Homelab

Your homelab runs your GitLab, your passwords, your photos, your home automation. What happens when the disk fails? If you can’t answer that question confidently, you don’t have backups. You have hope. The 3-2-1 rule has been around for decades because it works. Three copies, two different media, one offsite. Here’s how to actually implement it. The 3-2-1 Rule Explained flowchart TD subgraph rule["3-2-1 Backup Rule"] Data["Original Data"] subgraph three["3 Copies"] C1["Copy 1<br/>(Original)"] C2["Copy 2<br/>(Local Backup)"] C3["Copy 3<br/>(Offsite)"] end subgraph two["2 Media Types"] M1["NVMe/SSD"] M2["HDD/NAS"] end subgraph one["1 Offsite"] Off["Cloud/Remote"] end end Data --> C1 Data --> C2 Data --> C3 C1 --> M1 C2 --> M2 C3 --> Off Why Three Copies? Copy 1: Your live data (original) Copy 2: Local backup (fast restore) Copy 3: Offsite backup (disaster recovery) One copy is not a backup. Two copies can both fail in the same disaster (fire, flood, ransomware). Three copies with separation gives you real resilience. ...

Your homelab cluster runs at home. You’re not always at home. You need access. The traditional approach: forward ports, set up dynamic DNS, configure firewall rules, pray nobody finds your exposed services. The better approach: Tailscale. Zero exposed ports. Secure WireGuard encryption. Your devices find each other, wherever they are. What Is Tailscale? Tailscale is a mesh VPN built on WireGuard. Every device gets a stable IP. Every device can reach every other device. No central server routing your traffic. ...

You don’t need a cloud provider to run Kubernetes. You don’t need expensive servers. You need three mini-PCs and an afternoon. This is how I built my homelab cluster — the same cluster that runs my GitLab, monitoring, home automation, and everything else I refuse to trust to someone else’s computer. Why K3s? K3s is Kubernetes, simplified: Single binary — ~70MB, includes everything Low resource — Runs on Raspberry Pi, runs great on mini-PCs Production ready — Same API, same workloads, less overhead Batteries included — Built-in ingress, load balancer, storage It’s not “Kubernetes lite.” It’s Kubernetes without the enterprise cruft. ...

People often think you need VMware, Hyper-V, or at minimum Proxmox to run a “real” hypervisor. Something with a web UI, enterprise features, the whole package. But here’s the thing: KVM with libvirt can do virtually everything those commercial hypervisors do. Live migration, memory ballooning, CPU pinning, GPU passthrough, SR-IOV, nested virtualization — it’s all there. The Linux kernel has been a production-grade hypervisor for over a decade. I run NixOS as my hypervisor. No Proxmox, no web UI, just declarative Nix configs and virsh. Let me show you what’s possible. ...

“Autonomous cluster management” — the promise that an AI can monitor your Kubernetes cluster, diagnose problems, and perhaps even fix them without human intervention. It sounds like the holy grail for platform engineers. The reality is more nuanced. In this post I test K8sGPT with a locally running Llama 3.3 70B model on Apple Silicon. No cloud APIs, no data leaving your network, fully sovereign. Is this usable for real cluster diagnosis? Let’s find out. ...