Homelab Infrastructure Documentation

A comprehensive home lab infrastructure setup using vSphere, BOSH, Kubernetes, and modern cloud-native technologies.

Get started now View on GitHub

Overview

This repository contains infrastructure-as-code configurations for a production-grade home lab environment featuring:

Compute: 3x Intel NUC6i7KYK (upgrading to MINISFORUM MS-A2)
Virtualization: VMware vSphere with ESXi
Container Platform: Tanzu Kubernetes Grid (TKG/TKGs)
Container Registry: Harbor
CI/CD: Concourse
Storage: Synology DiskStation DS918+
Networking: Ubiquiti UniFi with NSX-T

🚀 2025 Upgrade Plans

The homelab is undergoing a comprehensive upgrade to modernize infrastructure and support advanced Tanzu workloads:

📋 Complete Upgrade Strategy

Investment: ~$3,850 over 4 phases Performance: 4x compute capacity, 10G networking, 16TB+ storage

Phase-by-Phase Guides

🔌 10G Network Upgrade - USW-Aggregation deployment and VLAN design
💾 Synology Storage Upgrade - DS918+ expansion to 16TB with redundancy
🏗️ Rack Infrastructure Setup - DeskPi RackMate T1 professional organization
🖥️ MS-A2 Migration Guide - Intel NUC to AMD migration strategy

Timeline

Q1 2025: Foundation (rack infrastructure) ✓
Q2 2025: Network and storage upgrades
Q3-Q4 2025: Compute platform migration

Quick Start

Prerequisites

vSphere cluster with ESXi hosts
BOSH CLI installed
kubectl and Tanzu CLI
Access to required networks and certificates

Core Services Deployment

Deploy BOSH Director:
```
cd bosh
./create-director.sh
```
Deploy Concourse CI/CD:
```
./create-concourse.sh
```

Deploy Harbor Registry:

cd k8s/harbor
kubectl apply -f values-day0.yaml

Deploy Kubernetes Clusters:

cd tanzu
tanzu cluster create -f tkg-cluster-1.yaml

Architecture

Network Infrastructure

┌─────────────────────┐
│   USW-Aggregation   │ (10G Core Switch)
│   (Office)          │
└──────┬──────────────┘
       │ 10G Trunk
┌──────┴──────────────┐
│   Garage Switch     │
│   (Existing)        │
└─────────────────────┘

VLANs:

VLAN 10: Management
VLAN 20: vMotion
VLAN 30: Storage
VLAN 100: TKG Workload
VLAN 110: TKG Frontend

Hardware Specifications

Current Setup (3x Intel NUC6i7KYK)

CPU: Quad-core i7-6770HQ
Memory: 64GB per host
Storage: 250GB NVMe M.2 SSD per host
Network: 1x built-in NIC + 1x USB Ethernet adapter

Planned Upgrade (3x MINISFORUM MS-A2)

CPU: AMD Ryzen 9 7945HX (16C/32T, up to 5.4 GHz)
Memory: 32GB DDR5 (expandable to 96GB)
Storage: 1TB SSD + 3x M.2 slots
Network: 2x SFP+ 10G ports + 2x 2.5G LAN ports

Documentation Structure

Public Documentation

2025 Upgrade Plans - Comprehensive infrastructure upgrade strategy
Technical Guides - Tutorials and setup guides for various technologies
Environment Setup - Initial setup and configuration guide
Architecture Overview - High-level system architecture
Technology Decisions - Technology selection rationale
VPN Setup - Remote access configuration
System References - Command references and troubleshooting guides

🔒 Protected Documentation

Operational details, configurations, and sensitive information requiring authentication. Direct Access to Protected Content

Source Code & Configurations

BOSH - BOSH deployment manifests and configurations
Kubernetes - Kubernetes applications and cluster configurations
Tanzu - Tanzu Kubernetes Grid configurations
NSX-T - NSX-T network virtualization automation
Scripts - Installation and management scripts

Key Components

BOSH Platform

Director: Central deployment and lifecycle management
Concourse: Automated CI/CD pipelines
MinIO: S3-compatible object storage
Harbor: Enterprise container registry

Kubernetes Platform

TKG Clusters: Production and development clusters
Knative: Serverless workloads
Contour: Ingress controller
Cert-Manager: Certificate automation
Build Service: Cloud-native buildpacks

Network Infrastructure

NSX-T: Software-defined networking
Load Balancers: HAProxy and Contour
VLANs: Segmented network architecture
DNS: Automated DNS management

Security

Certificate Management: Automated certificate generation and rotation
RBAC: Role-based access control across all platforms
Network Segmentation: VLAN-based network isolation
VPN Access: Secure remote access to lab environment

Monitoring & Operations

Health Monitoring: Built-in BOSH health monitoring
Metrics: System and application metrics collection
Logging: Centralized log aggregation
Backup: Automated backup procedures for critical data

Development Workflow

Code Changes: Push to repository
CI Pipeline: Concourse automatically builds and tests
Container Build: Build Service creates optimized containers
Registry Push: Images pushed to Harbor registry
Deployment: Automated deployment to TKG clusters

Contributing

Fork the repository
Create a feature branch
Make your changes following existing patterns
Test thoroughly in a non-production environment
Submit a pull request

License

This project is for educational and home lab purposes. See individual component licenses for specific terms.