Ask HN: Homelab projects to learn Linux admin and DevOps to get hired as one?

21 pointsby shivajikobardan6 months ago

I'm purchasing a mini PC soon(3-4 months) as I don't have any personal device as of now for labbing. Till then I want to make a list of project ideas to work on that will enhance my resume as well as give myself a point to talk about in interviews regarding system administration or devops engineering.Start With A Static WebsiteHost A Dynamic WebsiteHTTPSImplement Basic Auth.implement monitoring solutions like naemon, graylogimplement alerting solutions(Learn email server as a bonus)glusterfs, nfs/efs, ceph, borgDo all these withmanual instructions from command lineautomated with bash scriptingConfiguration Management Tool(Ansible)DockerKubernetes

8 comments

aos6 months ago

This is what I used when I first learning: <a href="https://serversforhackers.com/" rel="nofollow">https://serversforhackers.com/</a>For a really good practical project: build a website, then host it on your mini-PC and find a way to expose it to the internet. This will teach you a lot about DNS, proxying, building websites, managing the server (via some config management or container), monitoring, etc.

评论 #42263775 未加载

评论 #42265724 未加载

herbst6 months ago

Sounds fun. What kind of mini PC are looking at? I am a big fan of used Dell wyse 5070 devices you find from $70, native Linux support, rather big community (easy to Google). Running one as a server and one as an mobile PC even.One thing I would consider earlier is virtual machine hosting. Making it easy to setup, test, build and destroy a system without consequences. Virtual machines (and docker container, and more) are easy to setup and manage trough 'cockpit' and you can learn the command lines later when you need it.Imo there is no point going directly into Industrie tools (kubernetes, docker, anisble) it may is better to first learn why they even exist by building systems the traditional way.

评论 #42266322 未加载

js46 months ago

This is a great way to learn!Look into Proxmox(<a href="https://www.proxmox.com/" rel="nofollow">https://www.proxmox.com/</a>) for setting up your own ec2 like VM platform. This makes it pretty easy to experiment with setting up and running different services on the same box in an isolated way. Practice things like setting up a VM with a GPU passthrough and then running gpu enabled docker containers on the VM.Also look into getting a Hetzner server and setting up site to site Wireguard.FWIW you don't really need to buy a mini pc. You will learn more by doing a build. The great thing about doing something like this is that you can get old data center parts for cheap. Ex: pickup a server motherboard (maybe a SUPERMICRO X9DRI-F), CPUs, and RAM on ebay for < $300. Then put everything into a used server case with a new PSU and you can do everything for $500 or $600. This setup will have more resources then any off the shelf thing you can buy.

评论 #42266411 未加载

评论 #42266302 未加载

3np6 months ago

General advice not necessarily optimized for hirability:First thing you do: Get another one of what you're already getting.That way you can actually run "production" and host stuff while you can experiment and play around fearlessly without breaking prod. You'll also have a spare on hand in case of hardware failure etc.Second, do at least basic separation of networking right away. Get a $10 switch and separate subnet instead of piggybacking on your home LAN.Then, get comfortable with virtualization (qemu+kvm) and figure out a way to automate image your image builds and deployments.Automate backups early. Start simple and iterate over time.

abhiyerra6 months ago

I found the way I learned was to install these technologies but also write my own apps that take advantage of them. This way you aren’t just playing with the technology but can also make insightful recommendations to others on that technology’s limitations.

lakomen6 months ago

I find the basic Linux stuff is learning by doing and reading docs, using search and asking around.Docker has docs and also searchable examples and blogs.But k8s is an IMHO artificially fenced off area. No matter where I ask, I receive no response or am met with arrogance and elitism.I can't even get the simplest thing answered, which is "what is the minimum required setup for k8s, if not using a hosted solution? I plan to use 3cp 3w nodes and utilize all resources available. Do I NEED external storage, do I NEED an external load balancer or can I use DNS-LB?"Official k8s forum - zero response. Reddit k8s - zero response and downvotes Home operations Discord - zero responseIt's like this little well kept secret only select few have access to.The documentation is also not clear on that subject, because I believe the big companies like Google and Amazon want to sell you their k8s offerings, which are super expensive, over 2k per month for a 5 node cluster are you kidding me

评论 #42267803 未加载

评论 #42264403 未加载

ml_more6 months ago

I'd buy a mini PC on craigslist for $100-200. You can usually get one with 16gb of ram and i5, a 500gb ssd for that. Install a debian based linux on it (ubuntu is very common and common is good for training) Be sure to get one with the power adapter if you go ebay.Configure it fresh from install using ansible. Prefer ansible built-ins when possible. If you're calling shell scripts you're probably doing it wrong. Create named user accounts and create keys for that user. grant your named user sudo nopasswd and disable password login. Named users are preferable for security audit purposes. ("Shit who logged in at 2PM on tuesday and deleted critical resources?", "dunno it was the 'ubuntu' user", "great I wish we logged in as ourselves so we at least had some way of knowing who's account got compromised") Learn how to troubleshoot ssh login problems (-v), did you know that you can't log in if the permissions on the authorized keys file are wrong?Enable and configure unattended-upgrades. Learn how UFW works and learn how to show iptables rules. Learn how to check which services are running, which are listening, which tcp connections are active. Learn how to write a systemd start/stop script (it's like 5 lines, super easy) Learn how to tail and grep logs to diagnose problems. Learn how to use find and grep.When using ssl you'll probably use let's encrypt and you'll probably want to renew automagically with certbot and dns verification.Create an elk stack, ship some logs to it. (maybe loki too) Hold off on k8s for now. It is advanced and you're wasting your time and your most precious resource (your ability to work through frustration) if you beat your head against it too early. When you learn k8s assume the cluster is already set up and learn to deploy a single service (there's minikube and k3s for this sort of thing). Anyone running k8s already has a lot of k8s skills (or they shouldn't be using k8s to begin with). Contribute in other ways. If they don't have a lot of k8s skills and they're using it 1) they don't need a junior, they need a senior and 2) they need to get onto something simple and easy like ecs. And if they already screwed up that bad they probably need to move to heroku. (but i digress)Run through some command line practice, learn awk, sed, the general way commands are structured (command, options, arguments). Learn to chain commands. Learn vi (did you know you can call arbitrary shell commands?). Learn how to replace lines in config files with sed, learn how to concatenate content to the end of a file, learn how to do that for a file owned by root (hint, look into tee)Learn how to deploy code with github actionsLearn Terraform Take the free online AWS solutions architect training courses and begin taking practice exams. The other clouds are clones. Azure with a preference for active directory, ghoogle with a preference for unnecessary complexity and pedantic bullshit.Skip configuring a mail server, if you're doing that you're probably doing it wrong. (hint, you'll be hitting a mail sending service. Several of the small ones have a free tier which is great for learning). You'll need some more info here but you can search it up.When learning bash scripting focus on readability and maintainability. The Google style guide is a great reference. <a href="https://google.github.io/styleguide/shellguide.html" rel="nofollow">https://google.github.io/styleguide/shellguide.html</a> In bash there are 5 ways to do something, the best way is the most readable way. The person who thanks you may very well be yourself.While we're on the topic, Google's SRE book is free online and epic. Learn the section on postmortems backwards and forwards. If you got a job and only brought the google postmortem template and culture with you you could improve nearly every company in the world. Same with improving their code testing and deployment. Same with doing simple cloud security and cost accountability tasks (like reviewing network perimeter and cost control suggestions in trusted advisor, finding unpatched servers and patching them, resolving dependbot vulnerability notices, etc.)

JSDevOps6 months ago

<a href="https://www.reddit.com/r/homelab/" rel="nofollow">https://www.reddit.com/r/homelab/</a>