{{tag>linux docker VM Proxmox server vnc kvm libvirt selfhosted}}
======Docker Host ======
=====KVM versus Proxmox=====
I originally started using Linux [[https://linux-kvm.org/page/Main_Page|KVM]] based VM, with [[https://www.qemu.org/|QEMU]] and [[https://libvirt.org/|Libvirt]] on [[https://ubuntu.com/|Ubuntu]] bare metal, circa 2014, this before was I was aware that [[https://www.proxmox.com/en/|Proxmox]] existed.  Around 2020 I moved to [[https://www.debian.org/|Debian]] as my preferred bare metal distribution for server and desktop, I stopped using Windows as my main home desktop around this time. When I started playing around with Docker to create my own container images I preferred use of the [[https://www.alpinelinux.org/|Alpine]] distribution and where necessary using the [[https://www.skarnet.org/software/s6-rc/|S6-rc]] [[https://github.com/skarnet/s6-rc|init]] system.  I avoid the use of Ubuntu now as I find it bloated and some of their practices unpalatable, e.g. forced use of [[https://snapcraft.io/|Snaps]], requiring registration for latest package updates.  I see no point re-engaging with Ubuntu at this time, as the dissatisfaction that made me move are still there. Beside, I simply prefer Debian now, stable for servers and testing for main desktop.  I have been happily using [[https://xfce.org/|XFCE]] for about 7 year now as my main Linux desktop GUI (2024-04).

Interestingly as I understand it Proxmox uses Debian and Linux KVM VM, however they also provide a lot of additional functionally, such as nice web interface, nice VM backup, and LXC container system, as well as other functionality. 

I use nftables as my main edge router / firewall on bare metal. I could probably run this on a VM within Proxmox, but the Router hardware is not especially powerful and at this time I prefer to run the main firewall on bare metal.

I may try Proxmox in the future, there is currently no compelling reason for me to do so at this time.

As my old router became too unreliable to use circa November 2024, I have replaced.  ++My old router tl;dr|My previous router basic failed to operated reliably circa October 2024 had an Intel N3700 CPU, maximum 8GB ram, procured in 2016, which in 2024 is becoming slow to use, but did function well as a sub gb/s router.  I also run a VM with Docker containers for a backup Bind9 DNS and backup Kea DHCP on this machine.  As my current (WAN) internet speed is about 920Mb/s down and 90Mb/s up this router is still suitable for purpose. I suspect it will not be limiting until the available WAN speeds are above 1000Mbps. I replaced the router early 2025 with an Intel N305, this is much faster overall and can easily handle multi Gb/s internet traffic, as well as more complex resource intensive Docker instances.)++

My main home server is based upon an Intel Atom C3750 server, this is still currently adequately meeting my needs. I have upgraded with a 10Gb/s PCIe card.  My router as of 2025-01 is a i3-305 based machine, with modern 2x 2.5GB/s NICs and 2 x 10GB/s NICs, all RJ45 type with 10GB/S NICs able to operate reliably and low power at all main speeds down to 10MB/s.  I also still operate an older Intel Atom C2750 as a back-up server. This gets started by the main server once a week to run a Restic back-up with a Python script I wrote.

My main switch is a XikeStor SKS8300-12E2T2X.  This has 12x 2.5Gb/s RJ45 NICs, 2x 10Gb/s RJ45 NICs and 2x 10GB/s SFP NICS.  This allows me to connect my main switch and servers via 10GB/s networking. With the bulk of the other NICS rated up to 2.5Gb/s.  My main Atom C3750 server also has 4x 1Gb/s NICs.  I have 2 wireless access points Netgear WAX206 with upstream ethernet connections to the main switch operating at 2.5Gb/s and each with 4x 1Gb/s downstream ethernet connections available.  The Netgear WAX206 wireless access points are Wifi 6 rated which is sufficient for my current needs. I run OpenWRT firmware on these wireless access points as Netgear stopped supporting this hardware after only 3-4 years.  Suitable Wifi7 routers are still too expensive as of the writing (2025-12) to merit replacing the current access points.  At the moment these Wifi 6 access points connected via 2.5Gbe ethernet provide adequate performance, such that the cost to upgrade to Wifi 7 is not merited. One of the Wifi Access I use (in my study) requires additional Ethernet connections for printer and IPMI connectivity.  If I upgraded to a Wifi 7 access point at a minimum I would require a 10Gbe upstream connection with a 2.5Gbe and 2 x 1GBE downstream connection, preferable 10GBe upstream, 1x 10GBE and 2x2.5Gbe downstream, e.g TP-Link Archer BE800 or BE550Pro.



=====Setup VM=====
I use Linux KVM with libvirt, virsh and qemu.
  * Install standard Debian files. See [[https://wiki.kptree.net/doku.php?id=home_server:home_server_setup:kvm&s[]=libvirt#kvm_setup|kvm setup]]
    * I simply do not normally need a GUI. Where convenient I may separately install a GUI that can be accessed via VNC.  I often install on my main VM host, but not router host.
  * Add user to libvirt and libvirt-qemu, e.g. ''sudo usermod -a -G libvirt-qemu baumkp''
  * If you are ssh'ing into the host machine remember to add the ssh key to allow password-less login.  e.g. ''ssh-copy-id 192.168.1.21'' from the host machined where ''192.168.1.21'' is the remote machine.  If you do not do this the VM installer can ask for password continuously to the point of making use non-functional.
    * The user ssh keys are stored here ''~/.ssh/known_hosts''.  If there is a problem with ssh key have a look here.  
      * Check file permission is local user
      * Delete old key in file if necessary
      * Delete whole file if necessary
  * ''sudo apt install vim'' to install vim
  * Set static ip address and a bridge network (this varies on the install type)
    * For networkd:
      * ''sudo apt install bridge-utils'' KVM commonly uses a bridge network connection to access the host
        *The KVM virtual machine does not necessarily need a bridge network, but does usually need a static IP address
        *Docker does not specifically require a HOST with bridge 
      * ''/etc/network/interfaces'' 
++++source /etc/network/interfaces.d/*|
<code bash interfaces># The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
#allow-hotplug enp1s0
#iface enp1s0 inet dhcp

auto enp1s0
iface enp1s0 inet static
  address 192.168.1.2/24
  gateway 192.168.1.1         #Do not use on a router
  dns-nameservers 192.168.1.14 192.168.1.2  #Your LAN DNS server(s)</code>
++++

Note that Docker does not need to operate on a machine with bridge network, which affords some benefits with operating a KVM.
====Reference====
  *[[https://linuxconfig.org/how-to-use-bridged-networking-with-libvirt-and-kvm|How to use bridged networking with libvirt and KVM]]

A list of self hosted applications:
  *[[https://github.com/awesome-selfhosted/awesome-selfhosted?tab=readme-ov-file| awesome-selfhosted]]

<- docker_notes:index|Back ^ docker_notes:index|Start page ^ docker_notes:docker|Next ->