This is the first part in a series about how I choose to organize, back up, develop, and deploy several services. In this part I cover my approach for setting up and networking a cloud like environment at home. I use this environment for prototyping projects, storing all of my code, and spinning up different virtual machines for different types of development. Further parts will expand on what kinds of programming I'm doing, what languages I enjoy and why, and my approach to deploying projects that use different languages to production.
Note: The modern cloud is expensive and aggravating to manage; in fact, I decided to build all of this stuff out and write about it mainly because I was getting increasingly frustrated with how awful the cloud experience was. Thus, I hope that if you read this, you feel inspired to exit the cloud, take your life into your own hands, and stop handing absurd wads of money to people that don't provide you a real service.
The Hardware
In order to keep things cheap I went to Micro Center and bought three of the cheapest refurbished micro computers they had. I also had an old laptop laying around. I currently use one of the mini PCs as a router and the old laptop as one of the nodes of the cluster. Furthermore, I bought a dumb switch so that I could wire up several nodes. Lastly, I needed a pack of CAT 6 cables. Overall the price was about $550 for 3TB of storage, 64GB RAM, and some pretty decent compute(not including the laptop, which has 1TB extra bringing the total up to 4).
Hypervisor
My hypervisor of choice is Proxmox primarily due to its simplicity. To install it, I
downloaded the ISO and used balena etcher to make a bootable flash drive. Then, I installed Proxmox onto the old laptop I bought and gave it an ip address on install. Detailed instructions on how to do this can be found
here.
Networking
Networking is honestly the most complicated part of this, but please stick with it. The main things to set up here are hardware, the switch, and the firewall/router(including the bane of everyone's existence: NAT). At some point I will add more diagrams to make this easier to understand, but hopefully everything comes across clearly in words. Software wise, the firewall/router I choose to go with is
VyOS because it provides a unified interface for setting up routing rules, firewall rules, NAT, and virtually every other network construct I might need.
To start off, it's important to recognize that VyOS and Proxmox are similar in that they're both Linux images based on Debian. Thus, to install VyOS I followed the same steps:
download the ISO, create bootable media with it, and install the image onto one of the micro PCs. Then, I used CAT6 cables to connect the VyOS box to the switch, the VyOS box to my home router, and the Proxmox node to the same switch.
With all of the computers connected together and software installed, the next step was to properly configure the firewall rules, routing rules, and NAT rules. Detailed documentation about how to this can be found
here, but below I provide some of the config rules that I have found to be the most useful as well as well as a basic description of what they do:
1. Firewall rule to ping traffic through to help with testing
{
global-options {
all-ping enable
}
}
2. NAT rule to allow proxmox config from any PC on home network
destination {
rule 10 {
destination {
port 8006 # port for proxmox web ui
}
inbound-interface {
name <interface from home router>
}
protocol tcp_udp
translation {
address <proxmox node ip address>
}
}
}
# Note: this same type of rule is used to allow me to reach gitea(described later)
3. NAT rule for masquerading traffic(allowing traffic from proxmox VMs to go to the internet)
source {
rule 20 {
outbound-interface {
name <interface for home router>
}
source {
address <subnet of proxmox network>/<subnet mask>
}
translation {
address masquerade
}
}
}
4. Firewall rules for helping with NAT
{
forward {
filter {
default-action drop
rule 10 {
action accept
connection-status {
nat destination
}
rule 11 {
action accept
outbound-interface {
name <home router interface>
}
source {
address <proxmox network address>/<subnet mask>
}
}
}
}
input {
rule 30 {
action accept
state established
state related
}
}
}
Useful Services
The main service I have deployed that is not just a regular development virtual machine is Gitea which is a nice self hosted clone of Github(and even provides GitHub actions which is really great). To install it, I signed in to the proxmox web UI and created a new VM with a Manjaro ISO(I try to use Manjaro for everything nowadays). Then, I used pacman to install docker and docker compose in accordance with the ArchWiki instructions. Lastly, I used the instructions found
here to install and set up Gitea as a compose stack.
Conclusion
Hopefully this high level writeup is useful and at least serves as a more gentle intro into the world of setting up your own local cloud. The steps outlined here, although simple, are exactly what I did and the setup has worked wonders for me. Further articles in this series will cover more services that I deploy as well as how I set up my development environments for different programming languages. If you have any questions, feel free to email blackswordgroup@gmail.com or join the Discord and ask me there.