September 7, 20169 yr I have been using Unraid for quite sometime now, recently I bought a lot of new hardware so I can use unraid as a virtual host. My main question is, this all works GREAT locally at home, but I am going to be dropping this off in a datacenter an hour away. I will have ipkvm access, but will there be an easier way for me to manage this like how I can normally just type /tower in my browser at home? Just to add unraid will have a static IP at the datacenter.
September 7, 20169 yr You need to be sure the IP your box has been assigned is NOT directly mapped to the internet. The only safe way to do what you are asking is have your box behind a firewall and access it only through a VPN. Unraid is not designed to do what you have proposed.
September 7, 20169 yr Author So would you suggest my best route is ESXi pass thru? As you said "Unraid is not designed to do what you have proposed." I really want to be able to use unraid at a data center. Also the reason for data center move is my atrocious internet options where I live. ESXi was my original plan to begin with, however with 6.2 hypervisor changes, I really just wanted to stick to Unraid
September 7, 20169 yr I guess I wasn't clear enough. DO NOT allow unsolicited incoming traffic to access unraid's management interface port. Doesn't matter whether it's virtualized on ESXI or not. Other services that may be hosted on unraid can be allowed through the firewall on a case by case basis. For example, samba should never be exposed, but a docker running plex should be as secure as any other machine running plex, so you could allow it through. Telnet should never be exposed, the native FTP shouldn't be exposed, etc, etc. Other machines internal to the datacenter should be treated just like the internet in general, so no unfirewalled access there either. The home environment is bad enough, a datacenter is a target rich environment, so you have to be much more vigilant in securing stuff. Unraid is NOT designed to be used in a datacenter. Period.
September 7, 20169 yr Author Dare I say PfSense in esxi? That's my only other thought. I really want to get this to work, is there any personal recommendations you have on something similar to software raid that I could also use as a virtual host in a data center environment?
September 7, 20169 yr If you only get one box, and they are just giving you a public IP the safest option is ESXi with a pfSense and unRAID guests. Have a dedicated NIC for pfSense, a quad port gives you WAN, IPMI, ESXi/unRAID and a spare. Then you will only have issues if the whole system crashes, if unRAID has to be taken up/down you can manage that while keeping the pfSense and ESXi box online. Just make sure that ESXi is set to boot and start the pfSense VM before you leave it unattended. Then just VPN in to do any management tasks, if you are using Plex or some other dockers those can be passed out to public without any more concern than normal.
September 7, 20169 yr Author If you only get one box, and they are just giving you a public IP the safest option is ESXi with a pfSense and unRAID guests. Have a dedicated NIC for pfSense, a quad port gives you WAN, IPMI, ESXi/unRAID and a spare. Then you will only have issues if the whole system crashes, if unRAID has to be taken up/down you can manage that while keeping the pfSense and ESXi box online. Just make sure that ESXi is set to boot and start the pfSense VM before you leave it unattended. Then just VPN in to do any management tasks, if you are using Plex or some other dockers those can be passed out to public without any more concern than normal. I have 4 nic's and 4 separate network drops as an option. My main use will be for plex.
September 8, 20169 yr Author Are the drops separated? Say public or management? One is for the management switch, other 4 are for the 4 separate nic's with public static ip's. I'm testing this all locally first, I'm very familiar with pfsense, although I am not a fan. I am going to setup both guests, I just received my lsi raid controller I need to flash to IT mode, I hope I do not lose my data from the unraid I am migrating from.
September 9, 20169 yr If you have a management port that you alone can acess via VPN then I'd put the IMPI and the host NIC on that via a dumb switch if they'll let you. Then pass a two port NIC to pfSense (WAN & LAN): gets the WAN connection Then pass a one port NIC to unRAID (plugs into pfSense LAN) If they only give you one management port and it can only be used for IPMI then use ESXi virtual switch in to pass all your "internal" network data around, so you pass a virtual NIC to pfSense and unRAID, set pfSense to use the virtual as LAN and the physical NIC ports as WAN. Beyond the concept I can't really point you in the right direction for ESXi config as I only played with it for a day or three. If I'm not explaining this clear enough I can draw up a picture when I'm back from vacation.
Archived
This topic is now archived and is closed to further replies.