Nitro's - Condo=Home Data Center Replacement

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Hello STH Family

Over the next two weeks this thread will be used for detailing out my redo/consolidation/update to my home datacenter. So bear with me as updates/pictures roll in.

Background
So for my job I am a management consultant and I focus on Information Security performing assessments and working with my clients to design and implement security for their organizations. As such I spend most of my time on the road and was tired of paying 2k month for an apartment I was never at. Two and half years ago, I decided that prices had fallen enough and that it was time for me to invest all of my savings into some property. After searching and searching for the best deal I came across a condo for sale by owner (on craigslist no less) near downtown Dallas and fell in love with it. A month later I was a homeowner. It was the perfect bachelor pad. Two pools, two workout facilities, valet, concierge, the works. I have to do nothing, if something breaks they have maintenance here and I can pay someone to come to my unit while I am at work and come home and its fixed. This is perfect for me since as mentioned before I am not here a lot.

Fast forward to today - A year and little bit ago I got married and the wife moved in. For those of you that are single, this means no more bachelor pad! My place now smells good all the time, I have candles, mercury glass, new bedding, and so many clothes and just girl stuff that I don't know how it all fits in here! So over the last month, we have been trying to figure out what we can do to optimize our space and have places not just for our clothes but all of our activities. We like to go skiing, snorkeling, hunting, fishing, and I am big into BBQ; so we have a lot of stuff. With only a couple of closets and no garage we had to do something. Before the wife...and as of this writing the entire Guest Bedroom closet is taken up my 24u Dell Rack, so this means skis, golf clubs and other gear take up space in the master closet. Single Person Translation - Unacceptable

Solution
1. Rip out the old built-ins in the Master and Install Elfa
2. Get rid of my datacenter - The real purpose of this thread!

Existing Hardware
Dell 24u Cabinet
2x Dell 2716 PowerConnect
2x FireBox X500 w/ Pfsense
1x Norco 4020 - Asus mobo w/ 2x Xeon E5430, 36GB ECC, Areca 1880i + Intel Expander, IBM BR10i
2x WD6400AALS -RAID1 - OS10x Hitachi 2TB - RAID6 - Static Data (movies, music, pics, etc.)
8x Seagate Cheetah 15k.7 300GB - RAID 10 - VMs, Databases
Dell KVM

Plus a couple shelves in the cab for
TWC cable modem, router, HDHR Prime, Tuning Adaptor
Whatever projects im playing with, ASA, Juniper SGs, etc.
Temp Servers + other projects

New Hardware

Router/Firewall/UTM
iStar S21 ITX Case w/ 150w PSU
Jetway NF9D-2550 Intel D2550 Atom mini-ITX w/ 3x Lan
2 GB SO-DIMM DDR3 1066mhz
Software - Undecided - PFSense/Sophos/other?

About this - I picked this case because I am using the same case for 2x Compute Nodes so it will stack/match nicely. Plus the great thing about this case it is the only slim (non-cube) ITX case I could find that does not use DC power (power brick) and has a full height expansion slot. I picked this mobo, because i wanted to go atom/low power and have something that had a lot of LAN ports without using a pci-express adaptor.

Compute Nodes (x2)
iStar S21 ITX Case w/ 200w PSU
Intel S1200KPR
Intel Xeon E3-1265L
2x Kingston 8GB ECC
40GB Intel 320 SSD
Software - I will be running the OpenSource Xen Cloud Platform (XCP)

About this - I picked this case because I am using the same case for 2x Compute Nodes so it will stack/match nicely. Plus the great thing about this case it is the only slim (non-cube) ITX case I could find that does not use DC power (power brick) and has a full height expansion slot. I picked this mobo, because I wanted an ITX board that supported full size ECC Dimms and still had a PCI-Express expansion slot. The only downer about this board is that it does not have IPMI/vPro tech, but I was willing to sacrifice that to use full size ECC. The Xeon E3-1265L because it can provide plenty of horsepower when needed and can sip power when idle. About XCP, after a long internal struggle, I opted for this because it supports most of the paid features Citrix Xenserver does. Additionally, it works transparently with Citrix XenCenter and Citrix XenDesktop, both which have free licenses for personal use. I will be doing a separate post on the software setup. Patrick - Maybe I can make that into an Article if you want?

Storage
This is something that has really been bothering me. I really wanted to go all DIY, but there are simply no good Chassis Options for ITX based NAS. Other than the NSC-800, which comes with its own set of issues. Additionally, there are no ITX mobos with 8x SATA on board. So I have chosen to go with the Synology DS1812+. I will be adding 4x 4TB Seagate drives for now and some Samsung 840 SSDs in the near future for my VMs. I also will be adding a 2GB SO-DIMM to max the ram out to 3GB.

Other Stuff going into the build
1x HP Procurve 1810-24G
2x UPS - Undecided
1x TWC Cable Modem
1x Silicon Dust HDHR Prime
1x TWC CC Tuning Adaptor

I would post pictures of the before, but some of you may have seen my FS thread over the past month, so a lot of it is already taken apart. So you will just have to suffice for the after pics next week. Most of gear arrives at home on Tuesday, but I wont be home until Thursday. So expect pics this time next weekend!

Also what are the groups thoughts on USP systems? I need something that will give my network gear decent time to power down safely and another to keep the modem/router/switch online to survive extended outages.


Future State Diagram

 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Task List

Task List - I will kind of keep status here and post links to other threads/articles as they are documented.
Setup Synology
Create NFS Tier1 - SSD - DONE
Create NFS Tier2 - VMs - DONE
Create NFS Tier3 - ISO Library - DONE
Transfer Data from Array - DONE
Setup AWS Glacier Backup - DONE​
Build Sophos - Hardware Completed
Configure known outbound - DONE
Configure VPN - In Progress​
Build Citrix Nodes - DONE
Install XCP - DONE
Migrate AD/DNS/DHCP - DONE​
Rebuild PVR on Win7 - DONE​
Install CloudStack
Install XenDesktop - DONE
Install AD CS - Single Tier
Install NetScaler
Install Second Cloudstack for HA
Install Second MySQL
Replicate DB
Setup Heartbeat and DRBD​
 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Build Pics - More to Come

All the parts

iStar-S21 Case - I am loving it BTW, its so small!

Case Lid has mounting for two SSDs!

Jetway Mobo for Sophos

2x Realtek onboard
3x Intel on Daughterboard

Intel S1200KPR installed in the S21

Intel 320 SSD mounted to case lid

Installed XCP on the first box. I havent even unpacked from my trip yet!
 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Finished Hard Product.

An Entire rack of stuff all consolidated - Best part is my power bill will cut almost in half.



 
Last edited:

Patrick

Administrator
Staff member
Dec 21, 2010
12,181
5,257
113
About XCP, after a long internal struggle, I opted for this because it supports most of the paid features Citrix Xenserver does, particularly HA. Additionally, it works transparently with Citrix XenCenter and Citrix XenDesktop, both which have free licenses for personal use. I will be doing a separate post on the software setup. Patrick - Maybe I can make that into an Article if you want?
Would love this. I purchased the C6100 just to start playing with cloud platforms for the site.
 

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Well i started the XCP Article - sent to your hotmail. And I lied about HA being included. I got confused, its added via CloudStack mgt.
 

RimBlock

Active Member
Sep 18, 2011
824
27
28
Singapore
Yep, agree with Patrick. Would be good to read more on Xen.

Any reason for not virtualizing the PFSense firewall ?.

RB
 

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Yea i thought about virtualizing the firewall, but if I did that I would want to dedicate a NIC for the WAN with vt-d. Not an issue other than it will require me to lose my expansion slot for the sake of running a firewall. Well and along those lines, the Intel S1200KPR does not support VT-d, so I would have had to choose another board. I figured its only going to cost me an additional $230 to have a dedicated appliance, so i opted for that.
 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Added my list of things to come!
Also what are your thoughts on this as my network design?
Public(internet)
|​
NAT (Sophos)
|​
HP 1810 Switch
|​
VLAN 10 - 192.168.100.x -storage
VLAN 11 - 172.16.100.x - Management
VLAN 100-500 - 10. x1 . x2 . x3
x1-Location
x2- Env.
x3- Device​
 
Last edited:

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
Yea its going to be full UTM - The home version is the same as their enterprise version, but is limited to 50 devices. So i should be ok.
Right now i have about 15.
 

RimBlock

Active Member
Sep 18, 2011
824
27
28
Singapore
Yea i thought about virtualizing the firewall, but if I did that I would want to dedicate a NIC for the WAN with vt-d. Not an issue other than it will require me to lose my expansion slot for the sake of running a firewall. Well and along those lines, the Intel S1200KPR does not support VT-d, so I would have had to choose another board. I figured its only going to cost me an additional $230 to have a dedicated appliance, so i opted for that.
Yeah, forgot for a moment you were using the S1200KP(r). Damn them Intel folks for disabling VT-d.

RB
 

nitrobass24

Moderator
Dec 26, 2010
1,087
129
63
TX
I could always throw XCP/Xen on the Atom/FW box and virtualize Sophos & Netscaler there too. Would be kind of silly to route all XenDesktop traffic to one node for NS_VPX just to reroute it back through the network to get to where the desktop may reside.
 

PigLover

Moderator
Jan 26, 2011
3,012
1,315
113
Nitro - do you think that Jetway + 3 NIC solution would fit in a 1U case? Most 1U can't fit a standard IO shield, so it could be a PITA to find the right case. But that thing looks like a GREAT option for a UTM (as you've already figured out :) but I would need it rackable.