Homelab Network Diagram
Network Configuration
Network is configured as follows:
- LAN:
10.11.1.0/24. - Gateway:
10.11.1.1. - Backup LTE wireless access point:
10.11.1.11. - DNS/DHCP/NTP/SMTP servers:
10.11.1.2and10.11.1.3. - Managed switch:
10.11.1.4currently no special config but a couple of VLANs to separate homelab devices from the rest of the home network. - PXE boot server:
10.11.1.20. - DNS private zone:
hl.test(a reserved top level DNS name .test, see rfc2606). - DHCP: range
10.11.1.140-10.11.1.149.
Hostnames and their IP addresses:
| Hostname | IP Address | Information | OS |
|---|---|---|---|
| mikrotik.hl.test | 10.11.1.1 | Mikrotik L009UiGS-2HaxD router | RouterOS 7 |
| admin1.hl.test | 10.11.1.2 | DNS/DHCP master, NTP, SMTP, HAProxy master, Keepalived | Rocky 8 |
| admin2.hl.test | 10.11.1.3 | DNS/DHCP master, NTP, SMTP, HAProxy master, Keepalived | Rocky 8 |
| switch.hl.test | 10.11.1.4 | Netgear GS308E managed switch | Firmware |
| truenas.hl.test | 10.11.1.5 | TrueNAS Core shared storage server for Kubernetes | TrueNAS Core 12 |
| pi.hl.test | 10.11.1.7 | RaspberryPi Pi-hole DNS ad blocker | Raspbian |
| mikrotik-lte.hl.test | 10.11.1.11 | Mikrotik RBwAPR-2nD with LTE antennas | RouterOS 6 |
| pxe.hl.test | 10.11.1.20 | PXE boot server | Rocky 8 |
| kvm1.hl.test | 10.11.1.21 | KVM hypervisor | Rocky 8 |
| kvm2.hl.test | 10.11.1.22 | KVM hypervisor | Rocky 8 |
| kvm3.hl.test | 10.11.1.23 | KVM hypervisor | Rocky 8 |
| kubelb.hl.test | 10.11.1.30 | Virtual IP address for HAProxy/keepalived | N/A |
| srv31.hl.test | 10.11.1.31 | Kubernetes control plane | Rocky 9 |
| srv32.hl.test | 10.11.1.32 | Kubernetes control plane | Rocky 9 |
| srv33.hl.test | 10.11.1.33 | Kubernetes control plane | Rocky 9 |
| srv34.hl.test | 10.11.1.34 | Kubernetes worker node | Rocky 9 |
| srv35.hl.test | 10.11.1.35 | Kubernetes worker node | Rocky 9 |
| srv36.hl.test | 10.11.1.36 | Kubernetes worker node | Rocky 9 |
Homelab Infrastructure
Kubernetes environment runs on three KVM hypervisors. The goal is to maintain service in the event of a loss of a (single) host. This blog post explains how to build a multi-master Kubernetes homelab cluster by hand using KVM, PXE boot and kubeadm.
Hardware
Commodity hardware is used to keep cost to a minimum.
| Hostname | CPU Cores | RAM (MB) | Storage |
|---|---|---|---|
| mikrotik.hl.test | 2 | 512 | 128MB |
| mikrotik-lte.hl.test | 1 | 64 | 16MB |
| pxe.hl.test | 4 | 8192 | 120GB SSD |
| kvm1.hl.test | 8 | 24567 | 240GB SSD |
| kvm2.hl.test | 8 | 24567 | 240GB SSD |
| kvm3.hl.test | 8 | 24567 | 240GB SSD |
| truenas.hl.test | 4 | 8192 | 240GB SSD, 2x 320GB HDDs in RAID 1 for storage pool |
| pi.hl.test | 1 | 512 | 8GB SD card |
Guest Provisioning
Previously, provisioning of KVM guests was done by using a PXE boot server with Kickstart templates.
I have since migrated to Packer to make the VM deployment process faster. PXE boot is still used to provision physical hosts (hypervisors).
Shared Storage
A TrueNAS NFS server is used to create persistent volumes claims using democratic-csi.
Monitoring and Logging
Monitoring setup includes Prometheus, Grafana and various exporters that Prometheus scrapes.
Router Metrics Grafana Dashboard
Other Services
Homelab provides other services to the environment:
- Bind DNS servers with failover and dynamic updates.
- DHCP failover with dynamic DNS.
- Peered NTP servers.
- Redundant SMTP relays.
Kubernetes Cluster Configuration
| Component | Software |
|---|---|
| CNI | Calico |
| CRI | Containerd |
| CSI | Democratic CSI |
| DNS | CoreDNS |
| Load Balancer | MetalLB |
| Service Mesh | Istio |
Homelab Root CA
SSL certificates are signed by the homelab CA.
Average Power Consumption
~170W.
Monthly running cost of the homelab is around (((170W * 24h) / 1000) * £0.24/kWh * 365days) / 12months = ~£30 (~38$).