Hybrid Multicloud Enterprise Lab
This lab spans on-premises infrastructure, Google Cloud, Oracle OCI, and multiple AI platforms — a true hybrid multicloud environment built to mirror real enterprise architectures. On-prem runs a 3-node Proxmox cluster with Windows Server 2019 Active Directory, network monitoring, and GPU-accelerated AI inference. Cloud extends into Google Cloud infrastructure for services and Oracle OCI for application hosting. AI workloads run locally via Ollama and connect to external APIs including Claude (Anthropic), Kimi 2.5 (Moonshot AI), and MCP-integrated toolchains.
Total on-prem hardware cost: under $1,500. Every component is production-grade, documented end to end, and built with the same tools and techniques used in Fortune 500 datacenters.
Network Architecture
The Stack
Cloud & Multicloud
- Google Cloud Platform — cloud infrastructure services, hybrid connectivity
- Oracle OCI — application hosting and cloud compute
- Hybrid architecture — on-prem AD domain integrated with cloud workloads, WireGuard tunnels for secure connectivity
AI, LLM & MCP Integration
- Ollama — local LLM inference (Qwen3 8B/14B/32B) on RTX 4070 via GPU passthrough
- Claude Code (Anthropic) — AI-assisted infrastructure development, MCP server connections
- Kimi 2.5 (Moonshot AI) — multimodal AI API integration
- MCP (Model Context Protocol) — tool-use connections between AI agents and lab infrastructure
- TensorRT — GPU-accelerated object detection for smart home (Frigate NVR)
Identity & Access Management
- Active Directory Domain Services — Windows Server 2019 dual-DC domain (rpc-cyberflight.com), Group Policy, centralized authentication
- DNS & DHCP — AD-integrated, conditional forwarding, split-horizon resolution
- PrivacyIDEA — zero-cost multi-factor authentication with LDAP/AD integration
Monitoring & Observability
- LibreNMS — SNMP v2c/v3 network monitoring across all nodes, custom extend scripts
- Graylog + OpenSearch — centralized log management (syslog, GELF, Winlogbeat)
- Custom SNMP scripts — CPU temperature, SMART disk health, LVM thin pool monitoring
Virtualization & Containers
- Proxmox VE — 3-node cluster (Corosync quorum, live migration, shared NFS storage)
- Docker & Podman — containerized service deployment across all workloads
- Nginx reverse proxy — virtual-host routing for all internal services
Security & Testing
- Kali Linux — penetration testing lab for AD attacks, network recon, vulnerability scanning
- Network segmentation — dual-subnet architecture (LAN/DMZ) with firewall-controlled traffic flow
- SNMPv3 encryption — SHA authentication + AES encryption on all Linux/Proxmox hosts
Network & Connectivity
- OpenWrt (GL-MT6000) — router with AdGuardHome DNS filtering, iptables, conditional forwarding
- WireGuard VPN — encrypted remote access to lab from anywhere
- TP-Link managed switch — 24-port gigabit for DMZ backbone
Hardware
| Node | CPU | RAM | GPU | Role |
|---|---|---|---|---|
| pve1 | Intel i9-13900H | 64 GB | — | Primary DC, infrastructure services, monitoring |
| pve2 | Intel i5-4590 | 16 GB | — | Secondary DC |
| bighost | Intel i5-12600K | 64 GB | RTX 4070 | AI inference, GPU workloads, security lab |
Technologies
Proxmox VE
Active Directory
Windows Server 2019
Google Cloud
Oracle OCI
Docker
Podman
Nginx
Ollama
Claude Code
Kimi 2.5
MCP Protocol
GPU Passthrough
TensorRT
LibreNMS
Graylog
OpenSearch
SNMPv3
WireGuard
OpenWrt
AdGuardHome
Rocky Linux
Kali Linux
PrivacyIDEA
Group Policy
PKI / ADCS
Home Assistant
Frigate NVR
Active Directory
Windows Server 2019
Google Cloud
Oracle OCI
Docker
Podman
Nginx
Ollama
Claude Code
Kimi 2.5
MCP Protocol
GPU Passthrough
TensorRT
LibreNMS
Graylog
OpenSearch
SNMPv3
WireGuard
OpenWrt
AdGuardHome
Rocky Linux
Kali Linux
PrivacyIDEA
Group Policy
PKI / ADCS
Home Assistant
Frigate NVR