header image

One of the first goals for Fjordtek was setting up a basic cloud environment for clients to use. Security in mind, the network connections must be encrypted and trusted which is why self-signed certificates were out of question, not talking about plain HTTP connections.

Table of Contents

Selected cloud services

Basically, two open-source cloud environments were deployed: Apache CloudStack and Nextcloud. OpenStack was tested and successfully deployed but I ended up to CloudStack instead.

Basic server needs

Fundamental need for each network-based service is physical or virtual server(s), either your own or one(s) running in a datacenter (with loadbalancer).

On a traditional configuration, a single or multiple physical servers with a working WAN connection lay out the basic frame for your network services.

From this starting point, I started building up my single node Nextcloud & CloudStack servers.

  • Nextcloud is a scalable SaaS cloud service which you can read more about on here.

Rather than focusing on very technical configuration details, I focus more on my general Nextcloud & CloudStack setup on this post. In full scale, these platforms offer great possibilities for both clients & system administrators.

Server stack overview

On my very limited computer pool, I ended up using two computers as servers. One desktop computer (case: Zalman GS1000 Full Tower), and one laptop computer. Why? Keep reading, reasons are explained below.

post image
Very simple server stack for a cloud environment. Laptop? Yes, now acting as a CloudStack server. The other one is for Nextcloud. These systems can operate independently - almost.

Nextcloud server

Requirements for Nextcloud server are quite low. In a very limited environment, you can use a Raspberry Pi to run it. However, I though a larger server (in terms of storage capacity & overall speed) would better fit my requirements.

Physical setup

The physical Nextcloud setup consists of the following main components for a single node:

ComponentModelCount
PSUSeaSonic SS-HM700 Active PFC F31
MotherboardAsus M5A99X EVO R2.01
CPUAMD FX-83501
Case fan 120mmNoctua NF-S12-1200 & -2
RAMKingston KVR13N9S8/4 (4GB)1
6.0GB/s SATA cable-6
eSATA cable-2
USB stickKingston DataTraveler 4GB3
MicroSD cardSamsung 64GB Micro SDXC EVO Plus card1
MicroSD to SD adapterSamsung -1
SD to USB adapterEye-Fi USB Card Reader1
1.5TB HDDSeagate ST31500341AS4
3.0TB HDDSeagate ST3000DM0011
4.0TB HDDSeagate ST4000DM0002
6.0TB HDDWestern Digital Red WD60EFRX1
Cat5e ethernet cable (Full duplex)-1
Headless setup: No GPU card or integrated GPU

Bootloader & filesystem

A custom operating system partition layout is used on this server configuration. syslinux bootloader is installed on a 4GB Kingston 2.0 USB stick, which fires up operating system on Micro SDXC card. This was done mainly to circumvent limits of the motherboard (Asus M5A99X EVO R2.0) which doesn't support directly booting up an operating system from a SD card. Initial RAM disk image (initramfs) was customized to support SD cards on initial booting phase. This was necessary modification unless alternative fallback image was used as a default boot option (fallback image preloads all drivers). If not done, SD card and partitions in it couldn't be found in the initial booting phase, thus failing the whole boot process.

Due to it's minimal size, little overhead and configurability, I installed headless Arch Linux operating system on this server.

post image
On a test setup, operating system and everything required to run the server software was installed on a Samsung 64GB Micro SDXC EVO Plus card (via adapters as seen). Reliability and speed of this setup for server usage is questionable, but I did it mostly for curiosity and gaining more experience about this kind of setup and how it practically works out. It is easy to move the operating system out from this SD card to more reliable and faster (in terms of I/O speed) mass media storage, such as NVME/SSD, SSD or HDD, if ever needed.
post image
4GB Kingston USB 2.0 sticks are used for two purposes: 1) one stick has a bootloader partition to fire up operating system on the Micro SDXC card. 2) Two other sticks both have SWAP files in their single partitions. Be aware that this may not be a good idea in long-term because increased I/O operation count, eventually wearing out the sticks. I did mostly because of curiosity, but you should use proper SWAP partition and mass-media for SWAP. It is recommended to re-configure kernel parameter vm.swappiness for this setup.

Update

Issues with the bootloader + SD card

After having run the server couple of weeks now, I have noticed that operating system fails to reboot occasionally with USB bootloader + SD card configuration. I have decided to replace the SD card with proper SSD mass media as a long-term solution.

Storage

post image
HDDs used in the server. These HDDs are old and should be replaced to ensure reliability of the service. However, they offer enough capacity (23 terabytes in total) for short-term testing purposes.

Nextcloud installation & configuration

Nextcloud installation is quite trivial by following valuable resources such as Nextcloud official documentation and ArchWiki - Nextcloud. The basic installation can be done under an hour, and depending on your server/network environment + needs, more advanced configuration steps must be taken in.

My Nextcloud installation is fully integrated with pre-existing SSO and OpenLDAP user authentication solution. Additionally, storage shown above is fully integrated in my Nextcloud installation.

post image
Accessing services requires a valid SSO authentication provided by user.
post image
After successful SSO authentication user is asked to authenticate against valid LDAP account to access his/her personal Nextcloud services.
post image
Initial web-browser view for a new Nextcloud user, ready to use services provided by the platform.

CloudStack server

CloudStack requires a hypervisor-capable computer. CPU of this computer must provide support either for AMD-V or for Intel VT-x hardware virtualization solution. Other hardware requirements include minimum of 4GB of RAM & a lot of storage capacity (depends on whether you install CloudStack management server on the same computer). Official requirements are listed on official Apache documentation.

I have many computers available. However, basically my primary laptop was the only one which provided hardware virtualization capabilities required by CloudStack. Thus, I ended up installing CloudStack on my laptop, using a 2.5” 500GB hard disk (Seagate ST9500420ASG).

Physical setup

The physical CloudStack setup consists of the following main components for a single node (Clevo N950TP6 laptop):

ComponentModelCount
CPUIntel(R) Core(TM) i7-8700 CPU @ 3.20GHz (Desktop processor)1
GPUIntel UHD Graphics 630 + Nvidia GeForce GTX 1060 6GB GDDR51
RAMG.Skill F4-2400C16D-32GRS (16GB)1
StorageSeagate ST9500420ASG, 500GB1
NICEthernet, Realtek Semiconductor Co., Ltd. RTL8111/8168/8411 PCI-E controller1
NICWireless, Intel AC-9260 (disabled)1
Cat5e ethernet cable (Full duplex)-1

Filesystem

CloudStack was installed on a basic CentOS 7 (18.10) operating system using Minimal ISO.

Although the laptop has two GPUs, neither of those were actively used since the server was operated via SSH connection from another Linux computer.

Cloudstack installation & configuration

no-content-available

Update:

post image
Cloudstack guest VMs opened via internet by an authorized user from a client computer. Virtualized Windows 10 & BlackArch Linux running in established cloud environment.

Cloud test runs

Small-scale tests were carried out for the deployed cloud platforms.

In the pictures below are some general insights about these tests.

post image
Accessing cloud-based remote Windows computer via encrypted network connection.
post image
Accessing cloud-based remote Manjaro Linux live-cd session via encrypted network connection. Manjaro Linux ISO image file (18.0.4 Stable KDE) file is hooked to a virtual computer which has BlackArch Linux installed. Live-cd session was used to modify BlackArch Linux file system in this case.
post image
Cloud-based office environment, accessed via a client computer through encrypted network connection. Nextcloud's default About.odt document opened on a web-browser.