Are the VMs in Scale Isolated or should I Virtualize TrueNAS Core on Proxmox?

[jgreco]

I would like to, but don't have the resources or the knowledge to (never created a honeypot, is it just a normal server in a dmz?).
Btw, Sorry for hijacking the thread.

An SMTP honeypot need not be more complicated than smtp-sink (from Postfix distribution) configured to log to a file, and then exposed to the Internet (in your DMZ, directly, etc.).

 

[Jazz30-06]

Yeah, for PCIe pass-through, you probably want to go with SCALE. I'm not sure that Bhyve even supports it right now (someone else can correct me on this). I hope it would in the future.

Disclaimer: I have never run SCALE. This is purely just from my knowledge that it is based on Debian Linux, which does, indeed, have that support.

Right, and this is one of the things I was concerned about. This is all new to me and I have just been reading up things a bit and have been finding that PCIe pass-through doesn't work in CORE. Now, I don't know if that only matters for VMs or if that matters for everything else too, but I would like to understand ahead of time, if possible.

 

[Whattteva]

Right, and this is one of the things I was concerned about. This is all new to me and I have just been reading up things a bit and have been finding that PCIe pass-through doesn't work in CORE. Now, I don't know if that only matters for VMs or if that matters for everything else too, but I would like to understand ahead of time, if possible.

What do you need it for though? PCIe passthrough isn't really required for majority of use cases. Right now what I can think of is a gaming server (kinda' niche) or NAS to passthrough HDD controller (I'd imagine most common use case). But things like Plex/Jellyfin really can do without it if your CPU is fast enough. Or at least, that's how I've been running Jellyfin.

 

[Jazz30-06]

What do you need it for though? PCIe passthrough isn't really required for majority of use cases. Right now what I can think of is a gaming server (kinda' niche) or NAS to passthrough HDD controller (I'd imagine most common use case). But things like Plex/Jellyfin really can do without it if your CPU is fast enough. Or at least, that's how I've been running Jellyfin.

Ideally, I could set up a VM that would let me use it as a machine in the living room for some bigger-screen gaming. Idk, it just seems kind of wasteful to have the 1060 in there without really using it, but I believe I have to have it as the Xeon I have has no internal graphics, nor does the board it's on.

 

[jgreco]

Ideally, I could set up a VM that would let me use it as a machine in the living room for some bigger-screen gaming. Idk, it just seems kind of wasteful to have the 1060 in there without really using it, but I believe I have to have it as the Xeon I have has no internal graphics, nor does the board it's on.

Why not use an appropriate board? Server mainboards typically come with IPMI hardware to provide the basic level VGA interface appropriate to a server.

 

[Jazz30-06]

Why not use an appropriate board? Server mainboards typically come with IPMI hardware to provide the basic level VGA interface appropriate to a server.

Because I'm into this thing for $300, including graphics and I couldn't find a way to build with semi-modern server parts for anywhere near that price.

 

[Patrick M. Hausen]

Have you calculated the energy costs? You can build a great NAS on a server platform like a Supermicro Atom based X11 series board that will lead to a system drawing 60W or less including 4 spinning disk drives powered on 24x7. Then add a dedicated gaming system that is only powered on when used.

 

[Jazz30-06]

Have you calculated the energy costs? You can build a great NAS on a server platform like a Supermicro Atom based X11 series board that will lead to a system drawing 60W or less including 4 spinning disk drives powered on 24x7. Then add a dedicated gaming system that is only powered on when used.

Power costs for me are zero right now because utilities are built into my rent. I will probably look into a supermicro server later, but raw hardware cost is my biggest concern for now.

 

[Whattteva]

Because I'm into this thing for $300, including graphics and I couldn't find a way to build with semi-modern server parts for anywhere near that price.

Yeah, $300 is kinda' really low. I, once upon a time, was also in that predicament. But if there's one thing I learned over the years. It's OK to skimp for gaming PC's or even hypervisor host that runs non-essential VM services, but I do not and never will skimp on NAS stuff cause it's where my entire life goes.

 

[Jazz30-06]

Yeah, $300 is kinda' really low. I, once upon a time, was also in that predicament. But if there's one thing I learned over the years. It's OK to skimp for gaming PC's or even hypervisor host that runs non-essential VM services, but I do not and never will skimp on NAS stuff cause it's where my entire life goes.

That's kind of the point. I've never done something like this before and wanted to get my feet wet without going too far down the rabbit hole. It's all enterprise hardware, except the graphics card or the drives (Which ARE NAS drives), so what's the difference?

 

[Whattteva]

That's kind of the point. I've never done something like this before and wanted to get my feet wet without going too far down the rabbit hole. It's all enterprise hardware, except the graphics card or the drives (Which ARE NAS drives), so what's the difference?

Why not just put the 1060 in an actual gaming PC? I don't think the server needs it at all, at least from what you've said so far. You've got server-grade stuff. It can run completely headless without any graphics output.

 

[Jazz30-06]

Why not just put the 1060 in an actual gaming PC? I don't think the server needs it at all, at least from what you've said so far. You've got server-grade stuff. It can run completely headless without any graphics output.

I was under the impression that I needed some sort of graphics for the UI to work. Is that not the case? Sorry, I'd try it really quick, but I'm also in the middle of a move right now, so I am just trying to learn until it's all set back up.

 

[Whattteva]

I was under the impression that I needed some sort of graphics for the UI to work. Is that not the case? Sorry, I'd try it really quick, but I'm also in the middle of a move right now, so I am just trying to learn until it's all set back up.

According to this, it looks like it already comes with a graphics controller and doesn't need another GPU. Is this not what you have?

 

[Jazz30-06]

According to this, it looks like it already comes with a graphics controller and doesn't need another GPU. Is this not what you have?

Mine did not come with one of the nvidia cards because none of the ones that I was seeing for sale were new enough to actually support transcoding or the like.

 

[Whattteva]

Mine did not come with one of the nvidia cards because none of the ones that I was seeing for sale were new enough to actually support transcoding or the like.

Sorry, I'm not too familiar with workstation stuff (don't have one). But server-grade stuff usually has some kind of BMC and remote management interface like IPMI, IDRAC, or ILO which enables you to view the remote console without ever plugging in a monitor.

 

[Jazz30-06]

Sorry, I'm not too familiar with workstation stuff (don't have one). But server-grade stuff usually has some kind of BMC and remote management interface like IPMI, IDRAC, or ILO which enables you to view the remote console without ever plugging in a monitor.

Right, this doesn't have IPMI or the like as far as I know because it is a workstation that is expected to use workstation-level graphics. There aren't even any display ports on the back of the machine. I will try to connect to it without a graphics card though and see how that goes.

 

[nabsltd]

These attacks, unless we are talking about a targeted operation, run in an automated fashion, just like sending out spam emails. My gut feeling tells me that it wouldn't take a day (probably less than 3 hours) until I was under attack.

I've hosted my own e-mail for nearly 20 years, and even now see almost nothing that bothers me.

There are regular attempts to do things like check to see if my SMTP server is actually a proxy that forwards to the actual server, and those attempts are immediately recognized by the mail server and dropped. There are also attempts to authenticate to the mail server using all the standard accounts (like root), but all fail because none of those are accounts the SMTP server recognizes. I see similar attempts against my imap server, with similar results.

 

[danb35]

I was under the impression that I needed some sort of graphics for the UI to work.

The main UI for TrueNAS (CORE and SCALE) is through a web browser on a client device--the NAS doesn't need to have any video display capability at all for this to work. The secondary UI is a text menu at the console, and that would require the ability to display text.

 

[jgreco]

that would require the ability to display text.

... or serial console support. No ability to display text actually required, if your system supports serial-over-LAN (which includes some non-server gear that does support Intel AMT).

 

[robert keefe]

Ideally, I could set up a VM that would let me use it as a machine in the living room for some bigger-screen gaming. Idk, it just seems kind of wasteful to have the 1060 in there without really using it, but I believe I have to have it as the Xeon I have has no internal graphics, nor does the board it's on.

I never tried to passthrough a GPU (although I do want to try) but I've been using PCI-E passthrough on CORE for a 4 port NIC without issues using a HP Z420 (Older model than you are looking at). My box runs a firewall in a VM and I passthrough the PCI-E 4-port NIC card. I've had this setup for 2 years and have experienced no bugs with the PCI-E passthrough feature.