How to Install Windows 10 and Join a Domain on VWWare ESXi
How to Install Windows 10 and Join a Domain on VWWare ESXi
Permanent link to this article: https://achubbard.com/2019/10/25/how-to-install-windows-10-and-join-a-domain-on-vwware-esxi/
How to install FlightAware on a Raspberry Pi
Permanent link to this article: https://achubbard.com/2019/10/23/installing-flightaware-on-a-raspberry-pi/
Check out my latest video! Write up coming soon!
Permanent link to this article: https://achubbard.com/2019/09/18/how-to-setup-a-windows-server-2019-domain-controller/
Installing Server 2019 – A How to Guide
The installation of Microsoft Windows Server 2019 mirrors that of a Microsoft Windows 10 Installation. At least, graphically. In this case we are installing Windows Server 2019 on a VM running on an ESXi host. First, we need to acquire the ISO for Windows Server 2019.
For this tutorial, we will visit the Microsoft Evaluation Center and download our selected ISO:
Once you VM is created and your ISO is loaded, the first screen we will come to is the language screen. Select your language, time and currency format along with keyboard type. Then click next.
Once you select your languages and click next, you will be brought to the below screen where you will be prompted to “Install Now”
You will now need to select which version of Server 2019 to install. You have options of Standard and Datacenter. Choosing one of those options with (Desktop Experience) will install the traditional Windows GUI. Choosing one of the options without (Desktop Experience) will give you a CLI to use.
Accept the EULA by clicking on the check box and click next
Once you accept the EULA, you will be prompted to select the type installation you wish to perform. In this case, since it is a new VM, we will choose Custom Install.
Select the drive you are going to install Windows Server 2019 onto. For this tutorial, we only have one VHD in our virtual machine. Highlight it and hit the new button.
Enter the size you want the drive to be. We are using the full drive in this instance. Click the apply button.
You will receive notice that Windows will create additional partitions. Click ok.
To continue our installation after partitioning, select the largest partition to install Server 2019 onto. Then click next.
Windows will begin the installation process. This may take several minutes to complete. The system will reboot when it has completed.
Upon reboot, you will see this screen stating the system is getting ready.
Once the system reboots, you will be prompted to set a local administrator password. Set the password and confirm it and click finish.
You will be brought to the lock screen. Hit the control, alt and delete keys.
Enter your newly created password and hit enter.
You are now at the desktop and can continue configuring your new server.
Hope this helps someone out, it is a very basic guide to installing Microsoft Windows Server 2019.
Permanent link to this article: https://achubbard.com/2019/05/09/installing-server-2019/
As I work on building out my homelab, I decided that for this iteration of it, I needed to have something that was more robust to handle my backups. I spend a lot of time configuring and deploying my key VMs and I wanted to make sure that I had good backups as I tinker.
I’ve long since used Nakivo Backup and Replication Free Edition which is a perfect solution for those on a budget or with a small environment. Nakivo’s free edition covers 2 VMs. This was a great start, but I really wanted to protect my whole infrastructure. So I pulled the proverbial trigger and purchased 2 Enterprise Essential licenses to cover VMWare on my Dell R510.
Being a Systems Administrator for over a decade, I’ve used and tested numerous backup products. Some worked better then others, and for me, most of them were well out of my price range. After using Nakivo in my lab and deploying it for a former employer, I felt it was well worth the investment to purchase the full product.
Installation of Nakivo is very easy. I’ve used Nakivo on both Windows and Synology platforms. For this installation, I will be installing Nakivo on my Supermicro mini server case and a Supermicro X10SDV-TLN4F motherboard. You can see more about the server in my post titled “Small Home Lab Server”.
First we need to obtain the trial installation of Nakivo. You can do so by click on the link here. Fill out the information and download the installation. Once you’ve downloaded the executable, we can go ahead and double click it. You will see the screen below.
Once the installer initializes, you have some options to pick. I accepted all of the defaults for my installation.
When the install is complete, click on the “Finish” button. If you’ve left the check box “Open NAKIVO Backup and Replication” selected, your default browser will open and prompt you to create your account.
Your browser will launch and you will see Nakivo starting up.
Here you can pick your username, password and email address. Pretty straight forward.
Next we need to add a host to back up. In this case, I have VMWare vCenter running. For my home lab I opted to purchase the VMUG Advantage subscription. This costs around $200/year and is well worth it for those of us who want to learn VMWare at home. You get all of their offerings to try out in your home lab for $200/year. Great feature from VMWare.
So we will add the hostname, IP and the credentials to login to it. Then click the “Add” button.
For my installation, I used the onboard transporter. I do not have anything off site at this time and for what I back up, the onboard transporter works well. Click “Next” here.
Now we need to tell Nakivo where to store your backups. In my case, for now, I will pick the 3TB drive in my Supermicro computer (I am currently lacking in storage and hope to upgrade shortly)
I accept all the defaults here and click “Finish”
Now that we’ve installed Nakivo and added a host, it is time to configure a backup job.
Creating a backup job with Nakivo is actually very easy. There is no agent to deploy or configure, it’s all done right from the user interface. First, select the “Create” button along the top of your console. Since I run VMWare in house, I am going select “VMWare vSphere backup job”
Select the VMs you wish to backup with this job. I built out this job for my firewall and UniFi server. Don’t mind the two inaccessible VMs, those are old and I have yet to remove them.
Once we’ve selected our VMs, we need to tell Nakivo where to send those backups. I am using the onboard repository, so that is what I will select.
Here you can schedule how often your backup actually runs. For now, I went with the defaults for this job. For the rest of my jobs, I will change the time at which the backup runs so they do not all run at one time.
Next, select your retention schedule. Again, for this job, I just left the default of keeping the last 10 recovery points.
The final step to creating your first job is selecting options for the job. Again, I left most of this as the defaults.
Click on “Finish & Run” and Nakivo will prompt you which VMs in the job that you want to back up.
Click on “Run” and you will see on the main page that the job is now beginning to run.
You’ve now successfully configured Nakivo Backup and Replication. Hope this helps some of my fellow homelabbers out. So far, I have Nakivo backing up my pfSense firewall, Unifi VM, Plex and File Server VMs and it is working well. My only downside at this time is slight lack of storage for my Supermicro. I am still on the hunt for a good option to backup a couple of my physical machines.
Permanent link to this article: https://achubbard.com/2018/06/13/nakivo-installation-and-review/
|Intel Xeon-D 1541||32GB||4x2TB Hard Drives||2x512GB SSDs||Windows 2012|
As an OS on this server, I initially wanted to go with ESXi. I am, after all, a VMWare kind of guy. However, this machine has an on board RAID controller. The on board Intel RAID controller is just software RAID. It will not pass through to ESXi and ESXi will not see anything attached to it. Given the cost of the machine, explained below, I decided not to purchase an additional RAID card at the time. Plus, I wanted to use it as an opportunity to learn something new. I opted to install Windows Server 2012 and configure Hyper-V. This was something very new to me. I have only dabbled with Hyper-V in the past. Most of the environments I work with are VMWare based. So far, it has worked out very well.
Cost wise, this system is not for the faint of heart. The case/motherboard combo cost $1,224.99, the RAM cost 297.99 and shipping cost me $36.84, all for a wopping total of $1,559.82. This price did not include any drives. I saved a few bucks because I already had the 4 drives to stick in the unit, plus two additional 512GB SSDs. If you have almost $1,600 to spend, and you want a very quiet, low power, powerful home server, this is the machine I would go with. I’ve been running it for almost a year and it has been rock solid.
Permanent link to this article: https://achubbard.com/2018/03/26/small-home-lab-server/
Permanent link to this article: https://achubbard.com/2018/03/05/create-vlans-cisco-2960g/
The first tasks I am tackling in my home lab rebuild is to upgrade the Intel Xeon CPUs in my Dell R610 hosts. I am removing the existing Intel Xeon E5520s in one, and Intel Xeon E5504s in the other and upgrading to Intel Xeon L5630s. As a result of going with the Intel Xeon L5630s, my power usage should, hopefully, be a bit lower. Upgrading the CPUs is a pretty straight forward task.
The first step we must take is to remove the heat sinks and old CPUs. The heat sinks are the first to go. They are held in place by two metal levers that are clipped under a clasp on each side. Press down on the blue plastic piece at the end of each metal lever. Slide it out from under the clasp and lift it up. Once you have done that on both sides, the heat sink will now come off.
If the CPUs are still good and you might reuse or give them away, take care to clean off all of the old thermal paste. This way they go into the appropriate packaging clean.
Removing the CPU is a similar process to removing the heat sink. On the CPU socket, you will find a metal lever that is also hooked under a clasp of sorts. You will need to gently press down on the lever and slide it away from the clasp/hook. Once out from under the hook, allow the lever to go upward gently. It will be under pressure so be sure to keep a finger on it so it does not spring back and hit something.
Pull back the metal ring around the CPU and remove the CPU. Be careful not to damage any of the pins on the socket when you remove the CPU.
Now that the heat sinks are off and in your hands, wipe off any thermal paste that remains on them. We will replace it with fresh thermal paste. Take a cloth and lightly dampen it with some rubbing alcohol. Then take the cloth and wipe the bottom of each heat sink. This will take the residue of the old thermal paste off and allow the new thermal paste to transfer the heat from the CPU to the heat sink better.
There are many different types of thermal paste to use. The product I have been using successfully is a product called Super Lube. It is a silicone heat sink compound. A tube of it will run you around $7-8 on Amazon and should last you a long time. You don’t need much of it.
Grab your new or replacement CPUs and unpackage them.
I am using the Intel Xeon L5630 CPUs. They are a lower power CPU and are fairly cheap. I believe I paid around $5-6ea on eBay.
Install your new CPUs carefully. The chips have two half circle notches cut out of them. One on each side. These notches line up with little plastic pegs within the socket. This keeps the chips aligned properly. They act as a key so you cannot put the chip in backwards.
Next, place the chips in their sockets. Fold the metal ring around the top of the chip and take the metal lever and push down. Slide the metal lever under the clasp/hook. The lever will have some pressure on it but you should not have to force it. If you have to force it, chances are you’ve installed the chip backwards.
Once the chips are installed, take a small dab of thermal paste and put a very thin layer on the top of each chip. This does not need to be very thick nor do you want gobs and gobs of thermal paste on there.
Once you’ve applied your thermal paste, you can go ahead and re-install the heat sinks. Next, place one on each chip. Push down on the metal levers. Finally, lock the levers in place under the hook/clasp on each side.
Now that you’ve successfully changed out both Intel Xeon CPUs in your Dell R610, you can power it up and enter the BIOS and confirm that it sees both CPUs.
Finally, if you are interested in my home lab rebuild, please check out my blog post titled “Homelab Rebuild – Part 1 – Intro” for more information
Permanent link to this article: https://achubbard.com/2018/03/02/dell-r610-intel-xeon-cpu-upgrades/
As an IT guy, I like metrics and graphs. I like knowing how things are performing. I’ve also always been a bit fascinated by the weather. So naturally I decided to put two and two together and built my own weather station setup. I live out in a rural area and we can get rather high winds and lots of rain at times. This project really started because I wanted to know just how fast the wind would whip through our property.
As a techie person, I really wasn’t looking for an out-of-the-box solution. I wanted something a bit more…custom. I spent a lot of time researching various different software and “controllers” for the weather station. I figured I would decided what I was going to use for data acquisition before I picked a sensor suite. I settled on the WeatherBridge Pro from Meteobridge. Not probably the most popular device out there, but I thought it was pretty neat. It lets you report to various weather sites and export the data into MySQL and other various databases. It had quite the price tag at around $450-500. I purchased this in 2015 and overall it has been ok. I do not believe I would purchase a second one. It has had…quirks.. from day one. Occasionally it will hang up and need a reboot, the screen will go silly and need a reboot or I have had it drop off the network and not respond. When it works, it works well. Boots right up and grabs the data from the ISS (below) and reports it to WeatherUnderground and CWOP.
The OS is based off OpenWRT. The web GUI also has some quirks that are more annoying then anything else. Under the services tab, if you add a service, say a MySQL database, and then decide you want to remove it, there is no way to do so.
I’ve also found the the unit itself generates quite a bit of heat and there are no fans or vents on it.
Once settling on an acquisition device, I moved on to the sensor suite. This is the piece of hardware that lives outside and actually does the leg work. I went with the Davis Weather Station 06357. This setup comes with a temperature and humidity sensor, a wind speed (anemometer) and direction vane. These sensor report back to the WeatherBridge Pro over RF at 915MHz. The unit boasts a 1000′ distance, but I have found anything further then a few hundred feet is the limit. This could be a limitation of the WeatherBridge Pro or the Davis ISS. This is a fairly basic setup, which, for what I am doing, is perfectly acceptable. I picked up the mounting hardware as well.
This setup is mounted to the rail on my deck. I picked this location for ease of accessibility, and the fact that I am not terribly fond of heights so my roof was off limits. It has worked well in it’s current location. I purchased the sensor suite in 2015 and it has been installed since. It has held up well to the cold weather, wind, rain etc. I have been very happy with it.
All in all, the components I picked for my weather setup have worked out pretty well and I have been relatively happy with it. You can check out the data from my station on WeatherUnderground.
Permanent link to this article: https://achubbard.com/2018/02/27/personal-weather-station-setup/
For the last year and a half, I have been all about consolidating my gear. I got into this funk where I absolutely wanted nothing to do with enterprise equipment in my home. I wanted to go home and just be home. However, that attitude has sacrificed a lot of my personal learning and growth. I am a guy who LOVES to tinker. Doesn’t really matter what it is, I just love to tinker and I love gear.
After talking with some fellow IT guys during a meeting recently, I realized, I miss having the gear to work on at home. I missed having the resources to test something and not give a care if I break something.
I’ve also recently started this blog and am attempting to teach myself about WordPress, it’s plugins and WAFs (Web Application Firewalls). I felt re-invigorated to acquire some gear new gear. I am hoping this blog, and purchasing some new gear, will keep me interested in a hobby that has turned into a career for me.
I have acquired 2 Dell PowerEdge R610s to use in my rebuilt homelab. Both are outfitted with only 16GB of RAM. Ideally, I would love to increase this to 32-48gb of RAM per host. The price was right on the two machines the way they sit so I figured I would just outfit them as needed. As low power is a slight concern for me, I ordered a pair of Xeon L5630s for each machine.
I would love to have a true Dell SAN to go with the rest of my Dell stack, however, they are subtly out of my price range at the moment. Can you tell? I am a rather big Dell guy when it comes to servers. I picked up an 8 bay Dell R510, was hoping for a 12 bay, but this will give me a start. Honestly, with the size of drives these days, 8 bays should be sufficient for what I am using it for. This will allow me to install my collection of hard drives and pass them through to FreeNAS. I have also picked up a set of 10gb Mellanox cards and cables.
I picked up a pair of Dell PowerConnect 5524Ps. Initially, I planned on using these as my VM switches and picking up a 48 port Cisco of some variation for my core switch. However, I’ve decided I would use both of these for the time being and forgo the Cisco idea. The 5500 series Dell switches support stacking via HDMI cable, not something I have ever tried, but I scored both switches for a song and this is homelab right?
I did however, purchase a Cisco WS-C2960G-8TC-
VLANs, what good is a homelab without VLANs?
I will provision 3 ports on the Cisco C2960G on what I call VLAN5. Taking the link from my cable modem, I will feed the WAN into 1 port, and send it out the other 2 additional ports to my redundant firewalls. VLAN5 will only exist on the Cisco switch. By setting up the environment this way, it gives me a little bit of redundancy, at least, in my mind. Obviously my two single points of failure are my cable modem and the Cisco switch.
As the hosts will have no local storage, we will need to create this VLAN to handle all of the iSCSI/Storage traffic for both. This VLAN will only be present on the Dell stack.
This VLAN will allow the movement of virtual machines back and forth between my two hosts.
VLAN25 is where most of the err….action…happens. This is where my end devices sit. I don’t typically try to break that stuff up in my home environment. This VLAN will be on both the Dell stack and Cisco switch. It will only be present on the Cisco switch so that I can manage the switch from my workstation.
My security cameras were once on VLAN25….with everything else… my network was in essence…flat. I currently have 9 cameras with the plan to add a few more (small farm, we have animals etc so we like to keep an eye on things) – I decided it was time to break them out into their own VLAN. Enter stage left, VLAN35. Some of you reading this may be asking, how does this guy pick his VLAN numbers?? Honestly, the number is in direct correlation to the 3rd octet of the VLAN. So, an example might be, 10.10.35.0/24 – the x.x.35.x is where the number comes from. Just something I came up with and ran with.
I do not typically have a lot of guests at my house, we’re out in the woods and people don’t like to visit. I’m ok with that. However, when we do have the occasional guest, I would rather they be on their own VLAN and have no access to anything other than the internet.
This is a new one for me. VLAN51 will become my secure VLAN. It will have no access to the internet. No access to the rest of the network. Any VMs that are apart of VLAN51 will be shut down when not in use. VLAN51 will be used to network my penetration testing VMs.
Since I am moving my office to my basement, I will be working on installing two dedicated circuits for my new lab. My electrical panel is right there and access is fairly easy. Most likely these will be 2 – 20 amp circuits. I am not an electrician, I just play one on the internet. Just kidding, please if you are going to run your own circuits, be aware of the risks involved. I am fairly comfortable working with electricity.
One thing I regret selling is my UPS. That is a pricey component that I will need to re-acquire at some point. I have a couple of smaller ones, and frankly, it’s my homelab, if it goes offline, eh not the end of the world.
One item that I had a hard time selling when I was consolidating my lab, is my 25u StarTech Open Frame rack. I had advertised it locally numerous times and never had anyone actually come and buy it. So I kept it and I am glad I did. It’s one less thing I need to purchase for the this adventure. I am planning on either enclosing it or putting it in a small server closet in my shop/office. This will hopefully help keep the noise down.
Something I never needed before was a VMUG subscription. I always had access to VMWare products through work. This time around I will be purchasing the $200 subscription so that I can utilize all of the products that come with it. Both of my hosts will be running ESXi. I will also be using the vCenter appliance instead of the Windows based vCenter install since that is the way things are headed anyways.
Several years ago I utilized FreeNAS as my SAN for a POC (Proof of Concept) for a previous employer. This worked out very well. FreeNAS will be once again utilized for this en-devour. It will be installed on an R510 as stated above. Then I will create an iSCSI target and present that to VMWare as a LUN. Once the LUN has been presented to VMWare, we can go to town building out the Virtual Machines. Fairly straight forward here.
As of the moment my virtual machines are…..lacking. I went from having numerous VMs to accomplish one or two tasks down to one physical host and only a couple VMs to do a lot of tasks. Some things on my list to virtualize:
Firewall – pfSense and CARP – this is something I have never tried. Never really had a reason to. I feel like in the spirit of homelab, I should attempt this. Currently I am running a single Untangle firewall on Hyper-V. I love Untangle (so far) but I do not believe there is a way to create a failover cluster. None the less, this could change at any time. I jump from UTM to UTM or Firewall to Firewall. Keeps things exciting you know?
Monitoring – Nagios, Observium (perhaps Grafana will make a debut at some point too)
Domain Controllers – Currently I am working on my Master’s in IT, so I have access to the Microsoft Imagine program, so I will more then likely be spinning up a couple DCs to work with.
File Server (either nextcloud or something)
Security related – AlienVault, Nessus, and a dedicated KALI VM. Perhaps even a couple other pentest VMs on a secure VLAN.
Patch Management – ManageEngine
Web Server – Centos 7/WordPress/MySQL
Home Automation and Security – HomeSeer
Media – Plex (and maybe iHome Media Server too)
Additionally, aside from my 2 hosts and the R510 SAN, I do have several physical machines present in the lab. One of the biggest tasks will be to remove all of my VMs off my Hyper-V box and turn my Hyper-V box into a BlueIris/Nakivo backup box. I switched to BlueIris from Ubiquiti’s NVR recently, and although I am loving Blue Iris, I find it resource intensive. So I will be leaving it as a physical box. The way I figure it, I can remove all the other tasks off my SuperMicro Mini and then have room for Nakivo along side Blue Iris. That machine has plenty of oomph for those two tasks.
I have a custom built workstation that I can never figure out what to do with, so I ordered up a 2u case and will be racking that as well. This will server as my media ingest machine. By that I mean, when I buy my next lot of DVDs and Bluerays or borrow them, I will use this machine to ingest the media and flip it to my Plex server.
A secure homelab or network environment should have a jump box or jump point. For me, my Intel Skull Canyon NUC will become this. Just a versatile box that is always on. Something I can hit from the field. My NUC will also be tied to a TV or screen in my office so that I can monitor the systems in real time.
Check out my latest Home Lab rebuild posts
Dell R610 Intel Xeon CPU Upgrades – to see my progress on the two new hosts!
Add VLANs and Assign Ports on Cisco 2960G Switch – to see some configurations on my WAN switch
Permanent link to this article: https://achubbard.com/2018/02/24/homelab-rebuild-network-hosts-freenas-dell-r510/