the trust relationship between the two machines. This is done by executing the following on lxd-primary:
+Next, as our unprivileged (lxdadmin) user, we need to set the trust relationship between the two machines. This is done by executing the following on lxd-primary:
 
 ```
 lxc remote add lxd-snapshot
@@ -127,7 +129,7 @@ After a short period of time has expired, the copy will be complete. Want to fin
 +-------------------+---------+------+------+-----------+-----------+
 ```
 
-Success! Now let's try starting it. Because we are starting it on the lxd-snapshot server, we need to stop it first on the lxd-primary server:
+Success! Now let's try starting it. Because we are starting it on the lxd-snapshot server, we need to stop it first on the lxd-primary server to avoid an IP address conflict:
 
 ```
 lxc stop rockylinux-test-9
@@ -182,4 +184,3 @@ GREAT, but we certainly don't want a new snapshot every day without getting rid
 ```
 lxc config set rockylinux-test-9 snapshots.expiry 1d
 ```
-

docs/books/lxd_server/10-automating.md

@@ -11,6 +11,8 @@ tags:
 
 # Chapter 10: Automating Snapshots
 
+Throughout this chapter you will need to be root or able to `sudo` to become root.
+
 Automating the snapshot process makes things a whole lot easier. 
 
 ## Automating The Snapshot Copy Process

docs/books/lxd_server/30-appendix_a.md

@@ -10,7 +10,7 @@ tags:
 
 # Appendix A - Workstation Setup
 
-While not a part of the chapters for an LXD Production Server, this procedure will help those who wish to have a lab environment, or semi-permanent OS and application, running on a Rocky Linux workstation or laptop.
+While not a part of the chapters for an LXD Server, this procedure will help those who wish to have a lab environment, or semi-permanent OS and application, running on a Rocky Linux workstation or laptop.
 
 ## Prerequisites