Colocating for the first time. What do I need to know? - eviltoast

Since Google is getting rid of my unlimited Gdrive and my home internet options are all capped at 20 megabits up, I have resorted to colocating my 125 terabyte Plex server currently sitting in my basement. Right now it is in a Fractal Define 7 XL, but I have order a Supermicro 826 2U chassis to swap everything over to.

This being my first time colocating I’m not quite sure what to expect. I don’t believe I will have direct access since it is a shared cabinet. Currently it is running Unraid, but I’m considering switching to Proxmox and virtualizing TrueNAS. Their remote hands service is quite expensive, so I’d like to have my server as ready to go as possible. I’m not even sure how my IP will be assigned: is DHCP common in data centers or will I need to define my IP addresses prior to dropping it off?

If anyone has any lessons learned or best practices from colocating I would be really interested in hearing them.

  • Notorious@lemmy.linkOP
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    Does the IPMI or KVM go on a private network of some sort? Surely you wouldn’t want to expose that to the internet.

    • Max-P@lemmy.max-p.me
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Usually yes. That’s something you might want to discuss with the datacenter what they have to offer that way, some will give you a VPN to be able to reach it. But I don’t have experience with that, my current servers came with IPMI and I can download a Java thing from OVH to connect to it.

    • themoonisacheese@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Usually you define a VLAN dedicated to your IPMI devices, only accessible through an access-controlled way (usually, VPN served by the firewall but don’t do that if you’re virtualizing the firewall for obvious reasons). The DC might offer a VPN of their own specifically for this purpose, or you can pay them for more space to install a physical firewall but that’s a more significant investment.

      Ultimately best practices say not to expose the IPMI to the internet, but if you really have no choice and your thing is up to date then you only need to fear 0-days and brute force attacks, the login pages are usually pretty secure since access is equivalent to physical access. You will attract a lot of parasite traffic probing for flaws though.