Creating a LAN-only VPS

Every homelabber goes through the same process. We start with testing and learning, and then it becomes a production machine with multiple people depending on it. This means we have to get serious with having a testing area and then push changes to production, like real IT folks, even at home.

I have been looking for a simple way to spin up a virtual machine for testing and then destroy or migrate it when I’m done. Folks often use a VPS for this type of work from someplace like Digital Ocean or Linode. Using Debian and Cockpit, I made a simple interface for spinning up new virtual machines to test new apps, services, and configurations in my homelab.

Uncomplicated testing area

I asked on Mastodon a while back what other folks do for testing and I got some (expected) complicated answers. Lots of Proxmox with Ansible.

I would consider something like this if I was in the IT industry. However, I am a simple landscape contractor who likes to play with computers. I have no use for Ansible, Kubernetes, and Proxmox clusters. Awesome for the people who want to learn those things. Its just too much for me.

For this build I opted to stick with what I know. I know Debian. I know QEMU. I know Cockpit.

Choosing dedicated hardware

An option for this build was just to stick with running virtual machines on my desktop. I don’t want to turn on my desktop every time want to test something in a VM. My desktop is power hungry and noisy. I also want to access the VM from multiple devices. I spend a lot of time working on the back patio (where I wrote this post, on a Chromebook, in Nextcloud in the browser), on the couch, or in the garage, and I don’t want to limit myself to only testing while sitting at my desk.

I could also configure my primary server for testing. I eventually decided I wanted my testing area to be completely separate. My primary server is holy ground. I don’t touch anything until I know I’m ready. I have good backups, but I do my best to have a little downtime as possible. What is running on there is, at this point, critical infrastructure for my house. I am also highly organized and don’t want miscellaneous files hanging around on the server while I test, even old qcow files or distro ISO’s.

For this project I am using dedicated hardware. Now that my son has graduated High School, he gave me back a mini PC he was using that was dedicated for school so he could keep his personal and educational lives separate. So, I am using an iKoolCore R1 with 8GB of RAM and a 128GB SSD. I figure I can create up to 4 virtual machines at a time on this device, giving each 2GB of RAM and 20GB of storage, which is similar to what you would get for a low cost VPS.

A bonus is it only uses 15 watts and will cost $22 for the whole year to run. It is also a low enough wattage I can factor it into my future plans to run my homelab completely off of solar.

Configuring the stack

I use Debian for all my servers. I have a simple Debian configuration with a few tools I prefer to use, then using kvm + qemu for the virtual machines.

Virtual machines

Linux has had amazing virtualization for decades. I have spent a lot of time with kvm and qemu and feel comfortable enough using it on a regular basis. I know lxd exisits, it is not for me.

VM networking

It is important to me that each VM gets its own IP address. I want to test like it is a bare metal machine and having its own IP address is a key component. I’m not going to list the how-to on configuring kvm to using a bridge device and get a new IP address for each VM as there are plenty of guides out there. However, if you ask, I will happily send you my configuration notes.

Simplify creating new machines

To make it as easy and as fast as possible, I created a QEMU virtual machine that is configured exactly the way I prefer my servers. I set it up with a dedicated ssh key, tools and utilities I like to use, and imported all my dotfile configurations. Then, for each new machine, I simply clone this first machine, change the IP address, and away I go. It takes about 2 minutes for the cloning process and then I’m off to the races.

Web interface

This is going to sound ridiculous, but I love using the web browser for everything. I want web frontends for everything I run in the lab. Doing this makes everything significantly more accessible and breaks down a lot of barriers to getting started. I don’t need to configure some app, I simply go to a URL and boom.

As I mentioned, I also like to work all around the house, particularly with my Chromebook. When not using the Chromebook, I love to use the Android desktop mode (or Dex if I have a Samsung device) for a low-powered, single screen EDC device.

From these devices I could ssh into the iKoolCore and run some virsh command to get a VM going. Yet, it is so much easier and much more fun to do it from the browser.

Using Cockpit and the cockpit-machines addon, I can clone, edit, and work in the VM from any browser on my LAN. There is even a VNC viewer so I can access the console for the VM in the browser.

Is it necessary? No, probably not. Is it awesome? Yes!

I have Cockpit sent through my reverse proxy, limit to only my LAN, and even have 2FA on the login.

How its going

Other than verifying everything works, I haven’t used it much. One of the reasons I love this setup is I can import VMs I have running other places and work non-destructively. This way if I bork something up I did it on a clone on a separate machine.

This is what I am currently doing. I have a VM from my primary server and I am making edits to it before making those edits on the production version.

Its nice.

- - - - -

Did you like this post? Give it an upvote by clicking on the arrows below! Sending me an upvote is like you and I giving each other a high five.

🙏 😎

If you enjoy the random stuff I write here, post to Mastodon, or watch on YouTube, and are feeling generous, I am open to tips of Ko-fi.