how to setup Proxmox VE 2.x on Hetzner EX4 server
In this article I document how I installed Proxmox VE on Hetzners root server. Proxmox Virtualisation Environment is an free, open source virtualization platform, supporting OpenVZ and KVM, high availablity clusters, storage and networking model, web interface for management, and has a fine graded user authentication system.
I used an EX4 root server, and one additonal public IP. I wanted to have KVM virtualisation, for hosting my Drupal based sites.
Debian install
As a first step, I install Debian Squeeze, 64 bit minimal. Before, I ordered my EX4 server at Hetzner, it was few hours and I had the IP address and root password. So, login to Heztner Robot, activate the rescue system, write down the temporary root password (!), and reboot. Than login again via SSH, now as root, with the temporary password, and start the installimage script. Select Debian 6.0 64 bit minimal in Linux, in the config file change the hostname, and configure the partitions. I'm using 500 MB for the /boot, and the 2x1 TB is divided into 3 volume groups. As logical volumes, I setup 32G for swap, 100 G for /root and /home each, and the rest for the /var. Save the config file, and wait for the partioner. Or correct the syntax errors :)
When finished, login again via SSH with temporary root password. Now there is a minimal Debian server up and running. The software raid is synchronizing now the disks, so no perfomance test right now. Instead, change the temporary root password with passwd to something more private one!
First config on the hosts
To get rid of some warnings, reconfigure system locales with dpkg-reconfigure locales. Select the local language, as a second language, next to the English, but set English for the system language. Als timezone should be checked with dpkg-reconfigure tzdata.
Than add the first user with sudo rights, and reconfigure the SSH configs, to get basic security in place. But be careful with these steps, you can lock out yourself, and have to go back to the very first steps!
Install sudo to allow normal users to execute root commands:apt-get install sudo
Then add a personal user:adduser wepoca
adduser wepoca sudo
I used to copy my public key to the server, with these commands on my client PC.
ssh-copy-id root@wepoca.netssh-copy-id wepoca@wepoca.netIf you do not have an SSH key, generate one on your PC! Now test the SSH login and make sure it works because we're going to disable any other login method. Make sure your user can use sudo too.
When this works disable root login through SSH and disable login with normal passwords:
Change as follows in /etc/ssh/sshd_config:
PermitRootLogin noPasswordAuthentication noor permit only key authentication for root login, not via password
PermitRootLogin without-passwordThan restart the SSH demon:
/etc/init.d/ssh restartNow we are going to setup some new directories for Proxmox storage and backup. Become root via sudo, and:
mkdir -p /data/Pick up one empty volume group, and check the exact number of the free PE extents via:
vgdisplay vg3Replace vg3 with your choice! Once we have it, create the logical volume, and format it:
lvcreate -l <free PE extent> vg3 -n datamkfs.ext4 /dev/vg3/data -L dataAdd to the /etc/fstab this line, re-mount, and check the result:
/dev/vg3/data /data ext4 defaults 0 0mount -adf -hIf everything is fine, create the two directories, we'll need them later in Proxmox admin interface:
mkdir -p /data/iso/template/isomkdir -p /data/backupProxmox VE 2.x install
First, become root via sudo su.
Add to /etc/apt/sources.list the following lines:
############################################################################ PVE packages provided by proxmox.comdeb http://download.proxmox.com/debian squeeze pveAdd the Proxmox VE repository key:
wget -O- "http://download.proxmox.com/debian/key.asc" | apt-key add -Update your repository and system by running:
aptitude updateaptitude full-upgradeAnd now install Proxmox VE Kernel. The exact kernel might differ in the future, as of the time being it is as follows, but always check it at Proxmox:
aptitude install pve-kernel-2.6.32-12-pveThan reboot, become root, and make sure Proxmox VE Kernel is seleted on boot.
uname -aThe result should be something like:
Linux wepoca 2.6.32-12-pve #1 SMP Tue May 15 06:02:20 CEST 2012 x86_64 GNU/LinuxNow install the Proxmox VE packages:
aptitude install proxmox-ve-2.6.32There will be two decisions during the install, accept defaults, but read what you are doing!
1. The following packages have unmet dependencies:pve-firmware: Conflicts: firmware-linux-nonfree but 0.28+squeeze1 is installed. Conflicts: firmware-realtek but 0.28+squeeze1 is installed.The following actions will resolve these dependencies: Remove the following packages:1) firmware-linux-nonfree 2) firmware-realtek Accept this solution? [Y/n/q/?]2. Listening address for citadel server
a. 0.0.0.0 (default) b. internal authentication (Citadel will use its own internal user accounts database)
Configure pve-redirect for apache2:
a2ensite pve-redirect.confAnd restart apache:
/etc/init.d/apache2 restartInstall the rest of needed packages:
aptitude install ntp ssh lvm2 postfix ksm-control-daemon vzprocps mtr-tiny mcOne decision (accept defaults, but read it!)
The following NEW packages will be installed: ksm-control-daemon postfix{b} ssh vzprocps 0 packages upgraded, 4 newly installed, 0 to remove and 0 not upgraded.Need to get 1526 kB of archives. After unpacking 3883 kB will be used.The following packages have unmet dependencies: postfix: Conflicts: mail-transport-agent which is a virtual package. citadel-mta: Conflicts: mail-transport-agent which is a virtual package.The following actions will resolve these dependencies: Remove the following packages:1) citadel-mta Accept this solution? [Y/n/q/?] Accept the suggestion to remove Exim and configure postfix according to your network as an “Internet site”
host: wepoca.net
Now check the resulting setup with
pveversion -vpve-manager: 2.1-1 (pve-manager/2.1/f9b0f63a)running kernel: 2.6.32-12-pveproxmox-ve-2.6.32: 2.1-68pve-kernel-2.6.32-12-pve: 2.6.32-68lvm2: 2.02.95-1pve2clvm: 2.02.95-1pve2corosync-pve: 1.4.3-1openais-pve: 1.1.4-2libqb: 0.10.1-2redhat-cluster-pve: 3.1.8-3resource-agents-pve: 3.9.2-3fence-agents-pve: 3.1.7-2pve-cluster: 1.0-26qemu-server: 2.0-39pve-firmware: 1.0-16libpve-common-perl: 1.0-27libpve-access-control: 1.0-21libpve-storage-perl: 2.0-18vncterm: 1.0-2vzctl: 3.0.30-2pve5vzprocps: 2.0.11-2vzquota: 3.0.12-3pve-qemu-kvm: 1.0-9ksm-control-daemon: 1.1-1Create user for Proxmox web interface
Login to the host, become root. First create the admin group, with all (!) admin rights to PVE
pveum groupadd admin -comment "System Administrators"pveum aclmod / -group admin -role AdministratorNext, create the user (same as the first user - after root - in Debian), and add it to the admin group
pveum useradd wepoca@pam -comment 'Wepoca'
optionally change password or leave the same as the linux user:pveum passwd wepoca@pam
Finally, add user to the admin group:pveum usermod wepoca@pam -group admin
then log in as wepoca@pam to the Proxmox web interface, using the IP of your EX4 host from Hetzner https://<your-IP>:8006/
As a first config over the web, you can set the keyboard locale at Datacenter --> Options --> keyboard, according to your client.
Set also the storage for Proxmox over Datacenter --> Storage, as defined above, for ISO and for backup files. Do not forget to add the Proxmox user (wepoca in this excersice) in Datacenter --> Users.
But do not touch the network setup now, we'll do it over terminal! So now we have now an up-and-running Proxmox VE at Hetzner datacenter. In order to get the KVM functioning, we sill have to setup networking, as well as to deal with more advanced security, like firewall. I'll continue with this in next article.
- Log in to post comments
Comments
mahdi (not verified)
2012, December 28 - 18:25
Permalink
mahdiat2000@yahoo.com
tnx!