Like a terrible horror movie the lab has had its fair share of bad ideas and failed plot twists. I finally got tired of attempting to solve the puzzle of how to plug in 4 things to a single port and ordered a Cisco WS-C3560G-48PS for the half rack in the basement, freeing up the Cisco SG300-20 for the office. I can't see myself ever using 48 ports, but it seemed like I was always on the edge with the SG300 so this should be a good move. Also, now I have a "real" Cisco switch to test some of the ansible modules out finally.
It's been a while since I was a network engineer
While I was never super into the routing and switching side of things I did at some point know my way around the Catalyst switches fairly well. It's been close to a year now since I've done anything related to Cisco at work and it kind of showed a bit. So another slightly unexpected benefit of this switch is I get to brush up on my Cisco and maybe learn some new stuff along the way.
With this being a used switch and me being in a new house I got to play the fun game of is it my switch or the wiring. After re-terminating the cable that runs from the office to the basement a few times and swapping out the other patch cables along the way I realized the keystone jack in the office was not done correctly, so that was a fun several hours of troubleshooting and wondering if my new switch was bad (I had the uplink and several other ports showing as 100 Mbps instead of 1 Gbps). But it turned out of the supposedly bad ports, one had the bad keystone jack, the other was an idrac port which only handles 100 anyway, the third actually was a bad cable, and the fourth was a server not booting completely due to having removed an SSD during the move. So really the point here is deal with things one at a time instead of combining unrelated problems.
In any case now I have most of the network connectivity I could possibly want. The final step in the network game is to set up a WAN vlan and see if I can set up multiple firewalls on IPv6 or if I'll have to get a physical pfsense/opnsense box. Otherwise as before I've got the workstation, DMZ, and trust vlans. I guess I also need to add a management one so I can separate that out correctly. Hopefully we'll get everything off of vlan 1 and the home network for that matter. At some point I'll beef up the home network but at this point it can wait until I'm sufficiently bored with the lab.
Virtualization? I thought I was a Linux Engineer
Along with networking I largely left the world of virtualization as well. I mean I still do basic VM management on vmware and I've had the ovirt/libvirt stuff running at home. But in my focus on ansible/linux I've largely left behind the virtualization infrastructure. I've also kind of just figured vmware would get phased out in favor of AWS and Azure which will still probably happen, but not as quickly as I thought. So goodbye ovirt, hello vmware. One of the next major lab projects will be getting vmware going and seeing what new shiny things I've been missing out on. Really, one of the driving factors of this move is to test out ansible VM deployments in my search to ansiblize everything (seriously everything) at least until I find something ansible can't do.
How can you eat your pudding if you don't eat your meat?
The final big item on the list for the lab is getting the critical things up to a production standard. Adding HA, validating backups, monitoring, and routine maintenance are a few things that need to happen. After my adventures with the wiki cloning fiasco its time I separate testing from production (at least as much as possible). I also need to decide if I am going to expand my use of FreeIPA/LDAP (and finally fix my desktop sssd issues) or go back to the old standard of Active Directory (or just local credentials and ssh keys). Whatever the result, I want to be business grade (and not one of the cheap clueless businesses that are 1 step away from disaster).
Is this guy done yet?
This post ended up being a lot more broad and rambling than I initially intended. In the next few posts I'll go into the technical detail of the plans I outlined here and fun I get into along the way. I'll write up the play by play version of how things go as well as a polished how to doc.