I've been running two Samba 4 Domain Controllers for my lab environment for a few months now, and aside from an occasional quirk such as having to use RSAT on Windows 7/Server 2008 R2 and editing an .ini file when creating a new Group Policy object it has been a good setup for my lab.
Group Policy Modeling doesn't work, so I do have to be careful on what is configured in Group Policy, but I can live with that.
Last night I was working on getting pfSense configured to use LDAP authentication. Again this just worked as expected, connect to 389 on the Samba Domain Controllers and go. I took it a step further, cut a SSL certificate for my lab's Active Directory domain from StartSSL and configured Samba to use that certificate for LDAPS. Again, everything just worked as expected.
I even got Samba member servers working, really not sure why it wasn't working on my previous attempt. I'll be switching out my Windows file server for a Linux one soon.
One of my goals with the lab is to have a nice stable "infrastructure" for learning new things. Using Windows Server evaluation licensing to build the base infrastructure seemed incompatible with that, which is why Limix servers are being slotted into those places where possible. If I want to test or learn a new product, I want to set it up on a VM and get to it, not build up Active Directory and all that then get around to testing.
As a side benifit I have a nice working Active Directory, file servers, VPN, etc. for media servers and other services I want to use.
The IT Outhouse is an blog written by an Information Technology Professional. Expect geeky posts, bits of code, plumbing references, and the occasional post for managing your digital life.
Wednesday, September 30, 2015
Thursday, September 3, 2015
Sunday, April 26, 2015
Homelab
I decided it was time to start over with my homelab, not that an ancient HP desktop with an Intel Core Duo processor was worthy of being called a homelab. It was basically my iTunes server, serving up content not in iCloud to Apple TVs, and it wasn't even doing that well.
The Parts Purchased (so far...)
The two 2 TB HDDs and two 3 TB HDDs were configured in a RAID 10 array. Not ideal having disks with different sizes, but it worked out and this is a homelab, not something mission critical. After configuring the mirrors and stripes I ended up with 5.somechange TB of RAID10 space. That will do nicely.
In order to get the ESX hypervisor installed the ESX installer needs to be modified to include the driver for the TS440's on board NIC. The VIB file for the network driver can be downloaded from Lenovo's TS440 Support Page and the ESX ISO can be customized with ESXi-Customizer.
With the disks installed and configured, RAM inserted, and customized ESX installer burned everything was smooth sailing. ESX installed to my USB stick, got configured, and I was up and running.
The Naming Scheme
I don't get to give my servers at work fun names. They are all LOCATION-SERVICE-NUMBER or something similar. (HQADDS01 for Active Directory at HQ...) In my home lab, with "limited" resources, one administrator, and no corporate rules, I decided my naming scheme would come from Transformers. Not the Michael Bay version, but the classic Generation 1 Transformers from my childhood. (And more recently, the excellent War for Cybertron and Fall of Cybertron games that I thoroughly enjoyed on my XBox360.)
Since itouthouse.net and itouthouse.org are just redirects to itouthouse.com, I don't have any worries using cybertron.itouthouse.net for my internal network. Thus, my ESX host is now named metroplex.cybertron.itouthouse.net.
The VMs
Any homelab is going to be...fluid, but I have a few ideas on what the various VMs will be.
The Parts Purchased (so far...)
- Lenovo ThinkServer TS440 70AQ000YUX E3-1245 4GB Tower Server
- 4x 3.5" Lenovo ThinkServer Hard Drive Caddy
- 1x Crucial MX100 256GB SATA 2.5-Inch Internal Solid State Drive
- SilverStone Aluminum Front Panel 5.25-Inch to 3.5-Inch Bay Converter FP55S
- 3x 4 GB RAM for 16 GB total. (eBay!)
- 2x 2 TB 3.5" HDD (7200 RPM).
- 2x 3 TB 3.5" HDD (7200 RPM).
- 1x 1 TB WG HDD (7200 RPM).
- 2x 16 GB USB3 Flash Drives for VSphere Hypervisor.
The two 2 TB HDDs and two 3 TB HDDs were configured in a RAID 10 array. Not ideal having disks with different sizes, but it worked out and this is a homelab, not something mission critical. After configuring the mirrors and stripes I ended up with 5.somechange TB of RAID10 space. That will do nicely.
In order to get the ESX hypervisor installed the ESX installer needs to be modified to include the driver for the TS440's on board NIC. The VIB file for the network driver can be downloaded from Lenovo's TS440 Support Page and the ESX ISO can be customized with ESXi-Customizer.
With the disks installed and configured, RAM inserted, and customized ESX installer burned everything was smooth sailing. ESX installed to my USB stick, got configured, and I was up and running.
The Naming Scheme
I don't get to give my servers at work fun names. They are all LOCATION-SERVICE-NUMBER or something similar. (HQADDS01 for Active Directory at HQ...) In my home lab, with "limited" resources, one administrator, and no corporate rules, I decided my naming scheme would come from Transformers. Not the Michael Bay version, but the classic Generation 1 Transformers from my childhood. (And more recently, the excellent War for Cybertron and Fall of Cybertron games that I thoroughly enjoyed on my XBox360.)
Since itouthouse.net and itouthouse.org are just redirects to itouthouse.com, I don't have any worries using cybertron.itouthouse.net for my internal network. Thus, my ESX host is now named metroplex.cybertron.itouthouse.net.
The VMs
Any homelab is going to be...fluid, but I have a few ideas on what the various VMs will be.
- Wheeljack: This will be my personal Windows Virtual Machine. Eventually I'll be playing with VT-D and GPU pass through to see if I can get some gaming working. This is what the SSD, 1 TB HDD, and SilverStone bracket are for. These will be directly connected to the motherboard's SATA connectors. I discovered that the Lenovo TS440 doesn't have enough power connectors to add two drives not in the hot swap bays in addition to the internal optical drive, this is a problem to address later. At least I have USB optical drives handy until I figure it out.
- Teletraan I: A Linux VM running Samba as an Active Directory Domain Controller.
- Teletraan II: Why have only one Active Directory Domain Controller when you can have two?
- Blaster: A Windows VM with some storage and running iTunes. It's only job is to replace my HP desktop that is serving up iTunes content to my Apple TVs.
- Rewind: Ubuntu Desktop running CrashPlan. Sole purpose is to be a CrashPlan server for friends and family. I could have gone headless but decided I didn't want to play with CrashPlan enough to get it running headless.
- Skyfire: Windows File server. Joined to Active Directory of course.
- Jetfire: Linux File server. Had some issues getting Linux file serving working the way I wanted, so went with Windows Server running in eval mode to work on other stuff. Eventually will circle back and get Samba working the way I want and replace the Windows file server.
- Perceptor: Monitoring server if I feel the need.
- Ironhide: pfSense firewall/VPN. Maybe something other than pfSense.
- Wreck-Gar: Windows 10 Technical Preview.
Subscribe to:
Posts (Atom)