Business NAS build

Hi, how is everyone?

I was recently asked if I could set up a NAS server for a smaller company (10-15 emloyees) in which I’m currently doing my internship in, and naturally I said for sure. They would primarily use it to access project related files (paperwork, CAD drawings …).

They asked for around 20TB of usable storage, redundancy, and would also like remote access (preferably via VPN). I thought of using either FreeNAS or CentOS/ Samba (the two I’ve used in the past) with ZFS in a RAID-Z2 (6x6TB drives).

The VPN part I’m not sure about, should I run it directly on the server or get them a pfSense router and run it there?

I made quick list of the parts I might use. ASRrock says the mobo supports ECC with Matisse, although PartPicker doesn’t, plus it has 2.5Gbit.

PCPartPicker Part List:

CPU: AMD Ryzen 5 3600 3.6 GHz 6-Core Processor ($260.70 @ Newegg Australia)
Motherboard: ASRock B550M Steel Legend Micro ATX AM4 Motherboard ($249.00 @ Umart)
Memory: 2 x Kingston 8 GB (1 x 8 GB) DDR4-2666 CL19 Memory ($105.00 @ BudgetPC)
Storage: 6 x Western Digital Red 6 TB 3.5" 5400RPM Internal Hard Drive ($248.02 @ Amazon Australia)

This would go into a 2U chassis, since that’s all the space they have from what I’ve seen. The rack is pretty high up so I’m not entirely sure.

I just wanted a second opinion, since I rarely do server stuff. Thanks .

UPDATE

So there has been a few changes, now he would also like to run a couple VM’s on the server for accounting and one for projects using legacy software. So now I’m not sure what go with software wise, should I run the VM’s in FreeNAS, or use something like Proxmox? Would it be wise to move the VM’s on a separate m.2 drive for snappiness?

Also a change in storage, only wants 10TB now, and upgrade later, should I go with 5 x 4TB drives in Z2 or 3 x 6TB in Z1? Physical space is also not a constraint anymore I can go with a larger chassis.

I’ve updated the parts list a little bit based on everyone’s recommendations last time:

CPU: AMD Ryzen R9 3900X, the motherboard doesn’t support the 3950x, and the X570 variant is not available at all here in Australia.
(720 AUD)

Motherboard: ASRock Rack X470D4U2-2T, as you guys said has dual 10GIg ports and IPMI.
(750 AUD)

RAM: Samsung M393A4K40BB2-CTD 32GB x 2, only 32GB RAM that is on ASRocks QVL list is very hard to find, but found a reddit post with this one working on the same motherboard. Like this they could max out the supported RAM later on.
(520 AUD)

or

Kingston KSM26ED8/16ME 16GB x 2, or I could go with these ones.
(330 AUD)

Storage: Seagate IronWolf ST4000VN008 4TB x 5
(845 AUD)

or

WD Red WD60EFRX 6TB x 3
(830 AUD)

Any internet facing components like a VPN host should sit in your DMZ with a firewall between it and your internal network. Use a different firewall from the one at your perimeter.

Also helps because you can turn off the VPN for patching but not cripple your NAS.

If you have low budget / high risk appetite you can run both the VPN and the NAS as virtual machines on the same platform, but this is not recommended.

Note you could use a service like Linode for your VPN and save yourself the hassle of that part of the config.

Good luck

Thanks pal,

Gotcha

Nah, they definitely want the more secure low risk option.

Would have to ask them, but I would prefer going through the hassle .

Just be sure that’s the WD60EFRX and not the WD60EFAX SMR drive.

Aye , might go with IronWolfs anyway, haven’t decided yet.

I know you really weren’t asking for hardware suggestions, but I’d REALLY consider a toshiba drive over any other brand that way you’re less likely to run into a dead drive

EDIT 2020 numbers are in
better off with a HGST

image767×648 81.3 KB

image660×620 174 KB

No no, I am open to hardware recommendations. I just quickly threw together a list, if you think I could improve some stuff let me know.

these guys buy an assload of hard drives and report the failure rates, they’re a good read

and I know everyone always recommends installing freenas on a flashdrive, but I’ve had too many flash drives fail on me, so I installed mine on a HDD, but a small SSD might be more reliable

also you might want to look into if the stock cooler will fit in the 2U case

if it’ll use a ATX PSU then maybe look into getting a modular one that way you can just order more sata cables for it if you need to ever expand it

Ye I planned throwing whichever OS i choose on a m.2.

I’ll just go with a low profile Noctua or be Quiet.

FreeNas doesn’t Need to be on USB sticks, it’s a practical thing.
On first boot, the OS loads in to memory, then just runs from memory, with logs going to flash drives.
So there is not a lot of wear on the stick, which is good, because even a HDD will way outlast a thumb stick in actual use, though redundancy if recommended for minimal downtime.

The idea is to keep OS and data separate, so you can just replace the disposable OS

By using the thumb sticks, you save yourself the drive bays that would be wasted with OS drives, allowing for larger arrays, which is more important on smaller machines.

• I could be wrong about this bit, but pretty sure FreeNas then stores it’s config on the first zfs pool, so WHEN the thumb stick dies, and if it is not redundant, you should be able to write a new one, insert it, and draw the config s down to it from the pool.

hmm I’m fixing to redo my NAS and add in 7 drives, that could help with my drive bay shortage

but all my Flash drives were 1$ specials so maybe not LOL

You can go triple or even quadruple redundancy with a mirror, Doesn’t have to be just 2? And it should pretty much run from memory.

I mean to say; Just do it. Use put the FreeNas drive to one side, set up a USB, and just give it a go. It costs a few dollars to try? And if it doesn’t work, you get to return and berate me

I saw “Business NAS build”, “15 people”, “redundancy”, and was expecting some kind of ceph setup, but then saw like a gamery pcpartpicker list.

Then again, 20T is not a lot, ceph would be overkill.

Add a pair of small nvme for an OS + slog/zil mirror device.

Oh and make sure you come up with some sort of off-site backup plan (even if there’s nothing in it - make sure you’re upfront about it).

Would you recommend a “gently used” surplus business machine?
There is probably quite a few 2u machines?
And just as supported as an own built box? (As in OP Is the support contract) so OP might be better off looking as lit they are familiar with? Like home use kit?

Sorry to disappoint you , I’ve only built gaming PC’s so far.
To be fair the only gamery thing about it will be the mobo.

I would, but surprise surprise I literately can find barely any locally.

Risk has a good point about stability of enterprise kit.
Even a smallish tower server might fit in enough drives for redundancy etc.
The main benefits of a pre built system is compatibility, even if it is after it’s warranty period.

In my mind, the only drawback is some setups require all sorts of licenses, or some raid cards make arrays that won’t work with other cards, so replacements need to match exactly etc… so looking at the FreeNas or unraid or omv forums for recommended used hardware might be a good idea.

Also, the company might be reassured seeing a Dell or HP sticker on the box, even if the internals are half RGB G4M3R parts

Fair enough, if EBay let’s you down…

I cobble my own machines together with a mix of used enterprise, and consumer gear.
I would seriously look at super micro if there is any boxes on eBay, If I was to roll one again, if only for a chassis

Nah, you’re good, parts are ok.

@Trooper_ish asked about and old enterprise build, but TBH unless it’s a really good price AND it’s something you’re familiar with (enterprise hardware tends to be very quirky relative to a typical home build) I wouldn’t really recommend it.

It’s gamery, relative to typical server. Tiny single 6 cores only cpu, only 16 gigs of ram that’s not ECC (btw since you have ECC support, and don’t care about performance much, maybe it’s worth getting ECC UDIMMs if you can get them). … It’s still a good it for the project.

Re the motherboard, can you find asrock rack am4 boards… asking because if you can, they have an IPMI and you can manage them remotely.

Nah bro, the RAM I picked is ECC. (Kingston KSM26ES8/8ME)