Now that we have a general understanding of what operating systems we could install on our homelab machine(s), we can start to think about which services we might want to bundle together, which ones we might want to have dedicated resources for, and where we might install them.

Virtualization

It's finally time to talk about virtualization. This technology allows your system resources to be partitioned into multiple virtual machines (VMs), each running their own OS and applications on hardware that is simulated through highly efficient software such as QEMU. In addition to the efficiency and organization, running your services in VMs gives you access to easy tools for backing them up, restoring them in the case of mishap, and migrating them between different physical machines. The fewer services run on each VM, the more granular your ability to migrate or restore them is, at the cost of some organizational overhead.

Docker

Docker is a tool that allows you to virtualize at a higher level with the creation of "containers," which run partially separated from the host OS and each other, but can share certain resources. Many popular homelab services are available as docker containers, with predefined docker or docker-compose files that allow you to deploy them quickly and easily. I recommend dedicating one VM on your hypervisor to running docker containers, and installing a web-based management tool like Portainer to make it even easier to deploy multiple services on this VM.

Here's a good litmus test for which services you should install on your docker host:
If this service broke, would it cause other services to break? If it would, then you might want to give it its own VM. If it wouldn't, and you can find a container for it on GitHub or the Docker registry, it's a great candidate to run on your docker host! You may also want to consider if you have a set of many services that are all connected, like a media stack, putting those services on a separate VM that's also running docker (and portainer, if you're into that).

Storage

Aside from applications that run in a VM or a docker container, you may also want to dedicate a machine- physical or virtual- to managing your storage. Simple storage configurations like 1 or 2 HDDs/SSDs with no redundancy don't require special configurations, especially if you're only running a single physical machine. If you want redundancy, you're using several disks of different sizes, or you'd like to share storage across the network to services on different machines, you'll want to dedicate one to managing your storage.

If you have one physical server with a lot of storage and few other resources, and at least one other server to run other services, you might consider installing TrueNAS, which offers block level storage that your hypervisor can utilize for VMs in addition to NFS and SMB network shares. If all of your services are running on a single machine, you might use your hypervisor to manage storage, or you might install TrueNAS in a VM and pass some of your disks to it from the hypervisor. If you don't have complex storage to manage but you want network shares, you can consider UCS, which bundles network share management with services for managing users and logins across your homelab. Which option is best for you depends on the resources you're working with and your specific needs- the beauty of working in VMs is that it's trivially easy to set up new VMs to experiment with different operating systems and options.

Identity

If you don't need all of the options available to you in UCS, options like Keycloak and Authelia are available as docker containers. For small labs with a small number of users, and logins that are used for your apps but not tied to desktop devices and network shares, deploying an identity provider in a docker container. As mentioned earlier, you'll want to consider how you'd access your applications if the machine hosting your identity provider container fails- does your hypervisor support migrating it to another machine? Do you have backup logins setup for your apps? These kinds of considerations might determine whether or not you should run a separate VM dedicated to your identity provider- and that doesn't stop you from using Docker to deploy it!

Next: My Lab

Next week, we'll go over the layout of my recently disassembled homelab, what services I choose to run in the cloud, and what I'll do differently next time.