Installing Proxmox VE on Debian Stretch using Ansible
Being a big fan of this virtualization system, I decided to share a slightly different way of installation.
In short, Proxmox is a KVM virtualization system that still manages to manage LXC containers. There is also the possibility of clustering (for the non-commercial version, the limit is about 8 nodes). Able to work with Ceph, ZFS. If in detail, I advise you to read the wiki or watch YouTube .
The fact is that ProxmoxVE can be installed using an image that is provided for download, but then you are unlikely to have access to options for breaking up using a soft-raid for Linux and other perversions (if something is not critical in terms of performance, why not?). Special thanks to comrade @merlin_vrn for getting to know Proxmox, and Alex Filimonov for helping out with Ansible.
')
There is an option when you yourself install Debian of the current version exactly the way you want, and then install ProxmoxVE as an add-on that replaces the kernel, linux-firmware, lvm, installs its repository and already partly stops being Debian. In this case, you have much more space for freedom (for example, I recently installed a Debian network through liveusb Archlinux using debootstrap).
The installation procedure for Proxmox is described on the wiki .
Another plus of Proxmox is that after installation you will receive excellent, and most importantly, relevant documentation on the same web server as the controller itself. Documentation available by reference.
At first, I thought of writing an article using Preseed, which would be used for the initial installation of Debian, but on reflection, I realized that the installation options can be huge and install Debian as much as possible. So, we assume that Debian Stretch itself (stable at the moment) is already installed, the network is configured with statics, sshd is working and you have already passed the key through ssh-copy-id. Also, imagine that you already have some experience with Ansible.
In Ansible there is an ansible-galaxy in which it is enough just to find ready-made roles for your needs, or just to read how and what other people write. In Ansible-galaxy, you can log in via github-account and then already fumble certain repositories. Read more about how to do this here .
I created the role and fumbled it in an ansible-galaxy. Now we can easily install it using the command:
Accordingly, we can now use this role:
Create a hosts file for Ansible, which will be our inventory:
Now we can run:
Result:
If briefly, the playbook does the same thing as described in the wiki, but does not put openiscsi (it writes a lot of errors if it is not configured). + configures the network using bridge-utils (enough to start, you can easily override on openvswitch, if necessary). Standard kernels are also deleted and the server is rebuilt.
From the interesting, I was a little stunned by how to remove the old kernels and reboot the server, but after searching the dpkg and Ansible documentation I found a way out:
There is nothing criminal about deleting the current kernel (although a warning will be issued if you do it locally), since Proxmox provides its core and replaces quite a few standard programs with programs from its repository.
Somewhere in the middle of the playbook, the target host will reboot, Ansible will wait (wait 2400 seconds, check every 10 availability) when the node is alive again, and then configure journald and chrony. Next, install a couple of utilities and that's it, you will have to wait for the finished Proxmox.
In short, Proxmox is a KVM virtualization system that still manages to manage LXC containers. There is also the possibility of clustering (for the non-commercial version, the limit is about 8 nodes). Able to work with Ceph, ZFS. If in detail, I advise you to read the wiki or watch YouTube .
Installation options
The fact is that ProxmoxVE can be installed using an image that is provided for download, but then you are unlikely to have access to options for breaking up using a soft-raid for Linux and other perversions (if something is not critical in terms of performance, why not?). Special thanks to comrade @merlin_vrn for getting to know Proxmox, and Alex Filimonov for helping out with Ansible.
')
There is an option when you yourself install Debian of the current version exactly the way you want, and then install ProxmoxVE as an add-on that replaces the kernel, linux-firmware, lvm, installs its repository and already partly stops being Debian. In this case, you have much more space for freedom (for example, I recently installed a Debian network through liveusb Archlinux using debootstrap).
The installation procedure for Proxmox is described on the wiki .
Another plus of Proxmox is that after installation you will receive excellent, and most importantly, relevant documentation on the same web server as the controller itself. Documentation available by reference.
https://ip_or_domain/pve-docs/pve-admin-guide.html At first, I thought of writing an article using Preseed, which would be used for the initial installation of Debian, but on reflection, I realized that the installation options can be huge and install Debian as much as possible. So, we assume that Debian Stretch itself (stable at the moment) is already installed, the network is configured with statics, sshd is working and you have already passed the key through ssh-copy-id. Also, imagine that you already have some experience with Ansible.
Using Ansible
In Ansible there is an ansible-galaxy in which it is enough just to find ready-made roles for your needs, or just to read how and what other people write. In Ansible-galaxy, you can log in via github-account and then already fumble certain repositories. Read more about how to do this here .
I created the role and fumbled it in an ansible-galaxy. Now we can easily install it using the command:
ansible-galaxy install tenhishadow.pve_on_debian Accordingly, we can now use this role:
# ls -l /etc/ansible/roles/tenhishadow.pve_on_debian/ 68 drwxr-xr-x. 2 root root 4096 16 22:46 defaults drwxr-xr-x. 2 root root 4096 16 22:46 handlers -rw-rw-r--. 1 root root 35147 16 22:45 LICENSE drwxr-xr-x. 2 root root 4096 16 22:46 meta -rw-rw-r--. 1 root root 1916 16 22:45 README.md drwxr-xr-x. 2 root root 4096 16 22:46 tasks drwxr-xr-x. 2 root root 4096 16 22:46 templates drwxr-xr-x. 2 root root 4096 16 22:46 tests drwxr-xr-x. 2 root root 4096 16 22:46 vars Create a hosts file for Ansible, which will be our inventory:
[proxmox_target] 192.168.102.51 Now we can run:
# ansible-playbook -i hosts testplaybook.yml Result:
PLAY [proxmox_target] * TASK [Gathering Facts] * ok: [192.168.102.51] TASK [tenhishadow.pve_on_debian : set hostname for the system] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : modify /etc/hosts] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : check standart repos] * changed: [192.168.102.51] => (item=deb http://security.debian.org/ stretch/updates main contrib non-free) changed: [192.168.102.51] => (item=deb-src http://security.debian.org/ stretch/updates main contrib non-free) changed: [192.168.102.51] => (item=deb http://mirror.yandex.ru/debian/ stretch main contrib non-free) changed: [192.168.102.51] => (item=deb-src http://mirror.yandex.ru/debian/ stretch main contrib non-free) changed: [192.168.102.51] => (item=deb http://mirror.yandex.ru/debian/ stretch-updates main contrib non-free) changed: [192.168.102.51] => (item=deb-src http://mirror.yandex.ru/debian/ stretch-updates main contrib non-free) TASK [tenhishadow.pve_on_debian : add pve repository key] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : add pve-no-subscription repo] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : update system] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : install proxmox packages] * changed: [192.168.102.51] => (item=[u'proxmox-ve', u'postfix', u'bridge-utils']) TASK [tenhishadow.pve_on_debian : remove os prober to prevent injuring VMs] * changed: [192.168.102.51] => (item=[u'os-prober']) TASK [tenhishadow.pve_on_debian : search for standard kernels] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : remove standart kernels] * changed: [192.168.102.51] => (item=[u'linux-image-4.9.0-4-amd64', u'linux-image-amd64']) TASK [tenhishadow.pve_on_debian : configure network from template] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : rebooting the server] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : waiting for server to come back] * k: [192.168.102.51 -> localhost] TASK [tenhishadow.pve_on_debian : remove enterprise repo] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : install several packages] * changed: [192.168.102.51] => (item=chrony) changed: [192.168.102.51] => (item=htop) ok: [192.168.102.51] => (item=telnet) changed: [192.168.102.51] => (item=nmap) changed: [192.168.102.51] => (item=screen) changed: [192.168.102.51] => (item=tcpdump) changed: [192.168.102.51] => (item=iptraf) changed: [192.168.102.51] => (item=sudo) ok: [192.168.102.51] => (item=bridge-utils) TASK [tenhishadow.pve_on_debian : set timezone] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : generate locales] * ok: [192.168.102.51] => (item=en_US.UTF-8) changed: [192.168.102.51] => (item=ru_RU.UTF-8) TASK [tenhishadow.pve_on_debian : configure chrony] * changed: [192.168.102.51] TASK [tenhishadow.pve_on_debian : start and enable chrony] * ok: [192.168.102.51] TASK [tenhishadow.pve_on_debian : configure journald] * changed: [192.168.102.51] RUNNING HANDLER [tenhishadow.pve_on_debian : restart networking] * changed: [192.168.102.51] RUNNING HANDLER [tenhishadow.pve_on_debian : restart chrony] * changed: [192.168.102.51] RUNNING HANDLER [tenhishadow.pve_on_debian : restart journald] * changed: [192.168.102.51] PLAY RECAP * 192.168.102.51 : ok=24 changed=21 unreachable=0 failed=0 If briefly, the playbook does the same thing as described in the wiki, but does not put openiscsi (it writes a lot of errors if it is not configured). + configures the network using bridge-utils (enough to start, you can easily override on openvswitch, if necessary). Standard kernels are also deleted and the server is rebuilt.
From the interesting, I was a little stunned by how to remove the old kernels and reboot the server, but after searching the dpkg and Ansible documentation I found a way out:
- name: search for standard kernels shell: "$( which dpkg ) --get-selections linux-image* | $( which grep ) -i install | $(which awk) '{print $1}'" args: executable: /bin/bash register: standart_kernels_installed - name: remove standart kernels apt: name: "{{ item }}" state: absent with_items: "{{ standart_kernels_installed.stdout_lines|default([]) }}" - name: rebooting the server shell: nohup bash -c "sleep 2s && reboot" & async: 0 poll: 0 ignore_errors: yes register: reboot tags: reboot - name: waiting for server to come back local_action: wait_for host={{ proxmox_ip }} state=started when: reboot.changed async: 2400 poll: 10 tags: reboot There is nothing criminal about deleting the current kernel (although a warning will be issued if you do it locally), since Proxmox provides its core and replaces quite a few standard programs with programs from its repository.
Somewhere in the middle of the playbook, the target host will reboot, Ansible will wait (wait 2400 seconds, check every 10 availability) when the node is alive again, and then configure journald and chrony. Next, install a couple of utilities and that's it, you will have to wait for the finished Proxmox.
Source: https://habr.com/ru/post/342310/
All Articles