Tag: proxmox

Quick note: FUSE inside Proxmox LXC container

on February 26, 2016 in Linux with no comments by

Proxmox’ LXC containers do not have the /dev/fuse device created automatically.  A quick way of doing that is by adding the following two lines to the container’s configuration on the host node (in /etc/pve/lxc/<$container_id>.conf):

lxc.autodev: 1
lxc.hook.autodev: sh -c "mknod -m 0666 ${LXC_ROOTFS_MOUNT}/dev/fuse c 10 229"

I’m using “sh -c” directly rather than a separate script, so that this configuration is migrated to other nodes in the cluster.

As a note, it should already be in the lxc.cgroup.devices.allow by default, so doesn’t need to be added again.

Caveat as mentioned by Fabian (Proxmox staff):

If you absolutely have to, I would suggest establishing the FUSE mount on the Proxmox host and then using a bindmountpoint (e.g. “mp0: /path/on/host,mp=/path/in/container”) to make it available in the container. If you establish the FUSE mounts inside the container, you will run into problems (lxc-freeze is not compatible with FUSE which means no snapshots and no suspend backup, you need to change all sorts of containment settings which lessens security, ..).

 

Poor Man’s Proxmox Cluster

on November 16, 2013 in Linux with 15 comments by
I had written this elsewhere before, but thought I would share it on my own site as well. The idea here is to create a Proxmox VE cluster with limited resources, in particular a lack of a private network / VLAN. We address this by creating a virtual private network using a lightweight VPN provider, namely Tinc.

You could use something else, like OpenVPN or IPSEC. The former is a bit on the heavy side for the task, whilst the latter may not have all the features we need. Specifically, Tinc allows us to create an auto-meshing network, packet switching and use multicast. Multicast will be needed to create a Proxmox VE cluster, whilst the virtual switching ensures packets will eventually be routed to the right server and VM.

read more →

Guide: Firewall and router with Proxmox – Extending its use

on March 20, 2010 in Linux with 13 comments by

Last year I wrote a guide on how to use Shorewall as a firewall and router for Proxmox. As a follow up I will answer a few questions I’ve received about that guide that can help you extend its use.

Proxy ARP

The most common question is in regards to proxy ARP. Enabling this option will allow you to assign a public IP directly to your guest VM, eliminating the need for port forwarding (DNAT) or having to worry about the MAC address.

As an example use for proxy ARP, it is helpful for those using a a SIP-based VoIP server since a STUN server is no longer required. read more →

Guide: Firewall and router with Proxmox

on August 31, 2009 in Linux with 48 comments by

Firewall and router with ProxmoxBy default Proxmox does not come with a firewall, which may leave it and your virtual servers exposed to the elements of the Internet.

An additional issue arises when a hosting provider blocks servers if unauthorized MAC addresses are detected. As Proxmox’s bridged network creates and exposes MAC addresses for its virtual network interfaces, this may cause your server to be blocked from the hosting provider’s network.

To combat both this article will describe how to create your own virtual network with firewall protection using Shorewall, a popular and effective firewall / router software package.

read more →

X server with sound inside an OpenVZ / Proxmox container

on August 24, 2009 in Linux with 3 comments by

Generally when using X-based applications inside an OpenVZ or Proxmox container, the host node will run the X server and the container will use X forwarding through SSH to run the application. An article at the Open VZ Wiki explains this in more detail.

However, I wanted to have an X server inside the container itself. Moreover, it should also have support for sound (ALSA). The reason behind this is to have a container capable of running FreeSWITCH (a high performance VoIP switch similar to Asterisk) with the Skypiax trunk (for Skype connectivity) fully independent.

There are various methods of implementing the X server inside an OpenVZ or Proxmox container, especially if no direct video output is required. However, there is very little information available on how to enable sound inside an OpenVZ or Proxmox container. This article will explain how to do this. read more →