惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
Y
Y Combinator Blog
量子位
The Register - Security
The Register - Security
雷峰网
雷峰网
人人都是产品经理
人人都是产品经理
PCI Perspectives
PCI Perspectives
S
Secure Thoughts
V
V2EX - 技术
大猫的无限游戏
大猫的无限游戏
博客园 - Franky
C
Comments on: Blog
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google DeepMind News
Google DeepMind News
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
小众软件
小众软件
博客园_首页
S
Schneier on Security
S
Security @ Cisco Blogs
AWS News Blog
AWS News Blog
月光博客
月光博客
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
CERT Recently Published Vulnerability Notes
NISL@THU
NISL@THU
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
V
V2EX
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Recent Commits to openclaw:main
Recent Commits to openclaw:main
C
Cisco Blogs
Project Zero
Project Zero
博客园 - 叶小钗
Cisco Talos Blog
Cisco Talos Blog
博客园 - 聂微东
罗磊的独立博客
N
News | PayPal Newsroom
酷 壳 – CoolShell
酷 壳 – CoolShell
李成银的技术随笔
V
Visual Studio Blog
The Cloudflare Blog
IT之家
IT之家
M
Microsoft Research Blog - Microsoft Research
J
Java Code Geeks
博客园 - 三生石上(FineUI控件)
N
Netflix TechBlog - Medium
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
宝玉的分享
宝玉的分享
U
Unit 42
Hugging Face - Blog
Hugging Face - Blog

DEV Community

From Building WordPress Websites to Node.js APIs: My Honest Full Stack Journey XiHan Snore Coach: Privacy-First On-Device MedTech Guardian powered by Gemma 4 Mobile Why AI Coding Agents Hallucinate and How to Fix It mcp-probe v1.4.0: Contract assertions for production MCP servers Google I/O 2026 Wasn't About One More Model. It Was About the Agent Stack. How I built 100+ crypto calculators in 6 languages on Astro The Dawn of Local Multi-Agent Architectures: Why Gemma 4 Changes Everything for Cloud Developers # I Told My AI to Simulate a Planet for 10,000 Years. It Built the Whole Thing Itself. 18/30 Days System Design Questions! From Hackathon Chaos to Clean CLI: Reviving My Daily Routine Analyser with GitHub Copilot PolicyAware vs Guardrails vs AI Gateways vs Model Routers: The Comparison Every AI Engineer Needs to Read Partner: An AI That Does Research While You Sleep Rugby Fundamentals as Software Concepts - Mapping the Pitch to your Code Base I Let Claude Code Run Unsupervised for 24 Hours. Here's What Happened. Why Zed Is Replacing VS Code in My AI-Augmented Workflow Build a scroll-driven WebGL hero in 30 lines Karpathy's LLM Wiki? No Code with Claude or Github Copilot! Why Platform Governance and Transparency Matter for Developers and Freelancers I built a Flutter CLI that generates Clean Architecture in seconds Using an LLM to automate a task that used to take hours by hand CyberArena – Interactive Cyber Security Simulation & Threat Analysis Platform Tile Extractor Mathematical Functions in CSS: clamp, min, max and How They Simplify Responsiveness Polyglot Persistence in Microservices: Let the Domain Choose the Database 190 Countries, Zero API Calls: Shipping Static Data in a Chrome Extension Your AI Writes Code Fast. Here’s How to Check It Before Shipping qwen2.5-coder is too slow for Claude Code on a Mac. Here's the fix. Building Automated Text-to-Video Pipelines with AI Can Gemini Become an Offline AI Tutor? Lessons from Building Educational AI OPRIX : From a simple messaging web app to a well structured and enhanced UI messaging web app Why React + TypeScript Nullability Slowly Becomes Exhausting Why AI Agents Need a Project Layer - Part 1 Stop Hand-Editing MCP Configs: A Zero-Dependency Go CLI What I Learned Working With Microsoft, SQUAD(GTCO), and Different Tech Communities 🧠 Hermes Agent Assistant — A Modular AI Agent System with Planner, Executor & Memory Spring Boot Auto-Configuration Source Code: Nail This Interview Question The Ultimate Guide to Free AI API Keys: 6 Platforms You Need to Know Why 91% of AI Agents Fail in Production (And What the 9% Do Differently) TryHackMe | Battery | WALKTHROUGH Stop Guessing Your Regex — Test It Live in the Browser I Built FreelancEye, an Open-Source Mobile PWA for Finding Clients Beyond the Hype: My Production Playbook for Docker Swarm Top AI App Builder Platforms with Integrated Backend, Hosting & Database ECS vs EKS in 2026: An Honest Comparison from Someone Who Has Run Both in Production Hardening Your Node.js App Against Supply Chain & Remote Code Execution Attacks linux commands A Practical GEO Case: How an AI System Started Recommending Our Blog Your AI Agent Works 24/7 and Earns $0. I Built the Fix. Your AI Trading Agent Will Lose All Your Money — Here's How To Stop It Google I/O 2026: What Happens When Everything Connects? Why AI writes software but doesn’t build a good product Beyond the Hype: How Google I/O 2026 Secretly Democratized Production-Ready AI Agents with Managed Sandboxes. The Killer Assumption Test: How to Spot Doomed Product Decisions Before You Ship Stop Describing Your Bugs — Just Screenshot Them # I Built an AI Website Builder and Here's What Actually Happened Cooking an AI Campaign in 5 Minutes with Google Cloud AI APIs Your PM Retrospectives Are Lying to You How I Built a Free, Self-Hosted Pipeline That Auto-Generates Faceless YouTube Shorts TypeScript 54 to 58: The Features That Actually Matter in 2026 How to Tailor Your CV to Any Job Posting in 2026 The 7-day SaaS MVP loop: ship fast, then validate with people who actually show up 95. Fine-Tuning LLMs: Make a General Model Do Your Specific Job What Is a Frontend Developer Roadmap and Why You Need One Google shipped three Gemini "Flash" models. Picking the wrong one could 6 your AI bill Building an MCP server so Claude can query my SaaS analytics directly Google I/O 2026 and the Rise of the AI Ecosystem Your Docker Builds Are Slow Because You're Doing It Wrong (And I Built a Tool to Prove It) How do you verify GitHub contributions without trusting self-reported skills? CV vs Resume: What's the Difference and Which Do You Need? student Devs: Build AI Agents & Compete for $55K in Prizes 🚀 How to Write a Cover Letter That Actually Gets You Interviews Battle-Tested: What Getting Hacked Taught Me About Web & Cyber Security Unda folders za kuandika code >> mkdir src >> cd src >> mkdir controllers database routes services utils >> cd .. Directory: C:\Users\mwaki\microfinance-system Mode LastWriteTime Length Name Code Coverage .NET AI slop debt" is technical debt on fast forward. Nobody's ready. Multi-Head Latent Attention (MLA) Memoria - A Local AI Reading Companion Powered by Gemma 4 Stop Trusting Your Accuracy Score: A Practical Guide to Evaluating Logistic Regression Models Serious Question: Is the Developer Job Actually in Risk Due to AI? published: true tags: #discuss #career #ai #help rav2d: We ported an AV2 video decoder from C to Rust — here's why Your New Domain's First Week of GA4 Is a Lie: 4 Days of Raw Data from a Launch Gemma Guide - Real-Time Spatial Awareness for Blind Users From YAML to AI Agents: Building Smarter DevOps Pipelines with MCP A Field Guide to Human–AI Relations (For the Newly Bewildered Mortal) The AI Agent That Learns While It Works — A Complete Guide to Hermes Agent Inviting collaborators to work on ArchScope ArchScope is an interactive web-based tool that lets you design, visualize, and test system architectures with real-time performance simulations. Github - ArchScope is an interactive web-based tool that lets you Gemma 4: Google's Open-Weight AI Is a Game Changer for Developers Confessions of a Git Beginner: Why the Terminal Stopped Scaring Me Docker 容器化实战:从零到生产部署 🚀 I Built a Full Stack Miro Clone with Real-Time Collaboration using Next.js Building an African Economic Data Pipeline with Python, DuckDB & World Bank API llms.txt vs robots.txt vs ai.txt: The Developer's Cheat Sheet Intigriti Challenge 0526 Writeup Business Logic Flaws: How Attackers Skip Steps in Your App to Get What They Should Never Have Why Vibe Coders Need Boilerplates to Save Time, Tokens, and Build More Secure SaaS Projects Idle Cloud Cost Is the New Egress Cost Quark's Outlines: Python Traceback Objects Ghost in the Stack (Part 1): Why uninitialized variables remember old data Building a High-Performance Local Chess Assistant Extension with WebAssembly Stockfish and Manifest V3 Breaking the Trade-off Between Self-Custody and Intelligent Automation on the Stellar Network
Building a Home Lab with Proxmox and Terraform (for Kubernetes)
Giovanni Pel · 2026-05-23 · via DEV Community

Lately, I’ve been exploring new topics and decided it was time to level up my DevOps skills. This led me to build something I genuinely enjoyed working on: a home lab using Proxmox, with Terraform to provision virtual machines.

And yes — if you’re wondering what this is all for…
👉 we’re heading toward a Kubernetes cluster.

🎯 What You Will Build

In this post, we will set up:

  • A Proxmox-based home lab
  • A reusable VM template
  • A Terraform configuration to provision: 3 control plane nodes and 3 worker nodes
  • An automatically generated Ansible inventory for future automation

This creates a solid foundation for building and experimenting with Kubernetes locally.

Here is the diagram of what we are trying to achieve.

High-level architecture of the Proxmox-based home lab, where Terraform provisions virtual machines from a template to form a Kubernetes cluster.

🤔 Why This Setup?

Before jumping into the implementation, let’s talk about the decisions behind it.

🧠 Why Proxmox vs Cloud?

Cloud providers like AWS or Azure are incredibly convenient. However, for experimentation and learning, I wanted something more predictable and cost-efficient.

Running a home lab with Proxmox gives me:

Full control over the infrastructure
No ongoing costs for spinning resources up and down
A safe environment where I can break things without worrying about billing
In the cloud, even small experiments can become expensive if you forget to tear resources down. With Proxmox, once the hardware is set up, I can experiment freely.

That said, this is not a replacement for the cloud — it’s a complement for learning and testing before moving workloads to production environments.

⚙️ Why Terraform vs Ansible-only?

Ansible is excellent for configuration management, but when it comes to provisioning infrastructure, Terraform is a better fit.

With Terraform, I get:

Declarative infrastructure (desired state)
Idempotency by design
A clear execution plan (terraform plan)
While Ansible can provision VMs, that’s not its primary strength.

In this setup:

  • Terraform → provisions infrastructure
  • Ansible → configures what runs inside it (coming next 👀)

🌐 Why Static IP vs DHCP Reservation?

I chose to assign static IPs using cloud-init instead of relying on DHCP reservations.

Why?

Predictability → IPs are defined in code
Portability → no dependency on router configuration
Reproducibility → same setup anywhere
DHCP reservations work fine, but they introduce an external dependency. By keeping everything in Terraform, the entire infrastructure becomes reproducible.

☁️ Why Not Just Use the Cloud?

For many real-world scenarios, the cloud is absolutely the right choice.

But for learning:

Costs can grow quickly
You depend on internet access
You may hesitate to experiment freely
With a home lab:

You can break things safely
No cost anxiety
Faster iteration for small tests
The goal here is to validate ideas locally before scaling them in the cloud.

☸️ Why Not Use k3s Instead of Full Kubernetes?

k3s is a fantastic lightweight Kubernetes distribution — especially for edge or low-resource environments.

However, my goal is to:

Learn Kubernetes closer to production setups
Understand control plane components
Get hands-on experience with kubeadm
k3s simplifies a lot of this (which is great in practice), but I want to understand what’s happening under the hood.

🖥️ Lab Setup

Let’s talk about the hardware.

I used a gaming desktop that I originally built for gaming — ironically, that’s the one thing I’m not using it for anymore.

I added a 1 TB SATA SSD, which is more than enough for this setup. Even a 500 GB drive would work fine.

If you have more budget, you could:

Buy a Mini PC
Build a dedicated home server
At minimum, you need:

A machine that supports virtualization

🧰 Tools Used

Proxmox VE
Terraform
Basic Linux knowledge

🧠 What is Proxmox VE?

Proxmox VE (Virtual Environment) is an open-source virtualization platform based on Debian Linux.

It allows you to:

Create and manage virtual machines
Use containers (LXC)
Manage everything via a web UI
It’s a powerful and lightweight alternative to tools like VMware.

🌐 Networking Considerations

Before installing Proxmox, it’s a good idea to plan your network.

Your router assigns IP addresses via DHCP. To avoid conflicts, you should reserve a range of IPs.

Example:

  • DHCP range: 192.168.0.100 → 192.168.0.250
  • Reserved range: 192.168.0.2 → 192.168.0.99

During Proxmox installation, you can assign a static IP (e.g., 192.168.0.50).

💡 Nice Trick: Local DNS

You can add an entry to your hosts file:

192.168.0.50 myproxmox.lab

Now you can access:

http://myproxmox.lab:8006

Much nicer than using raw IPs.

🧱 VM Templates with QCOW2

Instead of manually creating VMs every time, we can use templates.

I created a script that:

Downloads a Debian image
Converts it into a Proxmox template
Prepares it for cloud-init

👉 Run it like this:

./create-debian12-template.sh 9000 local-lvm
This creates a reusable baseline for all VMs.

⚠️ Important

Make sure your template has:

qemu-guest-agent installed and enabled
This is required for proper VM communication with Proxmox.

⚙️ Provisioning with Terraform

Now comes the fun part.

Provider setup:

terraform {
  required_providers {
    proxmox = {
      source  = "bpg/proxmox"
      version = "~> 0.69"
    }
  }
}

provider "proxmox" {
  endpoint  = var.proxmox_host_address
  api_token = "${var.pm_api_token_id}=${var.pm_api_token_secret}"
  insecure  = true
}

Enter fullscreen mode Exit fullscreen mode

🔐 API Token Format

You can create the API Token using Proxmox VE UI

<user>@<realm>!<tokenid>=<secret>

⚠️ About insecure = true

This is used because Proxmox uses a self-signed certificate.

Better alternatives:

Add Proxmox certificate to trusted store
Use Let’s Encrypt

🖥️ Creating Control Plane VMs

Using Terraform, we define:

CPU / Memory
Network
Static IP
Cloud-init configuration
Each VM is cloned from the template and customized.

📦 Variables: The Real Power

All configuration is centralized in variables.tf.

This allows you to:

Scale nodes easily
Change resources quickly
Reuse the setup in different environments

🚀 Running Terraform

terraform validate
terraform plan
terraform apply
Then watch the magic happen in the Proxmox UI.

📄 Generating Ansible Inventory

Terraform also generates a ready-to-use inventory:

resource "local_file" "ansible_inventory" {
  ...
}

Enter fullscreen mode Exit fullscreen mode

This will be used in the next step when we configure Kubernetes with Ansible.

📦 Full Source Code

👉 https://github.com/PellizzoniCode/proxmox_terraform

🔜 What’s Next?

This is just the beginning.

In the next post, I’ll:

Bootstrap Kubernetes using kubeadm
Configure networking with a CNI plugin
Prepare the cluster for real workloads

👋 Final Thoughts

This setup has been a great way to:

Learn DevOps in a practical way
Experiment without worrying about cost
Build a solid foundation for Kubernetes
If you have any questions or suggestions, feel free to reach out — I’d love to hear your feedback.

Also, visit the original post with more details on my blog PellizzoniCode.NET

See you in the next one 🚀

If you found this useful, feel free to share or leave a comment — it really helps 🙌

此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。