Book Image

Mastering Proxmox - Third Edition

By : Ahmed
4 (1)
Book Image

Mastering Proxmox - Third Edition

4 (1)
By: Ahmed

Overview of this book

Proxmox is an open source server virtualization solution that has enterprise-class features for managing virtual machines, for storage, and to virtualize both Linux and Windows application workloads. You'll begin with a refresher on the advanced installation features and the Proxmox GUI to familiarize yourself with the Proxmox VE hypervisor. Then, you'll move on to explore Proxmox under the hood, focusing on storage systems, such as Ceph, used with Proxmox. Moving on, you'll learn to manage KVM virtual machines, deploy Linux containers fast, and see how networking is handled in Proxmox. You'll also learn how to protect a cluster or a VM with a firewall and explore the new high availability features introduced in Proxmox VE 5.0. Next, you'll dive deeper into the backup/restore strategy and see how to properly update and upgrade a Proxmox node. Later, you'll learn how to monitor a Proxmox cluster and all of its components using Zabbix. Finally, you'll discover how to recover Promox from disaster strikes through some real-world examples. By the end of the book, you'll be an expert at making Proxmox work in production environments with minimal downtime.
Table of Contents (17 chapters)

Configuring a host-specific firewall


Any rules created in the host zone only apply to the node where the rule itself was created and the VMs in that host node. Rules for one node do not get replicated to the other nodes, although the rule files are stored in the Proxmox cluster filesystem. There are no options to create IPSet or security groups in the host-specific firewall option. We can only create firewall rules. 

Creating host firewall rules

Creating new rules for the host zone is identical to the rule creation process that we have already discussed in the Configuring the data center-specific firewall section earlier in this chapter. Besides creating rules from scratch, we can also assign predefined rules in the form of a security group to a node. We cannot create a new security group under the host Firewall menu, but we can assign it some predefined rules. For example, earlier in this chapter, we created a security group named webserver. If a Proxmox node is only going to host VMs used...