Proxmox Virtual Environment: Difference between revisions

From NixOS Wiki
imported>Vater
No edit summary
Klinger (talk | contribs)
 
(9 intermediate revisions by 5 users not shown)
Line 1: Line 1:
[https://www.proxmox.com/proxmox-ve Proxmox Virtual Environment] - ([[wikipedia:en:Proxmox Virtual Environment]]), also known is a platform for containerization and virtualization. PVE can manage a so called "data center" as a cluster of machines and storage. (It supports file systems like [[ZFS]] and [[Ceph]].) Mostly it can be used with a [[wikipedia:en:web user interface|WUI]]. It is open source and is based on [[Debian]] GNU/Linux (with a customized kernel of [[Ubuntu]]).
[https://www.proxmox.com/proxmox-ve {{PAGENAME}}] - shortened ''PVE'' - ([[wikipedia:en:{{PAGENAME}}]]) is a platform for containerization and virtualization. PVE can manage a so called "data center" as a cluster of machines and storage. (It supports file systems like [[ZFS]] and [[Ceph]].) Mostly it can be used with a [[wikipedia:en:web user interface|WUI]]. It is open source and is based on [[Debian]] GNU/Linux (with a customized kernel of [[Ubuntu]]).


PVE uses  
PVE uses  
Line 7: Line 7:


<blockquote>
<blockquote>
The instructions should work for PVE&nbsp;7.2 and later with NixOS&nbsp;22.05 and later. Users of previous versions may need to patch pve-container to use NixOS LXC images (instructions are below too).
The instructions should work for PVE&nbsp;7.2 and later with NixOS&nbsp;22.05 and later.
</blockquote>
</blockquote>


Line 14: Line 14:
It is possible to generate generic qcow2 images and attach them to VMs with <code>qm importdisk</code> as shown [https://pve.proxmox.com/wiki/Migration_of_servers_to_Proxmox_VE#Importing_to_Proxmox_VE here].
It is possible to generate generic qcow2 images and attach them to VMs with <code>qm importdisk</code> as shown [https://pve.proxmox.com/wiki/Migration_of_servers_to_Proxmox_VE#Importing_to_Proxmox_VE here].


A better option is to generate a VMA image that can be imported as a VM on proxmox. With this method, many VM configuration options such as CPU, memory, netowrk interfaces, and serial terminals can be specified in nix instead of manually setting them on the proxmox UI.
A better option is to generate a VMA image that can be imported as a VM on proxmox. With this method, many VM configuration options such as CPU, memory, network interfaces, and serial terminals can be specified in nix instead of manually setting them on the proxmox UI.


=== Generating VMA ===
=== Generating VMA ===
Line 34: Line 34:
</pre>
</pre>
<blockquote>
<blockquote>
note: the MAC address of net0 defaults to <code>00:00:00:00:00:00</code>. This must either be overriden thruogh <code>proxmox.qemuConf.net0</code>, or the <code>unique</code> attribute must be set to true when importing the image on proxmox.
note: the MAC address of net0 defaults to <code>00:00:00:00:00:00</code>. This must either be overridden through <code>proxmox.qemuConf.net0</code>, or the <code>unique</code> attribute must be set to true when importing the image on proxmox.
</blockquote>
</blockquote>
By default, the generated image is set up to expose a serial terminal interface for ease of access.
By default, the generated image is set up to expose a serial terminal interface for ease of access.
Line 95: Line 95:
As of now, not all of the configuration options on the web UI work for proxmox LXCs. Network configuration and adding SSH keys to root user work, while setting a password for the root user and setting hostname don’t.
As of now, not all of the configuration options on the web UI work for proxmox LXCs. Network configuration and adding SSH keys to root user work, while setting a password for the root user and setting hostname don’t.


The template built above without any options does not come with <code>/etc/nixos/configuration.nix</code>. A minimal working example is presented below. Be sure to run <code>nix-channel --update</code> before <code>nixos-rebuild switch</code>.
It is suggested to set a root password within the container on first boot.
 
The template built above without any options does not come with <code>/etc/nixos/configuration.nix</code>. A minimal working example is presented below. Be sure to run <code>nix-channel --update</code>, reboot the container running before <code>nixos-rebuild switch</code>.
<pre>
<pre>
{ pkgs, modulesPath, ... }:
{ pkgs, modulesPath, ... }:
Line 110: Line 112:
</pre>
</pre>


=== Patching pve-container ===
=== LXC Console ===
You may need to set the Console Mode option to /dev/console (instead of the default of "tty") in order to make the console shell work.


<blockquote>
=== LXC See also ===
This is not needed on pve-container version 4.1-5 (released on 27 April 2022) and newer. If you have an older version, you will have to patch it to add NixOS LXC support. If you have a newer version, skip ahead to the next section.
</blockquote>
* install some dependencies <code>apt install git devscripts gdebi</code>
* clone https://github.com/proxmox/pve-container


<pre>
* earlier wiki page [[Proxmox Linux Container]]
root@pve:~# git clone https://github.com/proxmox/pve-container
...
root@pve:~# cd pve-container/
</pre>
* get the installed version of pve-container
 
<pre>
root@pve:~/pve-container# pveversion -v | grep pve-container
pve-container: 4.1-2
</pre>
* check out the commit of the version you want
 
<pre>
root@pve:~/pve-container# git log --grep &quot;4.1-2&quot;
commit 5d5f81f645bd1e8fd0ffff878fe249253e1be777
Author: Thomas Lamprecht &lt;t.lamprecht@proxmox.com&gt;
Date:  Fri Nov 12 19:21:25 2021 +0100
 
    bump version to 4.1-2
 
    Signed-off-by: Thomas Lamprecht &lt;t.lamprecht@proxmox.com&gt;
</pre>
<pre>
root@pve:~/pve-container# git checkout 5d5f81f645bd1e8fd0ffff878fe249253e1be777
Note: switching to '5d5f81f645bd1e8fd0ffff878fe249253e1be777'.
...
HEAD is now at 5d5f81f bump version to 4.1-2
</pre>
* cherry-pick the [https://github.com/proxmox/pve-container/commit/6226d0101652914744cb5c657414bf286ccd857d patch that adds NixOS LXC support]


<pre>
== Name ==
root@pve:~/pve-container# git cherry-pick 6226d0101652914744cb5c657414bf286ccd857d
Auto-merging src/PVE/LXC/Config.pm
[detached HEAD 6f3cd03] Setup: add NixOS support
Author: Harikrishnan R via pve-devel &lt;pve-devel@lists.proxmox.com&gt;
Date: Tue Feb 15 22:58:46 2022 +0530
Committer: root &lt;root@pve&gt;
...
4 files changed, 50 insertions(+), 1 deletion(-)
create mode 100644 src/PVE/LXC/Setup/NixOS.pm</pre>
If the version of pve-container you’re applying the patch to is older than 4.1, it might encounter merge conflicts that would need to be manually resolved.


* Install build deps
''Proxmox Virtual Environment'' is also called
: short ''Proxmox VE'',
: shortened ''PVE'',
: just ''Proxmox''.


<pre>
Proxmox is the firm of the company ''Proxmox Server Solutions GmbH''. Besides ''Proxmox Virtual Environment'' (''PVE'')<ref>https://pve.proxmox.com/</ref> there are other products called ''Proxmox Backup Server'' (''PBS'')<ref>https://pbs.proxmox.com/</ref> and ''Proxmox Mail Gateway'' (''PMG'')<ref>https://pmg.proxmox.com/</ref>.
root@pve:~/pve-container# mk-build-deps
...
The package has been created.
Attention, the package has been created in the current directory,
not in &quot;..&quot; as indicated by the message above!
</pre>
<pre>
root@pve:~/pve-container# gdebi pve-container-build-deps_4.1-2_all.deb
Reading package lists... Done
...
Fetched 432 MB in 6s (17.8 MB/s)
...
Unpacking pve-container-build-deps (4.1-2) ...
Setting up pve-container-build-deps (4.1-2) ...
</pre>
* build the patched pve-container


<pre>
== References ==
root@pve:~/pve-container# make
<references />
...
dpkg-buildpackage: info: binary-only upload (no source included)
lintian pve-container_4.1-2_all.deb
warning: running with root privileges is not recommended!
</pre>
* install the deb


<pre>
root@pve:~/pve-container# dpkg -i pve-container_4.1-2_all.deb
</pre>
* verify that the installed pve-container package added NixOS support


<pre>
[[Category:Software]]
root@pve:~# ls /usr/share/perl5/PVE/LXC/Setup/NixOS.pm
[[Category:Virtualization]]
/usr/share/perl5/PVE/LXC/Setup/NixOS.pm
</pre>

Latest revision as of 17:33, 19 April 2024

Proxmox Virtual Environment - shortened PVE - (wikipedia:en:Proxmox Virtual Environment) is a platform for containerization and virtualization. PVE can manage a so called "data center" as a cluster of machines and storage. (It supports file systems like ZFS and Ceph.) Mostly it can be used with a WUI. It is open source and is based on Debian GNU/Linux (with a customized kernel of Ubuntu).

PVE uses

  • #LXC for containerization and
  • #KVM for virtualization.

NixOS runs on both.

The instructions should work for PVE 7.2 and later with NixOS 22.05 and later.

KVM

It is possible to generate generic qcow2 images and attach them to VMs with qm importdisk as shown here.

A better option is to generate a VMA image that can be imported as a VM on proxmox. With this method, many VM configuration options such as CPU, memory, network interfaces, and serial terminals can be specified in nix instead of manually setting them on the proxmox UI.

Generating VMA

The first run will take some time, as a patched version of qemu with support for the VMA format needs to be built

nix run github:nix-community/nixos-generators -- --format proxmox

Pass additional nix configuration to the template with --configuration filename.nix. In addition to NixOS module options, proxmox-specific options present in nixos/modules/virtualisation/proxmox-image.nix can be used to set core, memory, disk and other VM hardware options.

Deploying on proxmox

The generated vma.zst file can be copied to /var/lib/vz/dump/ (or any other configured VM dump storage path). A new VM can be spun up from it either using the GUI or the CLI:

qmrestore /var/lib/vz/dump/vzdump-qemu-nixos-21.11.git.d41882c7b98M.vma.zst <vmid> --unique true

note: the MAC address of net0 defaults to 00:00:00:00:00:00. This must either be overridden through proxmox.qemuConf.net0, or the unique attribute must be set to true when importing the image on proxmox.

By default, the generated image is set up to expose a serial terminal interface for ease of access.

root@proxmox-server:~# qm start <vmid>
root@proxmox-server:~# qm terminal <vmid>
starting serial terminal on interface serial0 (press Ctrl+O to exit)

<<< NixOS Stage 1 >>>

loading module dm_mod...
running udev...
Starting version 249.4
.
.
.
[  OK  ] Reached target Multi-User System.


<<< Welcome to NixOS 21.11.git.d41882c7b98M (x86_64) - ttyS0 >>>

Run 'nixos-help' for the NixOS manual.

nixos login: root (automatic login)


[root@nixos:~]#

Network configuration

Cloud-init can be enabled with

services.cloud-init.network.enable = true;

This will enable systemd-networkd, allowing cloud-init to set up network interfaces on boot.

LXC

Generating LXC template

nix run github:nix-community/nixos-generators -- --format proxmox-lxc

Privileged LXCs

While it’s not necessary, proxmoxLXC.privileged can be set to true to enable the DebugFS mount in privileged LXCs. If enabled on unprivileged LXCs, this will fail to mount.

Network configuration

The proxmox LXC template uses systemd-networkd by default to allow network configuration by proxmox. proxmoxLXC.manageNetwork can be set to true to disable this.

deploying on proxmox

Copy the tarball to proxmox, then create a new LXC with this template through the web UI or the CLI. The “nesting” feature needs to be enabled. Newer versions of proxmox will have it enabled by default.

As of now, not all of the configuration options on the web UI work for proxmox LXCs. Network configuration and adding SSH keys to root user work, while setting a password for the root user and setting hostname don’t.

It is suggested to set a root password within the container on first boot.

The template built above without any options does not come with /etc/nixos/configuration.nix. A minimal working example is presented below. Be sure to run nix-channel --update, reboot the container running before nixos-rebuild switch.

{ pkgs, modulesPath, ... }:

{
  imports = [
    (modulesPath + "/virtualisation/proxmox-lxc.nix")
  ];

  environment.systemPackages = [
    pkgs.vim
  ];
}

LXC Console

You may need to set the Console Mode option to /dev/console (instead of the default of "tty") in order to make the console shell work.

LXC See also

Name

Proxmox Virtual Environment is also called

short Proxmox VE,
shortened PVE,
just Proxmox.

Proxmox is the firm of the company Proxmox Server Solutions GmbH. Besides Proxmox Virtual Environment (PVE)[1] there are other products called Proxmox Backup Server (PBS)[2] and Proxmox Mail Gateway (PMG)[3].

References