Unlocking Efficiency: Why Proxmox is my Virtualization of Choice

Published by Javier Nevado on

Introduction:

As the VMWare-Broadcom storm continues, business keep looking for ways to transitioning to new virtualization platforms, which involves more than just a software change—it’s about adapting to new architectures, overcoming technical challenges, and making strategic decisions that align with long-term business goals. Oddly enough, I found myself in a similar situation and had VMWare in mi sights after long struggle with Windows Hyper-V. So, today I’m writing about my journey from conventional platforms like VMware and Hyper-V to Proxmox VE, in the hopes that it will help some of my fellow technical readers, offering a roadmap for others considering a similar shift.

A Strategic and Technical Decision

The move to Proxmox was driven by the need for a more flexible and cost-effective solution that could accommodate the complex requirements of my home lab, which mirrors small to medium-sized business setups. This is especially true for “critical” around the clock support for demanding “Netflix” binges and low latency “Fortnite marathons” from my teenager. The last thing I want after long days of technical issues and support is having the same complains at home, while I try to deploy my own technical labs.

The key was to find a platform that offered advanced networking capabilities for secure workload segregation, minimal performance overhead, since I don’t really have that much budget to buy top-of-the-line servers, and robust disaster recovery options—without the steep costs associated with commercial virtualization solutions.

Architectural Challenges and Solutions

Networking Complexity:

One of the first hurdles was the intricate setup of VLANs to ensure proper network segregation between various workloads, such as “production” workloads related to my own business (CRM, secure storage, web servers), family network (Media Servers, Minecraft servers, Storage vault and centralised device management), and my “non-trusted” cybersecurity labs, where I perform testing and learning. The challenge was to migrate from my old Cisco ASA, already long out of support and really struggling to keep up, implement this within Proxmox’s networking framework, which, while flexible, required a good understanding of VLAN tagging and interfaces.

Solution:

By leveraging Proxmox’s integrated VLAN support and combining it with an OPNSense virtual appliance as a routing layer, I established a comprehensive networking setup that ensured robust security and efficient traffic management—critical for any business concerned with data integrity and protection.

High-Availability and Disaster Recovery:

Ensuring business continuity was another critical concern. Initially I only had one server available, and managed to secure a second workstation, with less resources. This second workstation and the fact that Proxmox clustering is really low on requirements was a key factor in the decision. The initial two-node cluster setup posed a challenge, especially since adding a new node to an existing cluster required it to be free of any VMs or containers and I had migrated some workloads around to try to optimise my storage. That was a lesson learnt and something to look for in the future.

Solution:

This limitation emphasized the importance of strategic planning in cluster expansion and underscored Proxmox’s capability to support high-availability setups. The integration of Proxmox Backup Server on a less powerful secondary server provided a resilient disaster recovery mechanism, ensuring business operations could be swiftly restored in the event of a failure.

Performance Optimization:

Maximizing the performance of aging hardware while ensuring reliability was another significant challenge. The goal was to achieve a balance between performance and stability without substantial investments.

Solution:

Implementing a software RAID with SATA drives and adding an SSD for caching within the main server effectively boosted performance. SATA drives are really inexpensive for each terabyte, but are not extremely fast. The addition on the caching layer using a single SSD made the servers much more responsive. The use of Linux Containers (LXCs) for lightweight virtualization further optimized resource utilization, allowing for rapid deployment and scaling of services—a crucial factor for businesses aiming for agility and efficiency.

Closing thoughts:

The transition to Proxmox VE, while initially driven by personal needs, uncovered a wealth of strategic and technical considerations applicable to business environments. From complex networking setups and high-availability configurations to performance optimizations and disaster recovery planning, Proxmox offers a versatile platform that can meet diverse business requirements. For leaders and decision-makers in the business and IT sectors, understanding these architectural challenges and solutions can provide valuable insights for informed virtualization strategy development.

Running solutions

Of course this article would be a bit “vague” without providing a description of the kind of services I run in my now multifuntional cluster. So let’s dive in:

  1. Proxmox Backup: Can’t stress how much peace of mind I have knowing I have recent images and backups of all my worloads and data. Including some critical information regularly uploaded to the cloud “cold” tier storage.
  2. OPNSense: Amazingly simple virtual router forked from pfSense with incredible strong plugins and community support. Includes multi-wan capabilities with load balancing, VPN with support for Tinc “full mesh VPN”. SD-WAN based on Zero-Tier, IDS, IPS MFA and so much more…
  3. JellyFin Media Server: On top of having to cater for Netflix and other streaming services, I also host an extensive collection of old DVDs, now fully independent of their physical form.
  4. Unifi Network Application (Linux): Managing my Access Points, Guest WiFi and secure and segregated “teenage proof” network.
  5. Minecraft Bedrock Server: My kids love to play it, and it’s great that they can continue enjoying without the need of any of them to actually host the game (I also run frequent backups to recover when they “really mess it up”)
  6. WordPress: I host a few testing sites on wordpress
  7. Nginx Proxy Manager: No more need to expose extra ports, just manage the DNS and point to the right service. Including letsencrypt SSL certificates, worry free!
  8. Invoice Ninja: A test instance of the popular business management invoicing. Also Open Source and a great way to start any small business.
  9. Trillium Notes: Awesome platform to take notes in linux and Windows
  10. phpipam: managing IP spaces for my network and some of my customers. Partial CMDB, probably will migrate it to a more advanced solution.
  11. Heimdal Dashboards: Grew tired of having too many bookmarks in all my browsers, so I have a dashboard pointing to all my services both Cloud and On-Prem
  12. Rancher and Kubernetes: Playground for cybersecurity and penetration testing.
  13. Windows 11: A couple of Windows VMs for day to day workloads and Office work when I’m not on the “go”. One running on Insider Preview channel.
  14. Windows Server: Test box for migration workloads and SQL infrastructure when required.

Suffice to say that I’m looking to stretch my home setup beyond what it currently does. Looking further into LXC, Linux and Open Source software it’s really a great strategy to optimise business expenditure. And for those looking to expand their technical knowledge, I’ll be looking into Kubernetes clusters and highly available infrastructure in the coming future.

Categories: Digital TransformationEnglishInfrastructureOpen SourceRecent NewsStorytellingStrategyTechnicalUncategorizedVirtualisation
Tags:

Related Posts

IT and M365 review
Digital Transformation

Free M365 and Computer Health Check

Unlock Efficiency, Improve Security and Save Costs In today’s competitive business landscape, staying ahead means leveraging every tool at your disposal to boost efficiency and cut costs. As technology consultants, we understand the unique challenges Read more…

Business Inteligence

Robust ICT Risk Management for DORA: CEO’s Guide

Effective ICT risk management is essential for DORA compliance and organizational resilience in the digital financial sector. This guide highlights the importance of confidentiality, integrity, and availability of financial data, and provides strategies to overcome common challenges. A case study demonstrates significant benefits from a comprehensive ICT risk management framework, emphasizing the strategic imperative for CEOs.

A modern office setup showing digital devices to represent digital resilience
Business Inteligence

DORA Readiness Tool for SMEs: Your Compliance Guide

The Digital Operational Resilience Act (DORA) will revolutionize digital resilience in the EU's financial sector by 2025. Financial SMEs must adopt strict ICT risk management, incident response, resilience testing, and manage third-party risks to comply. Learning from past non-compliance fines, firms should use the DORA readiness checklist and seek expert guidance to meet DORA's requirements and ensure future success.