Book Image

Mastering Proxmox - Second Edition

By : Wasim Ahmed
Book Image

Mastering Proxmox - Second Edition

By: Wasim Ahmed

Overview of this book

Proxmox is an open source server virtualization solution that has enterprise-class features to manage virtual machines, to be used for storage, and to virtualize both Linux and Windows application workloads. You begin with refresher on the advanced installation features and the Proxmox GUI to familiarize yourself with the Proxmox VE hypervisor. You then move on to explore Proxmox under the hood, focusing on the storage systems used with Proxmox. Moving on, you will learn to manage KVM Virtual Machines and Linux Containers and see how networking is handled in Proxmox. You will then learn how to protect a cluster or a VM with a firewall and explore the new HA features introduced in Proxmox VE 4 along with the brand new HA simulator. Next, you will dive deeper into the backup/restore strategy followed by learning how to properly update and upgrade a Proxmox node. Later, you will learn how to monitor a Proxmox cluster and all of its components using Zabbix. By the end of the book, you will become an expert at making Proxmox environments work in production environments with minimum downtime.

Related Content you might be interested in

Current Title:

Small book image
Mastering Proxmox - Second Edition
Wasim Ahmed
May, 2016 | 418 pages
No titles found
Table of Contents (21 chapters)
Mastering Proxmox - Second Edition
Mastering Proxmox - Second Edition
Credits
Credits
About the Author
About the Author
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Understanding Proxmox VE and Advanced Installation
Understanding Proxmox VE and Advanced Installation
Understanding Proxmox features
The basic installation of Proxmox
The advanced installation option
Debugging the Proxmox installation
Customizing the Proxmox splash screen
Summary
2
Exploring the Proxmox GUI
Exploring the Proxmox GUI
The GUI menu system
The Datacenter menu
Node menu
The KVM VM menu
The LXC Container menu
Pool menu
Cluster view mode
Summary
3
Proxmox under the Hood
Proxmox under the Hood
The Proxmox cluster filesystem
Proxmox directory structure
Dissecting the configuration files
Summary
4
Storage Systems
Storage Systems
Local storage versus shared storage
Local and shared storage comparison
A virtual disk image
Storage types in Proxmox
Noncommercial and commercial storage options
Summary
5
KVM Virtual Machines
KVM Virtual Machines
Exploring a KVM
Creating a KVM
Advanced configuration options for VM
Migrating a KVM
Nested virtual cluster
Summary
6
LXC Virtual Machines
LXC Virtual Machines
Exploring an LXC virtual machine
Understanding container templates
Creating an LXC container
Managing an LXC container
Migrating an LXC container
Accessing an LXC container
Unprivileged versus privileged containers
Converting OpenVZ to LXC
Summary
7
Network of Virtual Networks
Network of Virtual Networks
Exploring a virtual network
A physical network versus a virtual network
Networking components in Proxmox
Open vSwitch
Sample virtual networks
A multitenant virtual environment
Summary
8
The Proxmox Firewall
The Proxmox Firewall
Exploring the Proxmox VE firewall
Configuring the Datacenter-specific firewall
Configuring a host-specific firewall
Configuring a VM-specific firewall
Integrating a Suricata IDS/IPS
Summary
9
Proxmox High Availability
Proxmox High Availability
Understanding High Availability
Requirements for HA setup
Configuring Proxmox HA
Testing Proxmox HA configuration
The Proxmox HA simulator
Summary
10
Backup/Restore VMs
Backup/Restore VMs
Proxmox backup options
Configuring backup storage
Configuring full backup
Creating a manual backup
Creating snapshots
Restoring a VM
Backup/restore through the CLI
Back up a configuration file
Summary
11
Updating and Upgrading Proxmox
Updating and Upgrading Proxmox
Introducing Proxmox update
Updating Proxmox through the GUI
Updating Proxmox through the CLI
Recovering from the grub2 update issue
Updating after a subscription change
Rebooting dilemma after Proxmox updates
Summary
12
Monitoring a Proxmox Cluster
Monitoring a Proxmox Cluster
An introduction to monitoring
Proxmox built-in monitoring
Zabbix as a monitoring solution
Installing Zabbix
Configuring Zabbix
Configuring SNMP in Proxmox
Adding an SNMP device in Zabbix
Monitoring the Ceph cluster with the Ceph dashboard
Summary
13
Proxmox Production-Level Setup
Proxmox Production-Level Setup
Defining production level
Sizing CPU and memory
Production Ceph cluster
Liquid cooling
Real-world Proxmox scenarios
Summary
14
Proxmox Troubleshooting
Proxmox Troubleshooting
Proxmox node issues
Main cluster issues
Storage issues
Network connectivity issues
KVM virtual machine issues
LXC container issues
Backup/restore issues
VNC/SPICE console issues
Firewall issues
Summary
Index
Index

Unprivileged versus privileged containers

Unprivileged containers are when the container is created and run as a user as opposed to the root. This is the safest way to use a container, because if the container security gets compromised and the intruder breaks out of the container, they will find themselves as a nobody user with extremely limited privileges. Unprivileged containers do not need to be owned by the user since they are run in user namespaces. This is a kernel feature that allows the mapping of a UID of a physical host into a namespace inside where a user with a UID 0 can exist. Unprivileged containers can also be run as root. By assigning a specific UID and GID to root, we can create unprivileged containers throughout the system and run them as root.

Privileged containers are when they are created and run by the root user only. These containers are not secure because all the processes are still run as root. All containers created through the Proxmox GUI or pct tools are privileged...

Previous Section
End of Section 8
Next Section