Category: The Home Datacenter Company Build Series

Categories
Synology The Home Datacenter Company Build Series

Setting up my Synology NAS for my Homelab

Any business or homelab will at some point require shared storage. Even thou there are many solution out there to build your own NAS I found the easy of use and compatibility of Synology or QNAP NAS systems worth the extra initial capital investment, They just work.

I have a Synology DS415+ that came from my Initial first Homelab in 2015 which I decided to use again in this Homelab. It is fitted with only 2GB ram but this does not hamper its performance for iSCSI or NFS which is what I will be using it for,

After the initial install I created a Network bond using the Adaptive Load Balancing option. This will provide failover support, but no real network performance boost as any iSCSI data stream cannot be split across interfaces unless you use LACP tunnels.

On to the Storage. I have 4 Western Digital RED 4TB NAS drives installed. They are not very Fast so to get a little extra performance I opted for RAID10. This will give me a little Write and quite a bit more read performance. My NAS workloads will primarily entail reading Templates and Images for deployments.

I opted for 2 iSCSI LUN’s Totaling up to about half my Total Capacity. I will use Thin Provisioning on the VMware side. Thin on Thin is a nightmare to manage.

I created 2 iSCSI Targets on the NAS. The default and a Routed Target. This was more of a legacy config as I used to run my NAS Links to 2 separate switches and then use multipathing in ESX to ensure traffic stays local to 1 switch. In my new Lab design this is not needed anymore as the Traffic volume will be low.

As a last part I will need to create host groups but that will only be done once all esxi hosts are up.

I also Installed Active Backup for Business to allow me to later perform backups of my Lab environment.

Another step would be to setup a NFS share for my ISO images. The NFS share is only open to the management network of my ESI hosts

And Lastly I enabled the NTP service. I will set all devices in my Lab to sync to this NAS to keep time constant.

The IP will form part of the DHCP option set on most DHCP Scopes defined.

Now we have NTP / Backups and Storage sorted for the Lab. Time to Deploy the First Host

Categories
HomeLab The Home Datacenter Company Build Series UniFi

Setting Up my UniFi Dream Machine for my Homelab

The UniFi Dream Machine might not be the Ultimate Firewall for your homelab. pfSense might be more Hands on, or running a Palo Alto of Cisco Firewall more Enterprise like. But the Dream Machine does have all the features I require, Good Support and a Pretty Interface.

The Home Datacenter company also considered all there options and in the end the CIO/CTO/CEO and Wife decided UniFi will do the Job.

I started of by following the Deployment guide to get my Dream Machine up and Running. With my Dream Machine and two Unifi switches setup It was time to create the Networks.

I started of creating only the Necessary Networks.

Management / Default – Used as Management VLAN for Switches and Network Devices
  • Subnet: 10.11.12.0/24
  • Gateway: 10.11.12.10
  • DHCP Scope: 10.11.12.15 – 10.11.12.35
THDC-Infra
  • Subnet: 10.70.10.1/24
  • Gateway: 10.70.1.1
  • DHCP Scope: 10.70.10.200 – 10.70.10.254
THDC-AD
  • Subnet: 10.70.11.1/24
  • Gateway: 10.70.11.1
  • DHCP Scope: 10.70.10.20 – 10.70.10.254
THDC-vSphere
  • Subnet: 10.70.12.1/24
  • Gateway: 10.70.12.11
  • DHCP Scope: 10.70.12.200 – 10.70.12.254
THDC-vMotion
  • Subnet: 10.70.14.1/24
  • Gateway: 10.70.14.1
  • DHCP Scope: 10.70.14.200 – 10.70.14.254
THDC-iSCSI-Routed
  • Subnet: 10.70.15.1/24
  • Gateway: 10.70.15.1
  • DHCP Scope: 10.70.15.200 – 10.70.15.254
THDC-vRealize
  • Subnet: 10.70.13.1/24
  • Gateway: 10.70.13.1
  • DHCP Scope: 10.70.13.200 – 10.70.13.254

Security

The next part was to setup my Default security for my Lab. At this time I did not setup any DMZ’s and also no firewall rules between Subnet. I would be a good idea to do the inter subnet firewall rules at this time then you do not need to go back an retrofit them. But another lesson learned on my side as I did not do it.

I used the UniFi Dream Machine Default Sensitivity Setting on High for my Lab. This still allow for nearly Max Speed on my ISP connection

I also Deployed some Internal Honeypot’s to find any Dodgy stuff I deploy in my Lab.

We are now ready to start deploying Hosts and Services. I will need to come back to the network config to change all VLAN’s DHCP setting to distribute my Own DNS Servers but as we do not have them yet I left it out for now.

In Part 2 We will look at setting Up my Synology NAS to Supply Storage and NTP Services.

Categories
HomeLab The Home Datacenter Company Build Series

The Home Datacenter Company

Starting a new business(Homelab) is not an easy task. Part of the tasks that might fall into your area. The IT infrastructure for a new Business is challenging. Budgets are generally small, Skills are expensive, time is tight and requirements are ever changing.

a Lot of startups might choose to go directly to the cloud. This might be a quick and easy option as they already took care of the infrastructure. What we will do thru the next few post is build the infrastructure side. In the end I would like this to resemble the infrastructure of a cloud. User should just as easily deploy there new applications on premises as they would be able to do it in the cloud. We will Thus be Building The Home Datacenter Company to showcase this option.

Excluded from the scope would be Email. I personally prefer cloud email services and also hosting email in my Home Lab is a headache.

Outline

  • Part 1 – Network setup using Ubiquity UniFi Gear.
  • Part 2 – Setting Up Synology NAS for Storage and Services.
  • Part 3 – Deploying Management Node(ESXi Install).
  • Part 4 – Deploying Active Directory.
  • Part 5 – Deploy and Setup Virtual Center Server.
  • Part 6 – Create vSAN Cluster.
  • Part 7 – Microsoft Certificate Services.
  • Part 8 – Deploying vRealize Stack.
  • Part 9 – Setup Server Provisioning.
  • Part 10 – Deploying K3s Cluster for Applications
  • Part 11 – Setting up Internal and External Web Endpoints.
  • Part 12 – Going live Online. (Blog Proxied thru Cloudflare from OnPrem).

Hardware Requirements

I chose to use a mostly VMware toolset for the deployment as I am familiar with it. This also meant that I tried to stick as close as possible to VMware Hardware Compatibility List. For Active Directory I chose Microsoft Active Directory and to make my life a bit more Challenging I used the 2022 Insider Preview. Who does not want some additional crashes and compatibility issues.

The total lab build took around a week. Most time was spent waiting for things to happen. I also have a life and job so saying a week refers to some after hours and weekends mostly.

This was mostly a fun way of answering the “But Why?” question for any homelab.

The Home Datacenter Company has only a single mission in Life “Show the World the NGINX test Page” :-).

Mission of THDC
Exit mobile version