Moving out of the cloud (mostly)

Bonjour,

Now that libvirt can be used instead of OpenStack, I’m thinking about moving some of the services hosted at https://enough.community to a NUC to reduce the operating costs. A single VM with a VPN and a reverse proxy with a public IP would stay in OpenStack and the rest (approximately 32GB RAM + 500GB disk + not much CPU) could move to the NUC.

That should save around 100€ per month and a 1,000€ NUC would be paid for within a year.

How does that sound ?

1 Like

That’s 1,170€ total.

Since RAM is expensive at the moment and 32GB is ok, a I’ll get a cheaper configuration for 855€.

The machine was ordered, it should arrive in the next two weeks.

To be continued!

Hello @loic,

  1. Where do you plan to host NUC server ?
  2. Behind which Internet connection ?

Thanks

At my home, with a fiber connection (Orange).

1 Like

Here is what I ended up ordering:

  • INTEL NUC BXNUC10I7FNK2
  • WESTERN DIGITAL BLUE SN550 SSD M.2 - 1 TO
  • GSKILL SODIMM DDR4 32GB F4-2666C18S-32GRS
  • WD MYBOOK 8TO 3.5IN USB 3.0 NOIR

For a total of 1282,75€. I Received the package a month ago but was busy with other things. Today I’ll unpack it and install a Debian GNU/Linux bulseye.

ldlc.pdf (263.9 KB)

1 Like

nuc

New services:

  • :white_check_mark: openvpn (on bind-host)
  • :white_check_mark: proxy (on bind-host)
  • :white_check_mark: icinga-lan (on libvirt)

Stay in the cloud

  • :white_check_mark: bind-host (bind, openvpn, postfix, proxy, api, website)
  • :white_check_mark: jitsi-host (jitsi)
  • :white_check_mark: icinga-host (icinga)
  • :white_check_mark: wazuh-host (wazuh)

Merge into bind-host:

  • :white_check_mark: postfix-host

Move to lan.enough.community

  • :white_check_mark: openedx-host (openedx)
  • :white_check_mark: forum-host (forum)
  • cloud-host (cloud)
  • :white_check_mark: gitlab-host
    • :white_check_mark: gitlab
  • :white_check_mark: runner-host (gitlab runner)
  • :white_check_mark: s01-host
    • :white_check_mark: chat
    • :white_check_mark: website
  • :white_check_mark: weblate-host
    • :white_check_mark: weblate
    • :white_check_mark: wekan

Remove from the cloud and delete

  • :white_check_mark: backups (no more pet-host)

I’ll use weblate backups to move weblate.enough.community to libvirt.

I ended up copying /var/lib/docker/volumes/weblate_{postgres,weblate}-data from the OpenStack host to the libvirt host that was created from scratch and it was fine.

Migration notes for weblate:

  • host=weblate ; service=weblate
  • laptop: Copy/adapt ~/.enough/enough.community to hypervisor:~/.enough/lan.enough.community
    • review & set variables (publicly visible URL mostly) from playbooks/${service}
    • ~/.enough/enough.community/inventory/deleted.yml
    • ~/.enough/enough.community/inventory/groups.yml # remove from pets
    • ~/.enough/enough.community/inventory/hosts.yml # remove
    • ~/.enough/enough.community/inventory/host_vars/${host}-host/*
  • hypervisor: set ~/.enough/lan.enough.community/inventory/host_vars/${host}-host/provision.yml
  • hypervisor: enough --domain lan.enough.community host create --driver libvirt ${host}-host
  • hypervisor: enough --domain lan.enough.community ssh --driver libvirt ${host}-host + apt-get dist-upgrade + reboot
  • hypervisor: add to libvirt_pets ~/.enough/lan.enough.community/inventory/group_vars/all/libvirt.yml
  • hypervisor: enough --domain lan.enough.community playbook -- --limit bind-host,${host}-host,localhost --private-key ~/.enough/lan.enough.community/infrastructure_key venv/share/enough/enough-playbook.yml
  • laptop: add to ~/.enough/enough.community/lan-playbook.yml
  • laptop: enough --domain enough.community playbook -- --limit bind-host,localhost --private-key ~/.enough/enough.community/infrastructure_key ~/.enough/enough.community/lan-playbook.yml
  • laptop: add deleted host to ~/.enough/enough.community/inventory/deleted.yml
  • icinga.enough.community: verify there are not leftovers /etc/icinga2 and restart
  • hypervisor: add to all-hosts: in ~/.enough/lan.enough.community/inventory/hosts.yml if necessary
  • laptop: remove from ~/.enough/enough.community/inventory/groups.yml pets
  • laptop: enough --domain enough.community openstack – server pause ${host}-host
  • laptop: git commit + push ~/.enough/enough.community
  • hypervisor: git commit + push ~/.enough/lan.enough.community

The https://icinga-lan.enough.community service is running: it is the icinga instance that monitors all services on libvirt. https://icinga.enough.community stays in the cloud to monitor https://icinga-lan.enough.community and will keep monitoring the other services that are in the cloud.

The migration is complete. For the record the machine patience has a copy of the cloud.enough.community volume as it was on 2021-05-23 and 2021-06-20.