Proxmox 5 Manual Install

  • base netinst install of stretch - deselect everything from tasksel
    • hostname testserver – domain mcp.lcl
    • root filesystem for dual 120 GB SSD's
      • partition 1 of 110 GB (or 100 GB): physical volume for RAID
      • partition 2 (remaining 10 GB or 20 GB): physical (not logical) partition - swap
      • RAID 1 → ext4, noatime and discard, mount at /
    • opt out of popcon, deselect everything from tasksel
  • > /etc/motd
  • apt-get --no-install-recommends install aptitude
  • aptitude install ssh (this will pull in dbus, tcpd, and xauth, but that's okay)
  • aptitude install net-tools man-db less fbset screen rsync psmisc file patch ethtool strace tcpdump vim bzip2 xz-utils
  • aptitude --without-recommends install dnsutils
  • adduser tdobes adm
  • adduser tdobes systemd-journal
  • aptitude install dbus # this is pulled in by ssh, but leave it here just-in-case
  • sed -i -e 's/^deb.* main$/& contrib non-free/g' /etc/apt/sources.list
  • aptitude update && aptitude forget-new
  • aptitude install firmware-misc-nonfree # for servers with tg3 NIC's
  • aptitude install firmware-qlogic # for servers with qlogic FC cards
  • aptitude install intel-microcode
  • echo 'options ixgbe allow_unsupported_sfp=1' > /etc/modprobe.d/ixgbe_allow_all_sfp.conf && modprobe -r ixgbe ; modprobe ixgbe # for servers with ixgbe cards using fiber sfp's
  • # systemd-timesyncd does this now: <code> aptitude –without-recommends install ntp echo '[Unit]' > /etc/systemd/system/ntp.service echo 'Description=Network Time Protocol daemon' » /etc/systemd/system/ntp.service echo 'After=network.target' » /etc/systemd/system/ntp.service echo » /etc/systemd/system/ntp.service echo '[Service]' » /etc/systemd/system/ntp.service echo 'ExecStart=/usr/sbin/ntpd -n -g -u ntp:ntp' » /etc/systemd/system/ntp.service echo » /etc/systemd/system/ntp.service echo '[Install]' » /etc/systemd/system/ntp.service echo 'WantedBy=multi-user.target' » /etc/systemd/system/ntp.service systemctl enable ntp.service </code>
  • mkdir -p /etc/systemd/system/ssh.socket.d
    echo '[Socket]' > /etc/systemd/system/ssh.socket.d/port-2222.conf
    echo 'ListenStream=2222' >> /etc/systemd/system/ssh.socket.d/port-2222.conf
    systemctl disable ssh.service && systemctl enable ssh.socket
  • mkdir -p /etc/systemd/system/getty\@tty1.service.d
    echo '[Service]' > /etc/systemd/system/getty\@tty1.service.d/noclear.conf
    echo 'TTYVTDisallocate=no' >> /etc/systemd/system/getty\@tty1.service.d/noclear.conf
  • aptitude purge acpid acpi-support-base # systemd-logind takes care of this - no longer needed in squeeze
  • # this is actually included in the proxmox-distributed file now: sed -i -e 's/^GRUB_CMDLINE_LINUX_DEFAULT="quiet"$/GRUB_CMDLINE_LINUX_DEFAULT="quiet panic=5"/g' /etc/default/grub && update-grub
  • <code> systemctl mask keyboard-setup.service systemctl mask console-setup.service systemctl mask rc-local.service </code>
  • aptitude --without-recommends install irqbalance
  • aptitude --without-recommends install lvm2 mdadm # when asked about arrays to start at boot, enter root filesystem or leave blank for none
  • if not using openvswitch: aptitude --without-recommends install bridge-utils ifenslave # vlan (now conflicts with pve-manager)
  • aptitude --without-recommends install nut sshfs
  • aptitude install lsof memtest86+ parted time sysstat
  • aptitude --without-recommends install cifs-utils nfs-common
  • aptitude install unattended-upgrades
  • dpkg-reconfigure -plow unattended-upgrades # select “Yes”, and select default at origin screen
  • sed -i -e 's|//Unattended-Upgrade::Remove-Unused-Dependencies "false";|Unattended-Upgrade::Remove-Unused-Dependencies "true";|g' /etc/apt/apt.conf.d/50unattended-upgrades
  • #echo '# PVE testing packages provided by proxmox.com' > /etc/apt/sources.list.d/pvetest.list
    #echo deb http://download.proxmox.com/debian stretch pvetest >> /etc/apt/sources.list.d/pvetest.list
    echo '# PVE pve-no-subscription repository provided by proxmox.com, NOT recommended for production use' > /etc/apt/sources.list.d/pve-no-subscription.list
    echo deb http://download.proxmox.com/debian stretch pve-no-subscription >> /etc/apt/sources.list.d/pve-no-subscription.list
    wget -O- "http://download.proxmox.com/debian/proxmox-ve-release-5.x.gpg" | apt-key add -
    aptitude update && aptitude full-upgrade
  • if using openvswitch: aptitude install openvswitch-switch
  • openvswitch docs:
  • setting up openvswitch for three-port bond:
    echo >> /etc/network/interfaces
    echo 'allow-hotplug enp2s0' >> /etc/network/interfaces
    echo 'iface enp2s0 inet manual' >> /etc/network/interfaces
    echo $'\tpre-up ifconfig $IFACE mtu 9000' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo 'allow-hotplug enp3s0' >> /etc/network/interfaces
    echo 'iface enp3s0 inet manual' >> /etc/network/interfaces
    echo $'\tpre-up ifconfig $IFACE mtu 9000' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo 'allow-hotplug enp4s0' >> /etc/network/interfaces
    echo 'iface enp4s0 inet manual' >> /etc/network/interfaces
    echo $'\tpre-up ifconfig $IFACE mtu 9000' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo 'auto vmbr0' >> /etc/network/interfaces
    echo 'allow-ovs vmbr0' >> /etc/network/interfaces
    echo 'iface vmbr0 inet manual' >> /etc/network/interfaces
    echo $'\tovs_type OVSBridge' >> /etc/network/interfaces
    echo $'\tovs_ports bond0' >> /etc/network/interfaces
    echo $'\tmtu 9000' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo 'allow-vmbr0 bond0' >> /etc/network/interfaces
    echo 'iface bond0 inet manual' >> /etc/network/interfaces
    echo $'\tovs_bridge vmbr0' >> /etc/network/interfaces
    echo $'\tovs_type OVSBond' >> /etc/network/interfaces
    echo $'\tovs_bonds enp2s0 enp3s0 enp4s0' >> /etc/network/interfaces
    echo $'\tovs_options bond_mode=balance-tcp lacp=active other_config:lacp-time=fast' >> /etc/network/interfaces
    echo $'\tmtu 9000' >> /etc/network/interfaces
  • grub-install /dev/sda
  • grub-install /dev/sdb
  • # Set up NFS links to SAN's:
    echo >> /etc/fstab
    echo $'192.168.68.91:/vol/vol1\t/mnt/san1-vol1\tnfs\t_netdev,auto,hard,proto=udp\t0\t0' >> /etc/fstab
    echo $'192.168.68.91:/vol/vol2\t/mnt/san1-vol2\tnfs\t_netdev,auto,hard,proto=udp\t0\t0' >> /etc/fstab
    echo $'192.168.68.92:/vol/vol1\t/mnt/san2-vol1\tnfs\t_netdev,auto,hard,proto=udp\t0\t0' >> /etc/fstab
    mkdir -p /mnt/san1-vol1 /mnt/san1-vol2 /mnt/san2-vol1
    mount /mnt/san1-vol1 /mnt/san1-vol2 /mnt/san2-vol1
  • set up appropriate /etc/hosts and /etc/network/interfaces – for MCP:
    sed -i -e 's/^127.0.1.1.*$/# &\n192.168.24.241\tcastor.mcp.lcl\tcastor\n192.168.24.242\tpollux.mcp.lcl\tpollux\n192.168.24.243\taltair.mcp.lcl\taltair\n192.168.24.244\tdeneb.mcp.lcl\tdeneb\n192.168.24.245\tvega.mcp.lcl\tvega\n192.168.24.240\ttestserver.mcp.lcl\ttestserver\tpvelocalhost/g' /etc/hosts
    
    echo >> /etc/network/interfaces
    echo '# PCIe' >> /etc/network/interfaces
    echo 'allow-hotplug eth2' >> /etc/network/interfaces
    echo 'iface eth2 inet manual' >> /etc/network/interfaces
    echo $'\tpre-up ifconfig $IFACE mtu 7200' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo '# server-to-server network' >> /etc/network/interfaces
    echo 'auto vmbr0' >> /etc/network/interfaces
    echo 'iface vmbr0 inet static' >> /etc/network/interfaces
    echo $'\taddress 192.168.24.240' >> /etc/network/interfaces
    echo $'\tnetmask 255.255.255.0' >> /etc/network/interfaces
    echo $'\tbridge_ports eth2' >> /etc/network/interfaces
    echo $'\tbridge_stp off' >> /etc/network/interfaces
    echo $'\tbridge_fd 0' >> /etc/network/interfaces
    echo $'\tmtu 7200' >> /etc/network/interfaces
    
    ifup eth2 && ifup vmbr0
  • set up appropriate /etc/hosts and /etc/network/interfaces – for PUC:
    sed -i -e 's/^127.0.1.1.*$/# &\n192.168.68.11\tvm01-ces.ces.pnw.edu\tvm01-ces\tpvelocalhost\n192.168.68.12\tvm02-ces.ces.pnw.edu\tvm02-ces/g' /etc/hosts
    
    # onboard interfaces on eno1-eno4
    # PCIe interfaces on ens1f0-ens1f3
    
    echo >> /etc/network/interfaces
    echo '# Onboard 2' >> /etc/network/interfaces
    echo 'allow-hotplug eno2' >> /etc/network/interfaces
    echo 'iface eno2 inet manual' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo '# Onboard 3' >> /etc/network/interfaces
    echo 'allow-hotplug eno3' >> /etc/network/interfaces
    echo 'iface eno3 inet manual' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo '# Onboard 4' >> /etc/network/interfaces
    echo 'allow-hotplug eno4' >> /etc/network/interfaces
    echo 'iface eno4 inet manual' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo '# Aggregate of onboard interfaces' >> /etc/network/interfaces
    echo 'auto bond0' >> /etc/network/interfaces
    echo 'iface bond0 inet manual' >> /etc/network/interfaces
    echo $'\tslaves eno2 eno3 eno4' >> /etc/network/interfaces
    echo $'\tbond-mode 4' >> /etc/network/interfaces
    echo $'\tpre-up ifconfig $IFACE mtu 9000' >> /etc/network/interfaces
    echo >> /etc/network/interfaces
    echo 'auto vmbr0' >> /etc/network/interfaces
    echo 'iface vmbr0 inet static' >> /etc/network/interfaces
    echo $'\taddress 192.168.68.11' >> /etc/network/interfaces
    echo $'\tnetmask 255.255.255.0' >> /etc/network/interfaces
    echo $'\tbridge_ports bond0' >> /etc/network/interfaces
    echo $'\tbridge_stp off' >> /etc/network/interfaces
    echo $'\tbridge_fd 0' >> /etc/network/interfaces
    echo $'\tmtu 9000' >> /etc/network/interfaces
    
    ifup bond0 && ifup vmbr0
  • copy main.cf to /etc/postfix/ :
    mkdir -p /etc/postfix
    echo '# See /usr/share/postfix/main.cf.dist for a commented, more complete version' > /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
    echo 'smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)' >> /etc/postfix/main.cf
    echo 'biff = no' >> /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
    echo "# appending .domain is the MUA's job." >> /etc/postfix/main.cf
    echo 'append_dot_mydomain = no' >> /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
    echo '# Uncomment the next line to generate "delayed mail" warnings' >> /etc/postfix/main.cf
    echo '#delay_warning_time = 4h' >> /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
    echo 'alias_maps = hash:/etc/aliases' >> /etc/postfix/main.cf
    echo 'alias_database = hash:/etc/aliases' >> /etc/postfix/main.cf
    echo 'mydestination = $myhostname, localhost.$mydomain, localhost' >> /etc/postfix/main.cf
    echo 'relayhost = ' >> /etc/postfix/main.cf
    echo 'mynetworks = 127.0.0.0/8' >> /etc/postfix/main.cf
    echo 'inet_interfaces = loopback-only' >> /etc/postfix/main.cf
    echo 'recipient_delimiter = +' >> /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
    echo >> /etc/postfix/main.cf
  • aptitude install postfix proxmox-ve # side note: this will force removal of vlan and firmware. select “no configuration” for postfix
  • aptitude install bootlogd omping open-iscsi
  • aptitude install bsd-mailx
  • aptitude forget-new
  • sed 's/^deb/# deb/g' -i /etc/apt/sources.list.d/pve-enterprise.list
  • aptitude unmarkauto linux-base irqbalance && aptitude purge linux-image-amd64 linux-image-4.9.0-3-amd64
  • aptitude install ksm-control-daemon # only on systems not running ZFS, as this harms ZFS performance
  • aptitude install nfs-kernel-server # as needed
    • systemctl enable rpc-statd.service && systemctl start rpc-statd.service # not sure why, but this doesn't appear to autostart with nfs-common anymore. odd. (locking is broken without it)
  • # remove subscription nag popup
    # see http://www.howdididothat.info/2015/11/08/proxmox-4-pve-no-subscription/ and http://forsmans.art/2017/11/16/remove-subscription-notification-from-proxmox-ve-5/
    # old location: sed -i.bak "s/data.status !== 'Active'/false/g" /usr/share/pve-manager/ext6/pvemanagerlib.js
    # old location: sed -i.bak "s/data.status !== 'Active'/false/g" /usr/share/pve-manager/js/pvemanagerlib.js
    sed -i.bak "s/data.status !== 'Active'/false/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js
  • OPTIONAL: aptitude install zfsutils
  • OPTIONAL: aptitude install nload iperf3 # for network performance testing
  • OPTIONAL: aptitude install fio # for filesystem/storage performance testing (e.g. fio --filename=test1 --direct=1 --rw=randrw --size=1G --numjobs=200 --runtime=60 --group_reporting --name=test1 ; rm test1)
computer/proxmox_5_manual_install.txt · Last modified: 2019/03/31 20:55 by tdobes
Recent changes RSS feed Driven by DokuWiki Valid XHTML 1.0 Valid CSS