After procrastinating for weeks I have finally pulled my finger out and started to record a video series about building a homelab.
This whole thing came about because over the last few years I've been a consultant, and part of that job is understanding how random software that you've never even heard of will interact together as part of a solution. That naturally means that I started to grow a collection of tin (much to my wife's dismay). When we bought our house it came with a garage, and this meant that my loud space heaters could finally be shifted to somewhere a little more out of the way, and thus gain a higher "wife acceptance factor"
My goal with this build is to end up with a platform that I can build solutions in and tear them down as much as I want; but also so that I can share access with my friends and colleagues who also want to explore new tech in a safe environment and maybe even run some managed services - who knows.
The hardware I have is a collection of tin that I have gained from very generous friends (thanks Adrian and Zeeshan) and finding good deals on eBay. My favourite supplier on eBay is BargainHardware - this is not an incentivised promotion in any way, I've used them a couple of times (as have a number of my colleagues) and the services has always been excellent, and importantly the servers come properly packaged.
My lab is formed of:
- 6x HP DL360p G8's ( a variety of 15k SAS disks and NVMe drives)
- 1x HP DL380e G8 (Storage server with 20 WD Blue 500GB ssd's, 5x 5TB WD spinny rust and 1x 500GB Samsung EVO Plus NVMe)
- A bunch of 146GB 15k sas disks pillaged from other servers
- 1x Unifi US-16-XG with Chelsio T420-CR(?) NIC's
- 2x Cisco 3500 switches
So - this is the fun bit. What are we going to do with all of this tin? Well the idea is to create an IaaS platform that is relatively easy to allow other users to consume without much of my time. I also want to use as much automation as I can - I am fundamentally a lazy person, and that encourages me to write once and use repeatedly.
Hands down the only real choice for me here is to use FreeNAS. It is rock solid and just works. I've been using the community version in production environments for a good few years and the only issues I have ever had have been self-inflicted. Always read the manual, folks!
This was quite a tough call, but ultimately it came down to the cash. VMWare ESX and vSphere are very good products, but once you want to grow about 3 compute nodes the licensing for VMUG doesn't cover you anymore. You're also not able to use those licenses anywhere near production (rightly so, they are for dev/test) which for me could be a problem as I may start hosting some backend services (think MSP) for clients. That particular usecase - even if I were to ask for donations from people consuming the lab would start putting me into a grey area with licensing.
Secondary to money, oVirt is quite an exciting project. It has some nice features such as the VM User portal and OVN networking is now built in out of the box as your default provider, allowing you to apply security groups across your SDN. oVirt is the community version of Red Hat's RHEV product, so you know that it is going to continue to get development attention and security fixes.
So we have all of this tin, and we have all of this compute, but how do we use it? This is where automation tools come in. Ansible is the bread and butter of my day job and time and time again it proves that it is easy to use to perform tasks. I may have a look at rolling out AWX (community version of Ansible Tower) at some point in the future for centralised orchestration and audit of those tasks.
When it comes to handling user access control on linux and applications, I am a big fan of using FreeIPA with Keycloak. As a combination they are very powerful, able to prove role-based and host-based access control on the ssh command line; via ldap(s) and SSO. I'm already running FreeIPA and Keycloak in my estate and it's been a solid centerpiece for a good 5 years.
What about the kitchen sink?
There are a number of tools that I have in mind to roll out as part of this project, but the beauty of being agile is that now that we know where we are going, we can plan and design in phases as we go along. Besides - I am cantankerous and might change my mind tomorrow!
Anyway, this is the first video in the series but hopefully you find it enjoyable/informative. Please do take the time to leave feedback, I'm always looking for ways to improve!