Introduction#
After years of anticipation, I’ve finally embarked on my homelab journey.
The shift to remote work post-COVID has gifted me the time to pursue this long-awaited hobby. Gone are the days of staring longingly at my idle Raspberry Pi after exhausting commutes; now, I can put it to good use.
As a DevOps engineer, my primary goal is to experiment with Kubernetes and other technologies in a safe environment. While I can’t tinker with client clusters, my homelab provides the perfect playground for exploration and learning. It will also host practical utilities like AdBlock for personal use.
While the specifics may evolve, my homelab will adhere to these core principles:
- Implement GitOps from the outset
- Prioritize cost-effective hardware choices
- Simulate real-world scenarios with multiple clusters
- Follow best practices in both hardware and software setups
Hardware#
As mentioned earlier, the hardware setup will evolve over time. Currently, it includes:
- 4 Raspberry Pi Model 4B (8GB)
- Synology NAS DS923+
These Raspberry Pi boards offer low power consumption and a compact size, which is ideal since the setup runs in my bedroom, where minimal space usage is essential. Additionally, the low wattage should result in lower energy costs (fingers crossed for better taxes!). These Raspberry Pis will form a cluster named “Gandalf,” which will logically serve as the “Dev” cluster. The next step will be to acquire hardware for the “Prod” cluster.
The Synology NAS will serve as storage, accessible via NFS, mounted as an iSCSI drive on the Kubernetes cluster, and shared via Samba. It’s currently equipped with 4TB of Seagate IronWolf drives, with plans to expand the storage further.
As a fan of The Lord of the Rings, I’ve named the homelab “Middle-earth.” Reflecting Gandalf’s evolving character, the dev cluster is named after him, while the storage system (currently just the Synology NAS) is dubbed “Rivendell,” symbolizing a safe haven. For network management, I plan to separate the different clusters and storage with dedicated VLANs, ensuring no communication between components unless explicitly permitted by ACLs in the firewall. The current network topology (which will evolve in the near future) is depicted in the following image:
Software and principles#
Kubernetes everywhere#
The main goal of the homelab project is to keep practicing with Kubernetes, so most services will run within the cluster. The challenge of hosting everything in Kubernetes will ensure a learning path that can be 100% beneficial for my daily work.
I’ve identified Talos Linux as the perfect distribution for:
- Small in size
- No SSH access to bare-metal machines
- Os designed for Kubernetes
- API-driven configuration and management
The setup will be deliniated entirely in the next blog post.
Infrastructure as Code and Gitops#
For GitOps, the main tools are ArgoCD and FluxCD. While ArgoCD is widely used by my clients, I opted for FluxCD in the spirit of experimentation, as it’s a technology I haven’t encountered before. Additionally, FluxCD appears to be straightforward to set up and less resource-intensive.
The infrastructure repository structure follows best practices for multi-cluster setups.
For more details, the structure is well explained here.: https://fluxcd.io/flux/guides/repository-structure/
Network#
The network part is my pain point. I will try to learn the best practices and required hardware along the way.
Initially, as depicted in the previous paragraph, the setup is minimal and handled by a central ASUS RT-AX86U Pro router where I configured:
- VLAN 11 for Dev cluster
- VLAN 12 for Storage
- VLAN 13 for Prod cluster (future)
For both Dev cluster and Storage cluster, I have a dedicated Netgear switch with 4 PoE Ethernet ports. At the moment, the link between the router and switch is an Access port, therefore only one VLAN can be configured for each switch. In the near future, the plan is to replace the 2 switches with larger ones and have them linked to the router with a Trunk port. I’m still unsure whether I need dedicated hardware firewall.
Wrap up#
I anticipate a significant learning curve, and I’m excited to refine my approach as I gain experience.
The beauty of a personal homelab lies in the freedom to adapt and manage services according to my evolving needs and knowledge.
This project represents not just a technical challenge, but an opportunity for growth and creativity in my field. I look forward to sharing my journey and the insights I gain along the way.
