Show HN: Terraform Provider for Inexpensive Switches
84 points
3 days ago
| 3 comments
| github.com
| HN
Hi HN,

I’ve been building this provider for (web managed) network switches manufactured by HRUI. These switches often used in SMBs, home labs, and by budget-conscious enthusiasts. Many HRUI switches are also rebranded and sold under various OEM/ODM names (eg. Horaco, XikeStor, keepLiNK, Sodola, etc) making them accessible/popular but often overlooked in the world of infrastructure automation.

The provider is in pre-release, and I’m looking for owners of these switches to test it and share feedback. My goal is to make it easier to automate its config using Terraform/OpenTofu :)

You can use this provider to configure VLANs, port settings, trunk/link aggregation etc.

I built this provider to address the lack of automation tools for budget-friendly hardware. It leverage goquery and has an internal SDK sitting between the Terraform resources and the switch Web UI.

If you have one of these switches, I’d love for you to give it a try and let me know how it works for you!

    Terraform Registry: https://registry.terraform.io/providers/brennoo/hrui
    OpenTofu Provider: https://search.opentofu.org/provider/brennoo/hrui
I’m happy to answer any questions about the provider or the hardware it supports. Feedback, bug reports, and ideas for improvement are more than welcome!
jfuwjasddf
1 day ago
[-]
My feedback:

1) the internal sdk client does not respect golang's context so will not terminate gracefully, most tf providers fail to respect golang context, so this is not out of the ordinary.

2) thank you for not saving environment credentials to state, 99% of tf providers fuck this up.

reply
stargrazer
1 day ago
[-]
Does any one know of switches similar to this but might be loadable with Linux? Maybe able to run with switchdev or similar?
reply
evanjrowley
1 day ago
[-]
Maybe consider MikroTik switches running RouterOS (ROS) / SwitchOS (SwOS)? The learning curve is steeper than other switches, but the functionality is quite powerful. At first I was not a fan of WinBox, but it grew on me after I learned they had a beta version for Linux/macOS and that it could connect to a router by using just a L2 MAC address. It can also be virtualized / dockerized, so you can experiment with it before buying hardware.

The newer hardware is even better, but I have the compact desktop version of this 24-port MikroTik switch: https://www.servethehome.com/mikrotik-css326-24g-2srm-review...

As well as this Wifi 6 AP: https://www.youtube.com/watch?v=ICrDw8_PZ3o

They recently released a small 10G ethernet switch that looks seriously good: https://www.servethehome.com/mikrotik-crs304-4xg-in-review-t...

If I had to do my network all over again, I'd probably get either the MikroTik L009UiGS-2HaxD or RB5009UG+S+IN: https://www.youtube.com/watch?v=rIxkkNxsEhs

Side Notes

- The Terraform provider for RouterOS is actively developed: https://github.com/terraform-routeros/terraform-provider-rou...

- If you want Linux without actually needing to poke at the underlying OS, then you might also be interested in Palo Alto NGFW products running PAN-OS. Terraform is also an option: https://github.com/PaloAltoNetworks/terraform-provider-panos

- The one area I found RouterOS majorly lacking was IPv6 support, which is provided as a separate plugin/package. My ISP doesn't support IPv6, so this did not make any difference for me.

- The best IPv6 support in a network product advertizing a unix-like OS is OPNsense / PFSense, but those are routers and not switch hardware. Terraform providers are also available for these.

reply
brirec
1 day ago
[-]
> The newer hardware is even better, but I have the compact desktop version of this 24-port MikroTik switch: https://www.servethehome.com/mikrotik-css326-24g-2srm-review...

The one you linked unfortunately only runs SwOS, which is really not very good.

However, current versions of RouterOS (i.e., any 7.x version) do IPv6 natively without an additional package.

reply
evanjrowley
1 day ago
[-]
Nice catch. So it is possible to run both on most switches in that product family. The one I have for example is running RouterOS and performing various L3 functions. Here's a product table explaining which ones can support RouterOS: https://help.mikrotik.com/docs/spaces/SWOS/pages/76415036/CR...
reply
unethical_ban
1 day ago
[-]
If you know how plebians can get affordable, licensed Palo firewalls for the home, I'm all ears.

Big fan of Opnsense for the home gateway!

reply
blutack
1 day ago
[-]
reply
mugsie
1 day ago
[-]
Any of the SoNIC supported switches - they all run a linux NOS, with an interface to the switch chip.

Can even run containers using kubelet :D

https://github.com/sonic-net/SONiC/blob/sonic_image_md_updat...

reply
klaas-
1 day ago
[-]
any of those switches in the right price range for home? I've been looking for a cheap SONiC switch for a long time but those on the supported hardware list are all rack/datacenter sized I would say -- and none do PoE which I really need for home usage (cameras, wifi APs)
reply
zokier
1 day ago
[-]
As far as I can tell, these switches tend to run Linux. You can probably get root shell with some effort.
reply
westurner
1 day ago
[-]
OpenWRT > Table of Hardware > Switches: https://openwrt.org/toh/views/switches

ansible-openwrt: https://github.com/gekmihesg/ansible-openwrt

/? terraform OpenWRT: https://www.google.com/search?q=terraform+openwrt

/? terraform Open vSwitch: https://www.google.com/search?q=open+vswitch+terraform

Open vSwitch supports OpenFlow: https://en.wikipedia.org/wiki/Open_vSwitch

Open vSwitch > "Porting Open vSwitch to New Software or Hardware" https://docs.openvswitch.org/en/latest/topics/porting/

reply
stargrazer
1 day ago
[-]
lanaotek.com has something similar but use a command line ability.
reply