Skip to content

Attendance

  • Host: Rechner
  • In-person: Bocuma, Danger, Mela, NIC, Christen, Scout, Mathnerd
  • Online: Archai, Techn3rd, Georninja

Introductions. Name, background, goals or interests for the meeting.

  • Rechner (he/him): Pawprint CTO, infra engineer dayjob, electronics and ham radio nerd.
  • Grace (she/her): rando, PM dayjob, privacy and homelab nut
  • Bocuma (he/him): raccoon
  • Mela (she/her): programmer dayjob, keep the home network
  • NIC (he/him). Infra and Endpoint Engineer dayjob. I like phones, the desk and wall kind.
  • Scout (he/they): Jr. Sysadmin at SJSU, loves proxmox, might be a wolf on the internet
  • Christen (any/all): tiny gremlin that wants to poke server racks. my daily driver used to be slackware cuz im cRaZy

Slides

Rechner Fox

Pawprint Prototyping

Virtualization

  • VM machine, emulates entire computer hardware, all in software
  • Photo: BeOS --QEMU--> WinXP --QEMU--> Nokia
  • Hypervisor : SW that helps & handle Virtualization, but also hardware-assisted
  • Some options for HyperVisors
  • low-level ones
  • app: VirtualBox
  • FOSS: QEMU usually the one these days; KVM = Kernel Virtual Machine, turns Linux Kernel into VM

Why Virtualize?

  • Diagram: showing different levels & components in Virtualization
  • Why do this? manage dependencies; different (shared) libraries e.g. for development - can build sth, then blow it away Used to have dedicated machines: DB server, server Nowadays computers pretty fast & big; can just emulate VMs, instead of dedicated HW
  • Also Cloud/Networked Hypervisors (e.g. Proxmox), can setup & run VMs across a collection of Host Machines
  • Security Reasons: strong isolation guarantees (e.g. Security Researcher)
  • Replace specific hardware, e.g. PVX manager
  • Experimentation
  • Spans: from SOHO, all the way to data-center scale

KVM + QEMU + Libvert Architecture

- KVM module, added to Linux to make it pretend to be more "hardware" (VM Host) - QEMU is a device emulator; handles the virtual CPUs, that guest OS runs on - libvirt manages the overall VM; pokes & prods the VM to manage things

OS-Level Virtualization (Containers)

  • VMs were new-tech a few decades ago; still around
  • current new tech is Containers: Most servers VMs are running Linux Guest, on Linux Host Kinda redundant... found we could remove some layers
  • Containers: several options: Docker, Podman, etc. Have common standard Open Container Initiative
  • Proxmox supports LXC containers natively LXC, package more like an OS - "one OS per image"... can run multiple apps
  • Under the hood, uses "cgroups" feature of Linux
  • Docker used to use this. Now follows OCI Docker/OCI: package "single app per image"
  • Some Orchestration: Kubernetes - very complicated, Docker Compose/Swarm - good starting point Nomad - another options

Proxmox Virtual Environment

  • FOSS (AGPL v3); free for personal use; license for commercial use
  • Based on Debian Linux
  • Manages Compute, Network & Storage
  • under the hood: QEMU, KVM & libvert
  • can make cluster of Proxmox machine and network together Provisioning, Live Migrations, etc.
  • Proxmox has sister product called "Proxmox Backup"
  • Storage support: LVM: logical volume manager ZFS: amazing Solaris-made file-system; these days good Linux support & Various Network Storage support

ZFS

  • RAID & Z-RAID
  • RAID lets you combine a bunch of hard-drives together Why? Hard drives are unreliable Traditional HW Raid relies on a controller card These tended to have battery to avoid data loss, if lose power
  • RAID levels 0 (Striping) = No redundancy; just stick them together 1 (Mirroring) = Same data on both (or more) disks; makes reads faster Other levels not discussed, but you can look up
  • ZFS, use w/ JBOD (Just a Bunch Of Disks) Handle in Software, w/o dedicated controller More flexible, can change setup to a degress ZRAID levels, similar to HW RAID; but can also combine, e.g. ZRAID 10 VDEVs can combine drives into a ZPool

Lesson or demo

Show zpool examples zfs list -> show zpool can be mounted & chopped up any number of ways

zfs send/receive -> send/receive entire FS over network

zpool status - show drive configuration (e.g. mirrored, or raidzX) - "resilvered" - checks for consistency

Proxmox VE ISO - "dd" command to "burn" ISO onto USB - or Rufus, Balena Etcher, etc.

Live Demo, w/ SuperMicro Server - display out (VGA) captured to call - (some server troubles, finaaly got USB to boot)

Questions & discussion

Readings & exercises for future meetings

  • Next meeting topics:
    • Caddy webserver!
    • Identity/SSO
    • DHTs