Categories
VPS

Proxmox

And the Japanese Car.

Proxmox Virtual Environment (PVE) is an open source server virtualization environment based on Debian. It allows VMs and LXCs, software-defined storage and networking, and high-availability clustering.

To backup the configuration of the server itslef use the command:

tar -zcvf /var/lib/vz/dump/srv_etc_root-$(date +"%Y_%m_%d-%H_%M_%S").tar.gz /etc /root

To disable option of removal/restoration of LXC, enable the Protection option. To allow users to make backups grant them the permission PVEDatastoreUser on the storage path and PVEVMUser on the VM path.

To limit the number of the saved backups created automatically, use the Max Backups option (Datacenter => Storage).

To use NAT within PVE, create a Linux bridge with the LAN IP, and to adjust the build-in firewall to work with the VMs/LXCs, add the directives to /etc/network/interfaces file:

post-up   iptables -t raw -I PREROUTING  -i fwbr+ -j CT --zone 1
post-down iptables -t raw -D PREROUTING  -i fwbr+ -j CT --zone 1

To config NAT and port forwarding with iptables use in /etc/network/interfaces the directives:

post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s '$LAN-IP-SUBNET' -o eno1 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '$LAN-IP-SUBNET' -o eno1 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i eno1 -p tcp -m multiport --dports $PORTS -j DNAT --to $DESTINATION-LAN-IP
post-down iptables -t nat -D PREROUTING -i eno1 -p tcp -m multiport --dports $PORTS -j D

To receive Let’s Encrypt SSL certificate for multiple servers reside behind NAT, set up port forwarding for port 80 to the relevant server during the validation process.

To config new storage go into Server => Storage and Datacenter => Storage.

As you probably have noticed- the word Proxmox has no meaning, it was chosen following a short catchy domain name that was available, in order to be on the safe side and not end up like the Japanese automobile manufacturer Nissan, which still struggling to achieve the nissan.com address.

Leave a Reply

Your email address will not be published. Required fields are marked *