Table of Contents
Proxmox Cluster
Networking
Subnet | Server | Notes |
---|---|---|
10.0.5.0/24 | vmsrv01 | |
10.0.7.0/24 | vmsrv01 | |
10.0.8.0/24 | vmsrv02 |
To get Proxmox to serve its web app using the standard SSL port 443, we must run the following iptables rule:
iptables -t nat -I PREROUTING --src 0/0 --dst 128.143.67.32 -p tcp --dport 443 -j REDIRECT --to-ports 8006
There is a private network inside of the VM cluster 10.0.5.0/24
This is created by the vmbr1
bridge interface on vmsrv01
. This is all set up by the following /etc/network/interfaces
entry:
auto vmbr1 iface vmbr1 inet static address 10.0.5.1 netmask 255.255.0.0 ovs_type OVSBridge post-up echo 1 > /proc/sys/net/ipv4/ip_forward post-up iptables -t nat -A POSTROUTING -s '10.0.5.0/24' -o vmbr0 -j MASQUERADE post-down iptables -t nat -D POSTROUTING -s '10.0.5.0/24' -o vmbr0 -j MASQUERADE
Proxmox wants you to do a reboot after adding network interfaces/bridges, but this is not necessary! Just add the bridge manually and it will behave.
Storage
Storage volumes are created using ZFS as a backend. This is advantageous because we can allocate ZFS datasets to be given to users to store iso images and VM disk images.
These volumes must be created on the server host and then allocated using the Proxmox GUI
root@vmsrv01:~# zpool list NAME SIZE ALLOC FREE EXPANDSZ FRAG CAP DEDUP HEALTH ALTROOT vm01 3.62T 93K 3.62T - 0% 0% 1.00x ONLINE - root@vmsrv01:~# zfs create vm01/user01 root@vmsrv01:~# zfs set refquota=500G vm01/user01 root@vmsrv01:~# zfs list NAME USED AVAIL REFER MOUNTPOINT vm01 112K 3.51T 24K /vm01 vm01/user01 24K 500G 24K /vm01/user01
Pool | Server | Notes |
---|---|---|
user01 | vmsrv01 | For Ibrahim |
user02 | vmsrv01 | |
iso01 | vmsrv01 | For Ibrahim |
iso02 | vmsrv01 | |
user03 | vmsrv02 | For Aaron |
iso04 | vmsrv02 | For MV |
user04 | vmsrv02 | For MV |
Notes
The subscription warning can be removed by running the following one-liner on the vm host:
sed -i.bak "s/data.status !== 'Active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js && systemctl restart pveproxy.service