I'd go with Proxmox with a docker VM then you can always run other VMS or lxc containers if needed.
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
Personally, after looking at what the industry wants; I would start my homelab trying to automate it with Ansible/Terraform. libvirt
should be decent, and if you want to go over to BSD, I think ansible supports bhyve
? If not, libvirt
definitely runs on BSD so you could just automate that
I work in security, so there is no really devops/sysadmin prospect for me. That said, I use ansible and (mostly) terraform professionally and for my lab, so that's a good idea nevertheless. I don't have much BSD experience, what do you think are the key reasons to go that route instead of Linux?
For me, it's a personal decision. I find BSD more cohesive. That is subjective and has been debated for a decade now. I also find bhyve
a bit easier to use, albiet the features are newer and more in number in KVM (for example: bhyve
until very recently didn't have VirtIO drivers, so Windows machines would be useless on it).
I'm interested in working in Security myself. Would you be able to tell me a little more about your work? Also, what role/path in security would you recommend for a Cloud admin/System Admin?
Would you be able to tell me a little more about your work? Also, what role/path in security would you recommend for a Cloud admin/System Admin?
Well, I started as an IT ops person, I got lucky before the first job was still in a fairly modern environment, and I got introduced to k8s, containers and linux administration (we were running k8s on baremetal). Slowly I moved more and more towards security, specifically infrastructure/platform security, which to be honest, is not too far from a regular Cloud/System admin. However, the big difference is in mindset and priorities, which slide from availability to mostly confidentiality and integrity. My job essentially consists on supporting the security of whatever Kubernetes cluster we run, both managed and on baremetal, with the usual spinkle of network security in the middle, and a strong focus in secure computation (i.e., container security). The actual work can range from research and experimentation, to concrete setup or development of new tooling, to developing standards and guidelines.
(Cloud) Security Engineering seems an obvious path for a cloud/system admin, and I don't think it's extremely hard to build the necessary security knowledge on top of a solid engineering background!
Proxmox has been great for me.
In the places where I've had to make similar decisions, I've used the need for 'advanced' features to make the call. If I'm looking for storage or networking redundancy, or I've been interested in running multiple hosts systems, or I've been looking to play with overlay networks, then I'll grab Ovirt, Proxmox, VSphere, or Openstack (depending). When I just want something simple-ish, I just KVM / Podman on a Linux machine.
Good point, I don't have any advanced use case, except maybe some slightly more complex network setup. Probably this is achievable with KVM too (and/or some firewall-fu). I would like to have fully IaC, so I don't have to click through guis, so the availability of Terraform providers might be a dealbreaker (which I didn't look yet for Proxmox, for example).