New Hetzner Server
After canceling my EC2 instance last year after all my student credits ran out, I was mostly hosting all my services either on my old Dell Precision T5500 at home and some on the server of my friends.
While hosting services at home is great if you just want to play around a bit, it can get expensive really fast if you want your server to be available all the time. Italy announced a bill(I think that is the equivalent of ‘decreto’) to raise current prices (I’m not linking sources here. can’t be bothered). This means having a PC/server run 24/7 at home can get quite expensive really fast. Especially with such old hardware as the one I have.
Analyzing Available Offers
I’ve been eyeing 👁️ the prices of different VPS and dedicated hosting provider, evaluating their pros and cons in terms of:
- price / performance
- resource sharing (for VPS)
- uptime
- freedom
- usability
- ability to scale
And after a lot of consideration I found that…
Actually I didn’t do any sort of evaluation. I just looked up the prices of Hetzner AX servers from time to time when procrastinating/daydreaming. Last month there was some kind of special offer at Hetzner for the AX-41/AX-51 servers where they didn’t make you pay the initial 30$ setup fee that the servers normally come with. I think they just wanted to get rid of all Ryzen 3xxx servers they still had, since they started offering servers with 5xxx processors already.
Buying the Hardware
Now because I am a student and students are poor (or at least have to be a bit more careful with their money) I bought the cheapest Ryzen 3xxx server in the Helsinki 🇫🇮 datacenter. The specs are the following:
| Resource | Value | Note |
|---|---|---|
| CPU | AMD Ryzen 3600 | |
| memory | 64 GB | non ECC |
| storage | 2x 512GB NVME | Toshiba. RAID 1 |
All this for the low price of 40EURO/month with a 1 gigabit/s internet connection (with no datacap link in “freedomland”) and an uptime that is way higher then the one I get with the servers at home.
What now?
As you may have noticed (or not) this blog is not served from a Hetzner IP, but from a CDN. This is because I had this site before I had the server and did not jet have time to set it up there. Now you may ask, what on earth are you doing with so much computing power/memory/uplink? Currently the answer is: not that much. But there is a plan.
Current setup.
Currently the server is just a single host(no VMs) with some Docker containers and two Docker-compose files. One for traefik as reverse proxy and the other one is vabene1111/recipes (a django app to organize recipes).
This setups is pretty straight forward but I found that looking up running
services with docker ps gets crowded and complicated really fast. As I said
I only have 2 services so it should theoretically be manageable?
Anxiety
While it is definitely possible to just use docker-compose for all the services that I want to host. I am really anxious whenever it comes to running services. Things can fail/error and so on and data can get lost. This creates a lot of mental overhead/stress that and I don’t want to wake up everyday and immediately think about what will happen if one of the Docker containers fails or what if Hetzner Hardware breaks?
To get rid of, or at least some of these worries, I an currently trying to coax the entire Hetzner server setup into Infrastructure as Code.
This process will without doubt take a lot of time but I think it’s manageable. The end goal would be to have all my infrastructure defined in an Ansible inventory and a set of Playbooks that set up the various bits and pieces to make things work.
Ansible
For starters, I will try to move the installation of my Hetzner to Ansible.
With that done I can move on to organizing the services/compose-files and
integrate the setup of those into IAC as well.
Having the setup of the individual services available as code as well, would
take away the pain of manually logging into the server, typing git pull xyz
then docker-compose up -d every time I’d want to either deploy a new service,
or I’d have to restart a service that failed.
Luckily there exist a lot of awesome tools that can help with IaC, services and containers. One possible solution to (hopefully) take away some of the pain of managing the whale 🐳 would be Kubernetes. This is discussed a bit later in this post.
End Goal
The end goal would for me would be to have my entire infrastructure defined as code (probably in Ansible since I’m familiar with it), have critical container data automatically backed up to some secure place so that I can start hosting things that I cannot afford to loose as easily as some recipes.
Kubernetes
As mentioned above, I an considering Kubernetes as to manage the container
of all the different services that I’d like to host.
I don’t have any experience in k8s other than running minikube on my tower
a couple of times to follow along with some tutorials. But that should not be
a problem since there are a lot of resources on K8s out there.
Currently I am in the planning/preparation phase of setting up K8s. What does this mean? Well since I only have 1 host to run K8s on I will have to split up the resources somehow. The way I’m planning to do that is by installing Proxmox on the server and have 3-4 VMs running there as K8s nodes.
Custer on a Single Server
I have jet to decide what distribution to use for the VMs. Searching the web
for best kubernets distro does not help as they all suggest CoreOS and
RancherOS, both of which have been deprecated as far as I understood.
The distro I am most familiar with is definitely Archlinux but I’m not sure
if that would introduce a lot of work in terms of updating aso. Two years ago
the alternative would have been centos but that is gone too so rockylinux
it is as alternative.
Resource wise I thought of splitting things like so:
| Resource | Total | Master Node | 2x Worker Nodes |
|---|---|---|---|
| CPU [vCPUs] | 12 | 2 | 5 |
| RAM [GB] | 64 | 16 | 24 |
| Storage [GB] | 512 | 100 | 100 |
The remaining RAM and storage will probably be used for Proxmox and some VM templates. And or as backup if I’d have to run another VM.
Ingress and other K8s Stuff
K8s is not simple and it there are a lot of things that can be configured. One of the more important things is probably the ingress. For that I’m going to user Traefik, because I’m already kind of familiar with how to use it with Docker and Let’s Encrypt for certificates.
The other important thing to consider with K8s is the container runtime. I have honestly no clue what the difference between all of the ones available is but I guess Docker is a thing of the past now (except it isn’t?) so I’ll use one of this list here:
containerd⬅️ I guess I’ll use this.cri-o⬅️ sound’s too cold ❄️some other thing with k by cannonical⬅️ Cannonical bad am I right?
That’s it for the K8s plan for now. Things will probably change over time. I’ll try to update some times.
Tons of Work
All the things above will probably take a lot of time. Especially since I don’t have experience in K8s jet so I have to figure out that one as well.
In the case anyone ever reads thought this, my respect to making it this far.
Most of this article is probably not structured perfectly and I’m not sure if
everything makes sense what I wrote. I am will try to update this blog a bit
more often now. Mostly to practice typing actual English words instead of the
int string float def if for ();+-:{}[""] that I type most of the time, but also
to maybe get a bit better at writing in general.
Thx and have a nice day 🙏.