Homelab¶
16 cards — 🟢 3 easy | 🟡 4 medium | 🔴 3 hard
🟢 Easy (3)¶
1. What is the goal of a homelab in terms of fidelity?
Show answer
Pattern fidelity, not scale fidelity. You don't need 1,500 servers to practice fleet management — you need 3-5 nodes with the same tooling patterns used in production.Example: a 3-node k3s cluster teaches node scheduling, pod affinity, and rolling updates — the same patterns used on 300-node production clusters.
2. What is the best bang-for-buck homelab hardware tier in 2025?
Show answer
The Mid Tier ($300-$800): 3x Intel N100 mini PCs with 16GB RAM, NVMe SSDs, a VLAN-aware managed switch, and a small UPS. These are silent, low-power (~8W idle), and support Proxmox clustering with nested VMs.3. What components does k3s ship with by default?
Show answer
Traefik (ingress controller), CoreDNS (cluster DNS), Flannel (CNI), local-path provisioner (persistent volumes), and ServiceLB (LoadBalancer-type services using host ports).Gotcha: k3s defaults are opinionated. Use --disable traefik --disable servicelb at install to practice with your own ingress controller.
Under the hood: k3s bundles everything into a single <50MB binary — ideal for edge and resource-constrained environments.
🟡 Medium (4)¶
1. What is the difference between VMs and LXC containers in Proxmox, and when should you use each?
Show answer
VMs are full virtual machines with their own kernel — use for Windows, appliances, or anything needing its own kernel. LXC containers are lightweight Linux containers — use for services like PiHole and Gitea. Proxmox also supports clustering (3+ nodes), live migration, templates, and multiple storage backends (local, NFS, Ceph, ZFS).2. Why should you set up VLANs in a homelab, and what is a recommended VLAN layout?
Show answer
Network segmentation is a production skill worth practicing. A recommended layout: VLAN 10 for management (Proxmox UI, switch), VLAN 20 for servers (VMs/containers), VLAN 30 for IoT/untrusted devices, VLAN 40 for Kubernetes pod network, VLAN 100 for WAN/Internet. IoT devices should never share a network with Proxmox management.3. What are the three tiers of essential self-hosted services for a homelab?
Show answer
Tier 1 (Infrastructure): PiHole (DNS), WireGuard (VPN), Traefik/nginx (reverse proxy + TLS). Tier 2 (DevOps Practice): Gitea (Git), Prometheus + Grafana (monitoring), Loki (logs), ArgoCD (GitOps). Tier 3 (Production Patterns): Nextcloud (storage), Keycloak (SSO/OIDC), MinIO (S3-compatible), Vault (secrets).4. Why should you set up PiHole or local DNS on day one of your homelab?
Show answer
Accessing services by IP address is a recipe for confusion as your lab grows. PiHole serves dual purposes: ad blocking and local DNS resolution for lab services using entries like proxmox.lab.home, grafana.lab.home, etc. Point your DHCP server to use PiHole as primary DNS.🔴 Hard (3)¶
1. How do you create a cloud-init VM template in Proxmox for fast provisioning?
Show answer
Create a VM (qm create), import a cloud image disk (qm importdisk), configure the SCSI controller and boot disk (qm set --scsihw virtio-scsi-pci), add cloud-init drive (qm set --ide2 local-zfs:cloudinit), set serial console, configure IP (qm set --ipconfig0 ip=dhcp), then convert to template (qm template). Clone from template with qm clone for each new VM.2. What are the key components of a WireGuard VPN setup for accessing your homelab remotely?
Show answer
Generate server and client key pairs (wg genkey/wg pubkey), create server config (/etc/wireguard/wg0.conf) with PrivateKey, Address (e.g., 10.200.0.1/24), ListenPort (51820), PostUp/PostDown iptables rules for NAT masquerade, and Peer section with client's PublicKey and AllowedIPs. Enable with systemctl, and port-forward 51820/UDP on your router to the WireGuard host.3. What are the two most costly pitfalls when buying enterprise salvage hardware for a homelab?