Switching from cloud-VMs to a root-server

Today, everybody is talking about the cloud. In this article, I want to describe why I migrated my whole server infrastructure from cloud-VMs to a dedicated root-server.

My old infrastructure

I'm a big fan of hosting services myself when possible. I used to use some smaller Hetzner-VMs for that. But gradually, I discovered more and more disadvantages to that setup:

  • Every VM has its public IP address and thus potential security risks.
  • The setup was quite expensive (~25€ / Month for 12GB RAM and 6 virtual CPU-cores)
  • Very little HDD space (20-40GB per VM)
  • The setup was done entirely by hand (and thus very hard to restore in the case of a system outage)

The new infrastructure

My Friend Patrick om22.de and I ordered a dedicated root-server from Hetzner. Its technical specs are:

  • AMD Ryzen CPU with 6 cores (12 including hyperthreading)
  • 64GB of RAM
  • 2x 512GB NVME SSD (configured as RAID 1, so 512GB in total)
  • We installed Proxmox on the server so that we could easily create our own VMs on the server.

All my VMs are running on Centos 8 Linux.

Networking

The host server tunnels all ingoing traffic to my IPv4 address to my firewall/proxy VM. From there, it's forwarded to an application-VM, depending on its hostname. All application servers can reach the internet via this VM due to a Firewalld NAT-rule.

Monitoring

In my old setup, I used Icinga2 for monitoring. I switched to CheckMK for my new setup, just because of its simplicity and automatic service discovery.

Provisioning

I provisioned the new setup using Ansible. This would allow me to switch very fast to another provider, if necessary.

Backups

I use Borg-backup to backup important files to a backup-VM. I use rsync to copy the backup to my local RAID periodically.

Services

I self-host the following services:

  • My homepage mrupp.eu
  • ShareLaTeX for document management
  • Radicale for calendar syncing
  • Meemo for note-taking
  • Miniflux for reading RSS feeds
  • My location tracking (see this post)
  • Some small personal projects

I'm planning to host in the future:

  • Some sort of password management
  • Gitlab