-
-
Notifications
You must be signed in to change notification settings - Fork 739
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
docs: add SELinux note in prerequisites #93
Closed
Closed
Changes from all commits
Commits
File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,104 +1,109 @@ | ||
# Prerequisites | ||
|
||
## Fork this repository | ||
|
||
Because [this project](https://github.com/khuedoan/homelab) applies GitOps practices, | ||
it's the source of truth for _my_ homelab, so you'll need to fork it to make it yours: | ||
|
||
[:fontawesome-solid-code-fork: Fork khuedoan/homelab](https://github.com/khuedoan/homelab/fork){ .md-button } | ||
|
||
By using this project you agree to [the license](/license). | ||
|
||
|
||
!!! summary "License TL;DR" | ||
|
||
- This project is free to use for any purpose, but it comes with no warranty | ||
- You must use the same [GPLv3 license](https://www.gnu.org/licenses/gpl-3.0.en.html) in `LICENSE.md` | ||
- You must keep the copy right notice and/or include an acknowledgement | ||
- Your project must remain open-source | ||
|
||
## Hardware requirements | ||
|
||
### Initial controller | ||
|
||
!!! info | ||
|
||
The initial controller is the machine used to bootstrap the cluster, we only need it once, you can use your laptop or desktop | ||
|
||
- A Linux machine that can run Docker (because the `host` networking driver used for PXE boot [only supports Linux](https://docs.docker.com/network/host/), you can use a Linux virtual machine with bridged networking if you're on macOS or Windows). | ||
|
||
### Servers | ||
|
||
Any modern `x86_64` computer(s) should work, you can use old PCs, laptops or servers. | ||
|
||
!!! info | ||
|
||
This is the requirements for _each_ node | ||
|
||
| Component | Minimum | Recommended | | ||
| :-- | :-- | :-- | | ||
| CPU | 2 cores | 4 cores | | ||
| RAM | 8 GB | 16 GB | | ||
| Hard drive | 128 GB | 512 GB (depending on your storage usage, the base installation will not use more than 128GB) | | ||
| Node count | 1 (checkout the [single node cluster adjustments](../../how-to-guides/single-node-cluster-adjustments.md) tutorial) | 3 or more for high availability | | ||
|
||
Additional capabilities: | ||
|
||
- Ability to boot from the network (PXE boot) | ||
- Wake-on-LAN capability, used to wake the machines up automatically without physically touching the power button | ||
|
||
### Network setup | ||
|
||
- All servers must be connected to the same **wired** network with the initial controller | ||
- You have the access to change DNS config (on your router or at your domain registrar) | ||
|
||
## Domain | ||
|
||
Buying a domain is highly recommended, but if you don't have one, see [alternate DNS setup](../../how-to-guides/alternate-dns-setup.md). | ||
|
||
## BIOS setup | ||
|
||
!!! info | ||
|
||
You need to do it once per machine if the default config is not sufficent, | ||
usually for consumer hardware this can not be automated | ||
(it requires something like [IPMI](https://en.wikipedia.org/wiki/Intelligent_Platform_Management_Interface) to automate). | ||
|
||
Common settings: | ||
|
||
- Enable Wake-on-LAN (WoL) and network boot | ||
- Use UEFI mode and disable CSM (legacy) mode | ||
- Disable secure boot | ||
|
||
Boot order options (select one, each has their pros and cons): | ||
|
||
1. Only boot from the network if no operating system found: works on most hardware but you need to manually wipe your hard drive or delete the existing boot record for the current OS | ||
2. Prefer booting from the network if turned on via WoL: more convenience but your BIOS must support it, and you must test it throughly to ensure you don't accidentally wipe your servers | ||
|
||
!!! example | ||
|
||
Below is my BIOS setup for reference. Your motherboard may have a different name for the options, so you'll need to adapt it to your hardware. | ||
|
||
```yaml | ||
Devices: | ||
NetworkSetup: | ||
PXEIPv4: true | ||
PXEIPv6: false | ||
Advanced: | ||
CPUSetup: | ||
VT-d: true | ||
Power: | ||
AutomaticPowerOn: | ||
WoL: Automatic # Use network boot if Wake-on-LAN | ||
Security: | ||
SecureBoot: false | ||
Startup: | ||
CSM: false | ||
``` | ||
|
||
## Gather information | ||
|
||
- [ ] MAC address for each machine | ||
- [ ] OS disk name (for example `/dev/sda`) | ||
- [ ] Network interface name (for example `eth0`) | ||
- [ ] Choose a static IP address for each machine (just the desired address, we don't set anything up yet) | ||
# Prerequisites | ||
|
||
## Fork this repository | ||
|
||
Because [this project](https://github.com/khuedoan/homelab) applies GitOps practices, | ||
it's the source of truth for _my_ homelab, so you'll need to fork it to make it yours: | ||
|
||
[:fontawesome-solid-code-fork: Fork khuedoan/homelab](https://github.com/khuedoan/homelab/fork){ .md-button } | ||
|
||
By using this project you agree to [the license](/license). | ||
|
||
|
||
!!! summary "License TL;DR" | ||
|
||
- This project is free to use for any purpose, but it comes with no warranty | ||
- You must use the same [GPLv3 license](https://www.gnu.org/licenses/gpl-3.0.en.html) in `LICENSE.md` | ||
- You must keep the copy right notice and/or include an acknowledgement | ||
- Your project must remain open-source | ||
|
||
## Hardware requirements | ||
|
||
### Initial controller | ||
|
||
!!! info | ||
|
||
The initial controller is the machine used to bootstrap the cluster, we only need it once, you can use your laptop or desktop | ||
|
||
- A Linux machine that can run Docker (because the `host` networking driver used for PXE boot [only supports Linux](https://docs.docker.com/network/host/), you can use a Linux virtual machine with bridged networking if you're on macOS or Windows). | ||
- Many linux distributions, such as Fedora, deploy with SELinux enabled and enforced. Configure this appropriately on your own or simply set to permissive (at least it'll be logging): | ||
``` | ||
sed -i s/^SELINUX=.*$/SELINUX=permissive/ /etc/selinux/config | ||
setenforce 0 | ||
``` | ||
|
||
### Servers | ||
|
||
Any modern `x86_64` computer(s) should work, you can use old PCs, laptops or servers. | ||
|
||
!!! info | ||
|
||
This is the requirements for _each_ node | ||
|
||
| Component | Minimum | Recommended | | ||
| :-- | :-- | :-- | | ||
| CPU | 2 cores | 4 cores | | ||
| RAM | 8 GB | 16 GB | | ||
| Hard drive | 128 GB | 512 GB (depending on your storage usage, the base installation will not use more than 128GB) | | ||
| Node count | 1 (checkout the [single node cluster adjustments](../../how-to-guides/single-node-cluster-adjustments.md) tutorial) | 3 or more for high availability | | ||
|
||
Additional capabilities: | ||
|
||
- Ability to boot from the network (PXE boot) | ||
- Wake-on-LAN capability, used to wake the machines up automatically without physically touching the power button | ||
|
||
### Network setup | ||
|
||
- All servers must be connected to the same **wired** network with the initial controller | ||
- You have the access to change DNS config (on your router or at your domain registrar) | ||
|
||
## Domain | ||
|
||
Buying a domain is highly recommended, but if you don't have one, see [alternate DNS setup](../../how-to-guides/alternate-dns-setup.md). | ||
|
||
## BIOS setup | ||
|
||
!!! info | ||
|
||
You need to do it once per machine if the default config is not sufficent, | ||
usually for consumer hardware this can not be automated | ||
(it requires something like [IPMI](https://en.wikipedia.org/wiki/Intelligent_Platform_Management_Interface) to automate). | ||
|
||
Common settings: | ||
|
||
- Enable Wake-on-LAN (WoL) and network boot | ||
- Use UEFI mode and disable CSM (legacy) mode | ||
- Disable secure boot | ||
|
||
Boot order options (select one, each has their pros and cons): | ||
|
||
1. Only boot from the network if no operating system found: works on most hardware but you need to manually wipe your hard drive or delete the existing boot record for the current OS | ||
2. Prefer booting from the network if turned on via WoL: more convenience but your BIOS must support it, and you must test it throughly to ensure you don't accidentally wipe your servers | ||
|
||
!!! example | ||
|
||
Below is my BIOS setup for reference. Your motherboard may have a different name for the options, so you'll need to adapt it to your hardware. | ||
|
||
```yaml | ||
Devices: | ||
NetworkSetup: | ||
PXEIPv4: true | ||
PXEIPv6: false | ||
Advanced: | ||
CPUSetup: | ||
VT-d: true | ||
Power: | ||
AutomaticPowerOn: | ||
WoL: Automatic # Use network boot if Wake-on-LAN | ||
Security: | ||
SecureBoot: false | ||
Startup: | ||
CSM: false | ||
``` | ||
|
||
## Gather information | ||
|
||
- [ ] MAC address for each machine | ||
- [ ] OS disk name (for example `/dev/sda`) | ||
- [ ] Network interface name (for example `eth0`) | ||
- [ ] Choose a static IP address for each machine (just the desired address, we don't set anything up yet) |
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We should link this to the official document instead, which contains more information and context.