Docker Infrastructure

 

We’ve been using Docker hosts and Portainer to run various containerized applications in our Home Lab. Our applications have been hosted using a combination of our Synology NAS drives and our Proxmox Cluster.

Getting Started With Docker

The following video provides a good beginner’s overview of Docker and how to get started.


Getting Started With Docker

Architecture

We run our Docker infrastructure using our Proxmox Cluster and a stand-alone Raspberry Pi. We have a total of found Docker hosts in our setup. Three run on top of Ubuntu Server VMs on our Proxmox Cluster, and the fourth runs on a Raspberry Pi using Raspberry Pi OS.

Docker HostRealizationConfigurationHigh-AvailabilityNotes
Docker1Primary Docker Host on PVE18 CPUs, 32 GB Ram, 256 GB StorageVia Proxmox ClusterRun Traefik Rev. Proxy, Portainer, and many containers
Docker2Secondary Docker Host on PVE24 CPUs, 8 GB Ram, 64 GB StorageLoad shared container workloads, Primary PiHole DNS
Docker3Secondary Docker Host on PVE24 CPUs, 8 GB Ram, 64 GB StorageLoad shared container workloads, Secondary PiHole DNS
Docker4Secondary Docker Host on Raspberry Pi4 CPUs, 8 GB Ram, 256 GB StorageBackup DNSLoad shared container workloads, Auxiliary PiHole DNS
Volume StorageSynology HA Storage ClusterDual Synology NAS'; SSD storageSynology High-AvailabilityFacilitates Proxmox HA via shared HA storage and NFS

The Proxmox VMs utilize Proxmox High-Availability features to ensure that no single failure causes our Docker hosts to fail. We are also spreading the VM workload across our three physical servers to improve the capacity and performance of our Docker system.

Our Synology High-Availability storage system stores persistent volumes for our Docker system. This enables high-performance storage for our container volumes, allows for configuration file editing, and facilitates backups.

Docker and Docker Compose Setup

We installed Docker and the Docker Compose plugin on our Ubuntu VMs and used the convenience script procedure documented here.

The procedure for installing Docker and the Docker Compose plugin on the Raspberry Pi is covered here.

Mail Forwarding

Containers and other workloads need to be able to send mail. This procedure can enable mail forwarding from inside the host VMs.

Volume Storage

We use our shared high-availability storage pool as a location for persistent volume storage in Docker. This approach makes it easier to edit container configuration files and perform backups.

We access this storage via NFS mounts on our Docker host VMs. The following video explains how to set up the necessary NFS client on our hosts.


Set up NFS on Ubuntu

Here are some notes on our installation:

  • It’s essential to get the NFS permissions and user ID mapping correct on the Synology NFS server
  • We used the autofs approach covered in the video to our NFS share
  • We created a script to automate the setup of the NFS client and autofs

Traefik Reverse Proxy and Portainer

We have deployed a combination of Traefik as a reverse proxy and Portainer on our Docker infrastructure. Both of these applications are deployed via a combined Docker Compose .yml file.

The procedure for deploying Traefik is covered here. The steps to add Portainer are covered here.

CrowdSec

CrowdSec provides community-based security. It works alongside our Traefik installation to detect and remediate security events.

The procedure for deploying CrowdSec is covered here.

Anita's and Fred's Home Lab

WordPress Appliance - Powered by TurnKey Linux