After looking to upgrade my home IT infrastructure which is getting a bit of a headache to maintain, a friend of mine from #sh-hackspace recommended the folks at Hetzner for an affordable dedicated server, normally I would have shied away from such a solution due to the cost but in this case Hetzner really did seem to offer some great prices for a high spec server. They have a ‘Serverbidding’ system which is a Dutch auction (where the price goes down over time until someone buys it) where they have all their previously used servers up for grabs. Most of which are very affordable and high spec especially for such a low price.
So I took the plunge and decided on an i7-3770 server with 32GB RAM and 2x 3TB hard drives all for around 30 Euros a month, which equates to about £22 a month. It was a no brainer. After some initial problems with registering where they must have thought I was a suspicious character and rejected my order after providing my ID (which is a requirement for your first order with them), I had a little moan on their Facebook page and got everything worked out.
I have to say this system is impressive. So far I have installed VMWare ESXi 5.5 on the box so I can migrate some of my home virtual machines to it, and still have a ton of headroom on top of that to experiment with new things. Firstly this involved customizing the installation ISO to include Realtek NIC drivers to support the server (more on that in a future post). Hetzner do offer different NICs at additional cost, which works out around £9 a month for their ‘Flexi Pack’ which is required for all hardware upgrades, along with the price of the NIC itself which is around £18, I could have gone down this route but as it’s mostly for hobby use and I didn’t need official support, it wouldn’t have been cost effective. Hetzner also provide free use of their IP-KVM system for up to 3 hours to allow BIOS-level control of the server and with this, it also allows you to install a custom OS such as ESXi from my modified ISO file.
I did have to order an additional IP address though to use ESXi effectively on the server as the server itself requires a public IP (of which one is included with it) but then you also have to route all traffic from virtual machines through another one. I choose to go with pfSense as the firewall/router OS of choice as I’ve used it for many years at home and I am familiar with it. So I installed this and configured the MAC address of the pfSense VM to the one provided by Hetzner for the additional IP address, then it was just a case of setting up the interfaces in pfSense and I was ready to go.
There are some security considerations that cannot be ignored when running ESXi on a publicly-accessible server. Basically, it’s not designed to be. There are limited firewall options within the configuration but by default everything is open to the world, I will detail in my next post how I configured my server to be secure in this respect.