Home Lab Project

sanjibukai

New Member
Nov 10, 2016
11
1
1
41
Hello Everyone..

I'm going to start a really big thread !
I hope some cool guys will help me to achieve my home lab adventure ! ;)

I recently get a dell powerdge T110 II server :
  • Xeon E3-1220
  • 16 Gb RAM
  • 256 SSD
  • 2To HDD
  • Intel Gb NICs x2 (one integrated and one as PCI card)
But as picture is worth a thousand words..
Here the schema of the lab I want :

ds0g.png


The main purpose of this setup is to get myself learning all that infra stuff and be able to host at home all my needs (selfhosting rocks :p)

Originally I'm just an EE engineer but it turns out that I begin to do more IT stuffs (web dev)

I can divide my needs in 3 parts :
  • Server part where I will host several services
  • Data part where I want to centralize all my data
  • Network part where all my other devices will be connected at
Here are all the remarks about this setup (but I'm an absolutely noob so main parts are complete suppositions) and everyone is welcome to tell me what's wrong !

For the "Server" part :
  • I guess that the first point is to have a Firewall. I don't know the exact purpose but let's going on..
  • The purpose of the reverse proxy is to let me access to all my services with domains and subdomains and /or different domains from outisde since I have only one external IP.
    Eg. git.domain.com (for my git server), mail.domain.com (for my mail server), www.domain.com (for one website), www.anotherdomain.com (for a second web site) and so on..
  • I will hosts more than one websites.. And I imagine that depending on the needs I can scale my web servers for a specific website/app.
  • I imagine also to need some load baancing mecanisms. I know that I probably never get enough connections that will need load balancing but let me dreams !
  • I also want to separate the web servers from the DB servers.. And again I could imagine that each DB server will have its own machine (VM).
  • Again for scaling or sharding purpose multiple instance of DB servers is considered. At terms these could be on different HW (maybe dedicated for example)
  • About Git Server for example, I imagine to host one "bare" git server on its own machine. And host some graphical frontend (github equivalent like gitlab) on another machine. This will allow me to change the frontend (gog, gitlist) without actually touching my repos.
About the "Data"part :
  • I want to all my data be stored at one place so I imagine a NAS. But I think that this is the "physical part" (even if this is on a VM). For accessing these data I imagine to setup a File Server giving me also the ability to access from different OSes (Linux, Win and Mac)

About the network part :
  • I want to connect all of my local networks with some "network level" adblocking.
  • Since I will access to my services (like git) from outside with the use of a URL.. I want to keep that exact same URL access within my local network. So the DNS will translate the URL into my local IP. Thus SSHing all my services could work flawlessly from outside and inside.
  • The WiFi access point is actually inside my router but could be an external one.
But after explaining my thought, here come the questions about this architecture !!
  1. I guess that some parts could be satisfied by some dedicated software in a dedicated VM (for example HAproxy as a reverse proxy).. But I also guess that some of these logical parts could be actually done in a same VM by the same software (Firewalling and adblocking for example).
    So is this division have some sense ?

  2. Are the position of these "machines" are correct ? For example should I reverse Ad Blocker and DNS ?

  3. Which part of this setup could be a bottleneck from computation, data volume, or bandwidth point of view ? (Okey, this is very dependent of the usage, but I imagine that the use of a baremetal hypervisor with VMs bring that flexibility to change if needed)
    Regarding to this, external dedicated HW could be possible.

  4. In this setup, there is no Proxy. I think that for a personal usage, I do not need the use of a proxy. But for a similar setup in a work environment (lets say for a future company) where should I put the proxy ?
Okey.. All of that talk is just about theory..
Here come the real question that matter here on Proxmox forum !
Even if this architecture is completely in a mess...
Some basic will never change...

I understood before I start that I will probably need two NICs.. Hence the PCI NIC I bought...
Am I right to consider physical NICs connection as shown in the schema ?
  1. One from the ISP box
  2. One to the local router
Then, should all other connections be virtual ?

If I'm right how to configure all the network cards (eth0, eth1 and vmbrX) inside proxmox ?
Actually this is the main question of this topic.. How to configure all of these connections between the VMs ?

I also heard about the IPMI protocol that I can use to monitor the physical machine even if proxmox is not even started ? Do I need a third NIC for that particular purpose ? But this feature is completely optional at the moment..

I'm just realizing that this is a big post..
And since my english is bad..
I really apologize and want to thank whose of you that managed to read me until this line !

Thank you for all of your help;)
 

sanjibukai

New Member
Nov 10, 2016
11
1
1
41
IPv4 only? IPv6 Only? DualStack?

sC
Hello sC..
Thank you for your answer..
I assume that this is relevant for the addressing type provided by my ISP ?
I have an IPv4 address so I imagine that I'm under IPv4..
But I guess that this does not matter inside my cluster since it is a "private" network..
I man inside my "cluster" I can choose whatever is simpler...

Edit : I checked here and the IPv6 address is "Not detected"
I also found in my ISP box (router) configuration that there is an IPv6 option.
It was disabled.. I enabled it and restarted the box.. I can now see that the IPv6 network is "operationnal"..
But nothing change when I check here again.
Maybe because my computer is still accessing the internet with its internal IPv4 address..

Is this question of IPv4 or IPv6 do actually matter ?
 
Last edited:

tschanness

Member
Oct 30, 2016
291
22
18
32
It's not dependend on the addressing type from your ISP. Most people think IPv4 is easier.
It does not matter too much, yes.

I for my part belive it matters, considering your Questions I'd stick with IPv4. Or rather: don't go down that route. Self hosting may seem fun but it's a lot of work. Your setup would involve quiet a lot of administrational overhead (~2 hours a week I guess).

I understood before I start that I will probably need two NICs.. Hence the PCI NIC I bought...
Am I right to consider physical NICs connection as shown in the schema ?
  1. One from the ISP box
  2. One to the local router
Then, should all other connections be virtual ?

If I'm right how to configure all the network cards (eth0, eth1 and vmbrX) inside proxmox ?
Actually this is the main question of this topic.. How to configure all of these connections between the VMs ?

I also heard about the IPMI protocol that I can use to monitor the physical machine even if proxmox is not even started ? Do I need a third NIC for that particular purpose ? But this feature is completely optional at the moment..

Your router needs to be between your ISP and your first host:
ISP -> Router -> Network

You don't need two NICs as you can also make a Server the Gateway, so all the Traffic would first go through the Host anyway (and it would not matter where the Clients are connected).

But really - before you dive deeper into this you might want to learn about networking. It's not too hard but it will be the foundation of your setup and should be done right.

sC
 

sanjibukai

New Member
Nov 10, 2016
11
1
1
41
Again thank you for your answer..
Actually I have some basic knowledge in networking (but further resources are welcome)..
And indeed I did not represent Layer 2 to 3 equipements (aka routers and switches, hubs will be ignored).
The router shown in the diagram is actually a physical one (a xiaomi Mi Wifi Mini Router) and in fact it is not really important in the setup since it is here only to bring wifi..
The "real" router (I mean the one that will connect all this cluster to the internet) is intended to be a "virtual" one (software based).
I may failed to describe it, but the first icon on this diagram should be a "router/firewall" VM (most likely a pfSense container/VM)

The 2 NICs requirement I said is based on what I heard from some setups (the so called "red" and "green" interfaces of a firewall/router).

What I'm missing is actually how to transpose this diagram (or a slightly corrected one) in containers and VMs in Proxmox (hence I posted here on a proxmox forum)
And especially how to configure the "network" part of the cluster (configuration that is under the "network" tab).
How to configure physicals (ethX) and virtuals (vmbrX) interfaces ?

Edit : I found the following diagram (slightly modified) here in IPCop site..

bs8w.png

And this is exactly what I need...
  • The red will be the physical one from my ISP
  • The green will be the physical one connected to my physical router
  • The blue is actually combined with the green since I'm using a wireless router, but could be intersting to do later on with a dedicated WiFi Access Point
  • The orange will be a virtual that could be also connected to a virtual router since all my servers (as in the pictures) will be virtual ones. This makes sense.
 
Last edited:

tschanness

Member
Oct 30, 2016
291
22
18
32
Then add both interfaces to the ipfire appliance and the second nic only to the other VMs and have the switch attached to that Port. Activate switching in the IPFire.

sC
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!