[HN Gopher] Show HN: Terraform Provider for Inexpensive Switches
___________________________________________________________________
Show HN: Terraform Provider for Inexpensive Switches
Hi HN, I've been building this provider for (web managed) network
switches manufactured by HRUI. These switches often used in SMBs,
home labs, and by budget-conscious enthusiasts. Many HRUI switches
are also rebranded and sold under various OEM/ODM names (eg.
Horaco, XikeStor, keepLiNK, Sodola, etc) making them
accessible/popular but often overlooked in the world of
infrastructure automation. The provider is in pre-release, and I'm
looking for owners of these switches to test it and share feedback.
My goal is to make it easier to automate its config using
Terraform/OpenTofu :) You can use this provider to configure
VLANs, port settings, trunk/link aggregation etc. I built this
provider to address the lack of automation tools for budget-
friendly hardware. It leverage goquery and has an internal SDK
sitting between the Terraform resources and the switch Web UI. If
you have one of these switches, I'd love for you to give it a try
and let me know how it works for you! Terraform
Registry: https://registry.terraform.io/providers/brennoo/hrui
OpenTofu Provider:
https://search.opentofu.org/provider/brennoo/hrui I'm happy
to answer any questions about the provider or the hardware it
supports. Feedback, bug reports, and ideas for improvement are more
than welcome!
Author : brennoo
Score : 70 points
Date : 2025-01-18 13:14 UTC (2 days ago)
(HTM) web link (github.com)
(TXT) w3m dump (github.com)
| stargrazer wrote:
| Does any one know of switches similar to this but might be
| loadable with Linux? Maybe able to run with switchdev or similar?
| westurner wrote:
| OpenWRT > Table of Hardware > Switches:
| https://openwrt.org/toh/views/switches
|
| ansible-openwrt: https://github.com/gekmihesg/ansible-openwrt
|
| /? terraform OpenWRT:
| https://www.google.com/search?q=terraform+openwrt
|
| /? terraform Open vSwitch:
| https://www.google.com/search?q=open+vswitch+terraform
|
| Open vSwitch supports _OpenFlow_ :
| https://en.wikipedia.org/wiki/Open_vSwitch
|
| Open vSwitch > "Porting Open vSwitch to New Software or
| Hardware"
| https://docs.openvswitch.org/en/latest/topics/porting/
| blutack wrote:
| https://blog.benjojo.co.uk/post/sn2010-linux-hacking-switchd...
| if you hadn't seen it already and the associated HN comments:
|
| https://news.ycombinator.com/item?id=40141967
| evanjrowley wrote:
| Maybe consider MikroTik switches running RouterOS (ROS) /
| SwitchOS (SwOS)? The learning curve is steeper than other
| switches, but the functionality is quite powerful. At first I
| was not a fan of WinBox, but it grew on me after I learned they
| had a beta version for Linux/macOS and that it could connect to
| a router by using just a L2 MAC address. It can also be
| virtualized / dockerized, so you can experiment with it before
| buying hardware.
|
| The newer hardware is even better, but I have the compact
| desktop version of this 24-port MikroTik switch:
| https://www.servethehome.com/mikrotik-css326-24g-2srm-review...
|
| As well as this Wifi 6 AP:
| https://www.youtube.com/watch?v=ICrDw8_PZ3o
|
| They recently released a small 10G ethernet switch that looks
| seriously good: https://www.servethehome.com/mikrotik-
| crs304-4xg-in-review-t...
|
| If I had to do my network all over again, I'd probably get
| either the MikroTik L009UiGS-2HaxD or RB5009UG+S+IN:
| https://www.youtube.com/watch?v=rIxkkNxsEhs
|
| Side Notes
|
| - The Terraform provider for RouterOS is actively developed:
| https://github.com/terraform-routeros/terraform-provider-rou...
|
| - If you want Linux without actually needing to poke at the
| underlying OS, then you might also be interested in Palo Alto
| NGFW products running PAN-OS. Terraform is also an option:
| https://github.com/PaloAltoNetworks/terraform-provider-panos
|
| - The one area I found RouterOS majorly lacking was IPv6
| support, which is provided as a separate plugin/package. My ISP
| doesn't support IPv6, so this did not make any difference for
| me.
|
| - The best IPv6 support in a network product advertizing a
| unix-like OS is OPNsense / PFSense, but those are routers and
| not switch hardware. Terraform providers are also available for
| these.
| brirec wrote:
| > The newer hardware is even better, but I have the compact
| desktop version of this 24-port MikroTik switch:
| https://www.servethehome.com/mikrotik-css326-24g-2srm-
| review...
|
| The one you linked unfortunately only runs SwOS, which is
| really not very good.
|
| However, current versions of RouterOS (i.e., any 7.x version)
| do IPv6 natively without an additional package.
| evanjrowley wrote:
| Nice catch. So it is possible to run both on most switches
| in that product family. The one I have for example is
| running RouterOS and performing various L3 functions.
| Here's a product table explaining which ones can support
| RouterOS: https://help.mikrotik.com/docs/spaces/SWOS/pages/
| 76415036/CR...
| unethical_ban wrote:
| If you know how plebians can get affordable, licensed Palo
| firewalls for the home, I'm all ears.
|
| Big fan of Opnsense for the home gateway!
| mugsie wrote:
| Any of the SoNIC supported switches - they all run a linux NOS,
| with an interface to the switch chip.
|
| Can even run containers using kubelet :D
|
| https://github.com/sonic-net/SONiC/blob/sonic_image_md_updat...
| klaas- wrote:
| any of those switches in the right price range for home? I've
| been looking for a cheap SONiC switch for a long time but
| those on the supported hardware list are all rack/datacenter
| sized I would say -- and none do PoE which I really need for
| home usage (cameras, wifi APs)
| zokier wrote:
| As far as I can tell, these switches tend to run Linux. You can
| probably get root shell with some effort.
| stargrazer wrote:
| lanaotek.com has something similar but use a command line
| ability.
| jfuwjasddf wrote:
| My feedback:
|
| 1) the internal sdk client does not respect golang's context so
| will not terminate gracefully, most tf providers fail to respect
| golang context, so this is not out of the ordinary.
|
| 2) thank you for not saving environment credentials to state, 99%
| of tf providers fuck this up.
___________________________________________________________________
(page generated 2025-01-20 23:02 UTC)