So Im going to run XCP-NG in a datacenter for hosting web servers for our business. This setup may look a little crazy but it seems to make sense and chatGPT agrees with me lol. I’d love for some actual feedback buy people who know more than me.
So we are going to run 3 XCP-NG servers all with separate remote storages for each. One server will host the main webserver and all three with have a VM running a SQL server (innoDB) for replication. This way we keep 3 copies of the database, all on separate servers. In theory with each XCP-NG host having it’s own storage, one storage server can fail and we still have 2 copies. The storage servers are all running TrueNAS Core RaidZ2 so we have more fault tolerance than we would if the drives in the XCP-NG server would.
All of the storage is on 10gb, which will be a private network. All machines will backup to the TrueNAS backup server then again to offsite (BackBlaze).
Anyone see any major holes? Is this a complete waste of server allocation? My development crew is used to AWS, so this is our first venture into having our own equipment. We plan on having a consult with @LTS_Tom (or maybe someone in his crew) for a final check over, security check, etc. Just trying to get it all setup prior to the consult.
This looks pretty good. A few things I would change is having redundant switches for your backbone networking instead of having one. Also add another firewall for HA. You don’t want single points of failure.
Thanks for the advice. Will definitely look into a 2nd switch and firewall. We have a smaller sonicwall as a back up but didnt plan on using it a HA setup. Might be a good idea for redundancy than let it be cold spare
One more question if you happen to know the answer.
With each xcpng server connecting to its own truenas as a storage, should I just connect them direct rather than go through the switch?
When I originally set up these servers in the office, I wanted to pull my hair out because I could never get the storage network to run on a different subnet. The goal was to have storage only not directly connected to the internet. Once I gave up and put the storage repositories on the same subnet it worked fine.
I need to test it but I think this may solve my issue. Connect each XCP-NG server to its own storage server directly with a DAC 10gb SFP cable, then everyone gets a connection via the SFP switch to the backup server and it runs as a remote storage for backups.
I would have your servers and truenas going through the switch on its own VLAN that is not routed (going through the firewall). Each server and truenas connected to redundant switches.
