Yeah any FOSS OS that can do a router

Option A modified: get a router, install OpenWRT, install wireguard, get a VPS, create a tunnel, profit

I wonder if mpd in a container with a front-end can solve your problems

I’m using k8s at work and am planning to set up k3s at home, because even though PVCs and Ingresses are not the easiest to grasp and write in templates, I think the way I want to do storage is beyond the capabilities of podman which I used earlier. Also, Kubernetes on either end so knowledge transfer is ready

Thanks, I’ll take a look!

Arch linux install wouldn’t be a problem really because the way the install is done. Pretty sure I could it all over SSH. Unfortunately, Debian isn’t exactly that…

I’m planning to use a Raxda Zero 3W/Banana Pi Zero for this. Do you think this will suffice? I don’t need speed or power, it just needs to be usable.

Wow that’s expensive. But thanks something to keep in mind. I’m planning to build my own $25 KVM with Chinese parts off of Aliexpress and PiKVM (if that’s possible)

All I have is a laptop. I’m getting these machines for free from a friend

Thank you for the tip, I’ll keep a look out for VAAPI/VDPAU support. Thanks!

I was considering the usual BananaPi/OrangePi/Raxda/Pine64 SBCs, are those not enough horsepower? I’d like to stay under $80 for my SBC purchase, and it will be doing double duty with managing some services like DNS and music scrobbling alongside uploading to the cloud

I’m going to be using an SBC for this, which doesn’t have the capacity for an extra storage drive. Also, I’m planning to move in a couple of months, and I wouldn’t want to deal with storage in the middle of all of this. The cloud isn’t as insanely expensive as I initially thought; B2 is $6/TB, and I hope that with reencoded streams at an OK resolution I wouldn’t go beyond 1.5TB a month (I’ll be deleting stuff with bucket policies, of course).

I’ll take a look at tdarr alongside ffmpeg, thanks!

The problem is that I don’t have the local storage to maintain a watch folder for continually streaming video. I want to write semi-directly to the Cloud, which is why I’m looking for a transparent reencoding layer. Can handbrake do this?

Thank you, but there’s another problem: I don’t have local storage to write the files to and then upload. I need to write semi-directly to the Cloud.

You’re right, I don’t know why I didn’t consider that. This is going to be a mix of security cameras and live streaming video that I’ll store on the cloud, and the problem is that I have horrible upload speeds along with no local storage for caching

How did you “understand” that it would be slow? Did you look at the code?

Thanks for the link, I’ll take a look

I see that. It seems I’d have to set up replication myself, but that seems doable. Thanks

Do they offer multi-region storage boxes? Hetzner is definitely a name I can trust (at the moment), I’m interested

That’s very expensive to recall. Glacier download prices are extremely expensive

Thanks!

Thank you! Could you explain a bit about what travelmate does under the hood? I’d like to know the basics of how it operates.

More like, if you wanted the storage under the LUN to be shared through the VM. Essentially, mount the LUN into the VM and then run NFS/SMB from the VM as a NAS. Works out pretty well since with a little bit of trickery you can have a NAS that is also HA (assuming the storage pool doesn’t go down).

With that said, I’m very interested too.

Unless I completely misunderstood your question

libvirt does support “clustering” at least in some capability, you can live migrate VMs between hosts

I didn’t know libvirt supported HA

I read a bit more and I’d like to add:

RoCE/iWARP is the technology with which one would be able to route DMA over the network. The bandwidth of the network is the bottleneck but we’ll ignore that for now.

SR-IOV is a way to share virtual functions of PCIe devices on the same host.

Regardless of whether one uses IB or iWARP, they can also route data to and from a PCIe device attached to a host to another host over the network. I still have to research the specifics but I’m now positive that it can be done.

Thanks

Well, I’m not a systems engineer, so I probably don’t understand the scale of something like this.

With that said, is it really hard to slap TCP/IP on top of SR-IOV? That is literally what I wanted to know, and I thought RDMA could do that. Can it not?

I’m fairly sure there’s a way to provide compatible PCIe devices over IP on a network, or “some network” (if you’re bypassing the IP stack, perhaps). I just don’t know what it’s called, and I’m getting more confused by whether RDMA support can do this or not. Essentially, I want to leverage what SR-IOV allows me to do (create virtual functions of eligible PCIe devices) and pass them over IP or some other network tech to VMs/CTs on a different physical host.

So it is RDMA.

Indeed, I have come across RoCE, and support seems to be quite active on Debian. I was looking at QLogic hardware for this, and whilst I know that firmware for such stuff is really difficult to find, I’m fine with just FOSS support on Debian

Unfortunately for you OP, you’re going to have to become at least decent at networking. The good part is that it will happen naturally as you learn, break and re-do your homelab.

Incidentally, I’m interested in any guides you might have regarding CPU performance metrics and cache. If you can recollect where you got them from.

So, essentially you want a File server and a media server, yes?

I think the parts to something like this would be:

1. DNS, so you don’t have to remember IP addresses. Most people use Pi-Hole/Adguard home, but the idea is the same.
2. A platform to run your services. A lot of people run containers bare-metal, but a lot of people also run their containers on top of VMs using a hypervisor. Some people just run VMs. For a beginner, containers will be a little more of a learning curve compared to plain VMs but it will pay off very soon. I tend to suggest Podman since it’s binary compatible with Docker and I like it more philosophically.
3. Some way to acquire media. This is where the payoff really starts showing up since you’re running about 10 containers or so already. Imagine running 10 VMs on restricted hardware. If you’re going to torrent, I’d suggest looking up Sonarr and going from there.
4. Actual media and file servers. Since you like GUIs, try Jellyfin and (this is not a favourable recommendation but here we go) Nextcloud.

Have fun!

Intel SGX requires for me to set a CPU flag in the .conf file. For now, it’s a shell script and I can do it with Ansible, but I’d like to not have to do such half-baked measures

I was under the impression that cloud-init could only really be used to run commands inside the guest? Well, I could technically use Ansible and edit the file every time I provision something - this was just an example of however much the community tries, there might be something missing in the provider because proxmox doesn’t take this on directly.

I should have worded that better. In using MAC, AppArmor effectively reduces access to files that would be essential for the VM to run. That is the sense in which I mentioned “security enclave” but I can see now that that isn’t quite correct.

Either way, that is my philosophical reasoning for complaining this much. Ansible is pretty decent and has decent Proxmox integration, but Terraform is, in my opinion, superior when it comes to deploying infrastructure. That might be a bias from my side, of course. For now, I’m also going through the OpenStack documentation to see if the things I want to achieve can be done there, because they have an official Ansible project alongside their version of Cloudformation - Heat.

Thanks

Could you tell me which cloud providers are using Incus?

It’s a bit hard to search info about it with the name. But it’s a fantastic project

Thanks, it’s very new and I’d like to give it some time to mature. With that said, I’m happy to see a SUSE developer take it on.

It also has some great capabilities and let’s me handle my storage and hardware whilst providing me paradigms akin to the Cloud a la Openstack (to an extent). It seems great, thanks for mentioning it.

Thanks I’ll take a look

A lot of them do actually. Most mid-tier cloud providers (Linode, Digital Ocean, Vultr) and less expensive providers (IONOS, for example) do have official terraform providers. Smaller providers like Racknerd don’t but that is somewhat understandable.

Incidentally, Porkbun is a known DNS provider which doesn’t have terraform support (which is why I’m evaluating Cloudflare in the first place for a domain).

XCP-ng has an official terraform provider, whilst ESXi and Proxmox don’t. The unfortunate part is that there isn’t even a provider for KVM, which really sucks.

It’s just that when something breaks in Proxmox the remediation is completely manual and I hate that.

Thanks, I look forward to someone creating a provider which encompasses all of Proxmox.

Very unfortunate. I’m considering OpenStack as an alternative for its support but TBH it’s not what I want.

I will probably have to run cloud-init/ansible on the PVE host for this to work. I’d probably go with Ansible, but I would have liked for this to be possible directly through Terraform. I don’t know if it’s the developer of the provider who didn’t include this.

With that said, we do have AppArmour support for VMs, which is a secure enclave too (if I understand correctly). Don’t quite know if switching on and using both SGX and AppArmour would be a good choice - would you happen to know about this?

Hey, I’d like to ask you one more thing: is it possible to set up short-term credentials which can be provisioned and invalidated automatically with policies? I’m looking towards an idea of a self-hosted AWS STS without installing a secrets manager like Conjur and I think it should technically be possible with FreeIPA. Please let me know what you think.