| Core Infrastructure |
| You're going to need some metal to run all this gear on, and a foundation to build it all from. The
outlines below will help you better evaluate the choices that you can make as you decide what, and how, you would like to proceed. This is intended to get you started f
rom the ground up with a fault tollerent and redundant solution, much like AWS-EAST-1 attempts to provide.
|
Operating Systems:
• (technically easy; quasi cheap) Proxmox
• (technically hard; very cheap) Qemu
• (technically easy; very cheap) TrueNAS SCALE
|
Hardware
• (About $250) Tiny Desktop, such as IBM Lenovo M900
• (About $85) RaspberryPi 5
• (medium) NAS Storgage
• (medium) Layer 2 Managed Switch
|
| Your Network |
Like everything, you're going to have to start out with a plan. Most folk's networks default to something in the 192.168 prefixes, and Docker and other things like to use 172's. For your network plan, and to keep this guide simple, let's use a 10 dot network. Also, much like many networks, there will be different zones of trust. For this purpose, I'll start off defining a few simple zones: DMZ, LAN and OOB.
DMZ Zone - This will be where all your services will reside. The outside world may be able to interact with this subnet.
LAN Zone - This is where all your desktops and related devices reside. The outside world should *not* be able to reach into this network directly.
OOB Zone - The Out of Band management zone. The DMZ and outside world should not be able to reach into systems in this network, only ones from the LAN. This is where all the management IP addresses for your infrastructure will reside.
When it comes to IP address subnet assignments, there are a lot of ways to do so. Many folks like to go with a rubric that is similar to the following: 10.LOCATION.ZONE.HOST where:
LOCATION - If you have multiple sites and connections, this is the subnet of that location.
ZONE - This is where we define the different VLANs or Zones that will be used in the site.
HOST - This is the IP assignment to the host in that zone.
With these constructs, we could easily start mapping host IP addresses based on some assumtions:
DMZ Zone will be VLAN 102. The subnet will be 10.1.102.0/24.
LAN Zone will be VLAN 101. The subnet will be 10.1.101.0/24.
OOB Zone will be VLAN 100. The subnet will be 10.1.100.0/24.
|
| Chicken meets Egg |
Where to begin? The NAS? The Switch? Configuring a router? Personally, starting to configure the network switch is the best place to begin. Different switches are going to go about getting configured in different ways, but let's look at it physically first. Do you have an 8, 16 or 24 port switch? Start thinking about the hosts and how they will physically connect to the switch. Think about which ports will be single VLAN or tagged VLANs (where you can have multiple VLANs on one switch port). For this discussion, let's assume you have a 24 port switch. Ports 1-12 can be LAN hosts, and we can leave the higer number ports to have our devices reside with tagged VLANs.
Don't forget to begin to label all your wires. A wire taxonomy that is useful is giving each wire a "serial number" and labeling an A/B end. For example, on one end, you'd have the label say 10001-A, and the other end 10001-B. Start tracking in a spreedsheet, for later, which wire goes to where on the switch and the host.
|
| NAS |
INSTRUCTIONS FOR NAS
|
| Proxmox |
INSTRUCTIONS FOR Proxmox
|