The Home Lab (Part 3)

In Part 2, I went over the hardware I have in my homelab, so in this article I'll document how I actually got things up and running.

(Full disclosure, I actually ended up breaking OKD pretty badly, moved to Harvester for a while, but got frustrated with Longhorn and this is my documentation for rebuilding using OKD, hence the months in between posts.)

Firstly, I stood up a VM on a non-K8S host I have kicking around (a mini PC) to serve as out-of-band command and control. The VM I stood up is running Rocky Linux 9 with SELinux set to permissive mode and FirewallD disabled as all of this is in a lab and behind firewalls, so if you want a more secure setup, you'll probably need to make some tweaks to configure FirewallD and allow some of the non-DNF installed software to play nicely with SELinux.

On that Rocky Linux VM, I installed DNSMasq to serve as the DHCP server for my Server VLAN (as doing PXE boots require custom DHCP flags) and adding iPXE to the TFTP server root directory. You can do this with wget -O /tftpboot/ipxe.efi http://boot.ipxe.org/ipxe.efi and wget http://boot.ipxe.org/undionly.kpxe -O /tftpboot/undionly.kpxe

I also grabbed the binary to set up a Matchbox server. While not really necessary (all of this could be hosted on just a basic Apache or NGINX server) I like having Matchbox present as I may extend this into my Kubernetes VM VLAN to allow for PXE installing an OKD cluster inside of VMs running on the bare-metal OKD cluster. Additionally, it's nice to be able to use Terraform to set up the iPXE setups for different hosts using Matchbox.

With iPXE "set up" I configured DNSMasq to serve up the iPXE loader:

DNSMASQ CONFIG

Finally, we start up the services we need to get things up and running: systemctl enable --now tftp.service dnsmasq.service