HA Hosting

I’ve been hosting FOSS software for a while now and everything’s running on a single machine. There is no failover, no real separation, and so on. It’s been working fine and without issues and everything is simple and straight forward.

That said, I want to expand my hosting infrastructure and learn more about high-availability. From the research I’ve made, there are many ways to increase the availability of certain services. I’ll try to keep it simple for now and expand it over time.

For some testing, I’ve added 3 new servers to my infrastructure - the usual onboarding with Ansible but without the usual network configuration - instead, I plan to add a Wireguard Mesh VPN network for n nodes. A bash script creates the config, the keys and Ansible allows me to configure the rest on the nodes and start the service. I plan to make everything open-source at some point and write more about in an article.

Next steps are:

• creating a active/passive HA cluster with keepalived
• Container management with Ansible and Podman Quadlets

There will be some more challenges like storages, caching and stuff like this.

It’s been fun so far.

Honeypots.

An idea that’s still haunting me is honeypots. There are some solutions out there, but could I create something like this myself? Would this even a suited side-business idea?

I’ve spent the last days thinking about it and plan to create the first proof-of-concepts. The whole deal is still vague and the goal is not set, but I hope to get some insight with the upcoming PoCs and see what I can do.

As a site note: I think every company should invest in some kind of honeypot that detects port scans and other basic functions. Saved ‘us’ in the past.

So much more

There is so much more - been playing around with FastAPI, Ansible, Borg, rsync, Wireguard, Podman, and many more. Plan to be more active and publish more articles.

Good luck.