Almost four years ago (agh!) I published What’s In My Lab, an overview of the systems and software I use at home for my own personal infrastructure. You might think that at a certain point you achieve some kind of serenity, and the desire to modify or expand is sated. Hah! Guess again.
Running a Kubernetes cluster on a few Raspberry Pi 4s has been a rewarding but challenging experience. The biggest limitation was storage - each Pi was booting from an SD card, which, while convenient, proved to be a massive bottleneck. SD cards are not only slow, but also wear out quickly under constant read/write operations. Over time, I experienced several cases of data corruption which brought that cluster to its knees.
When I kicked off the latest iteration of my homelab project about 10 years ago, everything was harder. Shared storage was a luxury that meant diving into expensive SAN solutions which were neither feasible nor affordable for anyone not running a data center. Containers were still in buzzword territory, and their real-world application was confined either to early versions of Docker (pre-OCI, mind you!), or to cutting-edge cloud-native projects like Google’s Borg.
The low risk and low-to-no budget of a home lab environment often results in security taking a back seat. Services are sometimes left open and unguarded in the name of “Just Make It Work”. Home labs aside, the complexity of running even a halfway-decent security infrastructure makes doing so a non-starter even in many small business environments.
As a result, the largest and most easily exploitable gap you’re bound to find in many home labs and small networks is unencrypted traffic. This of course allows for a variety of attack methods against locally-hosted services.
Perhaps unsurprisingly, as my home lab and local area network have matured over the years, both I and my family have come to depend on the assortment of services that I run strictly within the four walls of our home. Knowing that our data is physically secure, we often tend to take other forms of security for granted.