In my previous post, What’s In My Lab Now, 2024 Edition, I detailed my lab’s Active Directory setup which relies on Windows Server 2022 VMs. While that setup has served me perfectly well to date, recent advancements in Samba’s support for Active Directory features, combined with a desire to reduce my need for software licenses in the future, presented an opportunity to experiment with cross-platform AD domains.
Almost four years ago (agh!) I published What’s In My Lab, an overview of the systems and software I use at home for my own personal infrastructure. You might think that at a certain point you achieve some kind of serenity, and the desire to modify or expand is sated. Hah! Guess again.
Running a Kubernetes cluster on a few Raspberry Pi 4s has been a rewarding but challenging experience. The biggest limitation was storage - each Pi was booting from an SD card, which, while convenient, proved to be a massive bottleneck. SD cards are not only slow, but also wear out quickly under constant read/write operations. Over time, I experienced several cases of data corruption which brought that cluster to its knees.
When I kicked off the latest iteration of my homelab project about 10 years ago, everything was harder. Shared storage was a luxury that meant diving into expensive SAN solutions which were neither feasible nor affordable for anyone not running a data center. Containers were still in buzzword territory, and their real-world application was confined either to early versions of Docker (pre-OCI, mind you!), or to cutting-edge cloud-native projects like Google’s Borg.
In early 2020, recent semiconductor startup Ampere announced the Altra, an ultra-dense 80-core ARM64 CPU targeted at cloud computing environments. Patrick Kennedy of ServeTheHome covered the release with an excellent in-depth article last year which I highly recommend reading.
In mid-2020, Oracle became the first cloud provider to add the Ampere Altra to their cloud computing lineup. And in early 2021, Oracle took the unusual step of adding the Altra A1 VMs to their “Always Free” tier, allowing anyone to create ARM64 VMs with up to 4 cores and 24GB of RAM at no cost. I’ve recently started playing around more with my Oracle Cloud account, and decided to use Terraform to spin up a free ARM64 VM to compare its performance with one of my existing Raspberry Pi 4Bs.
The low risk and low-to-no budget of a home lab environment often results in security taking a back seat. Services are sometimes left open and unguarded in the name of “Just Make It Work”. Home labs aside, the complexity of running even a halfway-decent security infrastructure makes doing so a non-starter even in many small business environments.
As a result, the largest and most easily exploitable gap you’re bound to find in many home labs and small networks is unencrypted traffic. This of course allows for a variety of attack methods against locally-hosted services.
Perhaps unsurprisingly, as my home lab and local area network have matured over the years, both I and my family have come to depend on the assortment of services that I run strictly within the four walls of our home. Knowing that our data is physically secure, we often tend to take other forms of security for granted.
Now that I’ve shared some of my physical infrastructure in my home lab, I want to share the service topology for the specific services I run at home for home automation, secure storage, and even this website.
On December 2nd, a surprise announcement made waves in the Kubernetes Twitter-sphere - that after the upcoming 1.20 release, Docker would be officially deprecated.
Due to widespread confusion over what “Docker” means in specific contexts, many people panicked - myself included. Due to its popularity and ease of use, the Docker engine has become synonymous with “containers”. However, Docker is really an entire ecosystem of container tools and processes, including building and shipping container images. So what does this announcement mean, and what are the implications for everyone using it?
Like many people in IT, I’ve been running a home lab for several years. My home lab has become progressively more complicated over the years as I’ve layered in new technologies that I want to explore and added new services to my home network.