Install Proxmox VE on a Debian Stretch using Ansible

  • Tutorial
Being a big fan of this virtualization system, I decided to share a slightly different installation method.

In short, Proxmox is a KVM virtualization system that can still handle LXC containers. There is also the possibility of clustering (for the non-commercial version, the limit is about 8 nodes). Able to work with Ceph, ZFS. If in detail, I advise you to read the wiki or watch YouTube .

Installation options


The fact is that ProxmoxVE can be installed using the image that is provided for download, but then you will hardly be able to use breakdown options using soft-raid for Linux and other perversions (if something is non-critical in performance - why not?). Special thanks to comrade @merlin_vrn for getting to know Proxmox, and Alex Filimonov for helping with Ansible.

There is an option when you install Debian of the current version exactly as you want, and then install ProxmoxVE as a kind of add-in that replaces the kernel, linux-firmware, lvm, installs your repository and partially ceases to be Debian. In this case, you have much more space for freedom (for example, I recently installed on the Debian network via liveusb Archlinux using debootstrap).

The installation procedure for Proxmox is described on the wiki .

Another plus of Proxmox is that after installation you will receive excellent, and most importantly, up-to-date documentation on the same web server as the control itself. Link documentation available

https://ip_or_domain/pve-docs/pve-admin-guide.html

At first I thought of writing an article using Preseed that would be used for the initial installation of Debian, but after thinking it over I realized that there could be a huge amount of installation options and everyone could afford to install Debian. So, we believe that you have already installed Debian Stretch (stable at the moment), the network is statically configured, sshd is working, and you already sent the key through ssh-copy-id. Also, suppose you already have some experience working with Ansible.

Using Ansible


Ansible has ansible-galaxy, in which it’s easy enough to find ready-made roles for your needs, or just read how other people write and what. In Ansible-galaxy, you can log in through a github account and then already fumble certain repositories. Read more about how to do it here .

I created a role and rummaged it in ansible-galaxy. Now we can easily install it using the command:

ansible-galaxy install tenhishadow.pve_on_debian

Accordingly, now we can use this role:

# ls -l /etc/ansible/roles/tenhishadow.pve_on_debian/
итого 68
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 defaults
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 handlers
-rw-rw-r--. 1 root root 35147 ноя 16 22:45 LICENSE
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 meta
-rw-rw-r--. 1 root root  1916 ноя 16 22:45 README.md
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 tasks
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 templates
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 tests
drwxr-xr-x. 2 root root  4096 ноя 16 22:46 vars

Create a hosts file for Ansible, which will be our Inventory:

[proxmox_target]
192.168.102.51

Now we can run:

# ansible-playbook -i hosts testplaybook.yml 

Result:

PLAY [proxmox_target] *
TASK [Gathering Facts] *
ok: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : set hostname for the system] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : modify /etc/hosts] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : check standart repos] *
changed: [192.168.102.51] => (item=deb http://security.debian.org/ stretch/updates main contrib non-free)
changed: [192.168.102.51] => (item=deb-src http://security.debian.org/ stretch/updates main contrib non-free)
changed: [192.168.102.51] => (item=deb http://mirror.yandex.ru/debian/ stretch main contrib non-free)
changed: [192.168.102.51] => (item=deb-src http://mirror.yandex.ru/debian/ stretch main contrib non-free)
changed: [192.168.102.51] => (item=deb http://mirror.yandex.ru/debian/ stretch-updates main contrib non-free)
changed: [192.168.102.51] => (item=deb-src http://mirror.yandex.ru/debian/ stretch-updates main contrib non-free)
TASK [tenhishadow.pve_on_debian : add pve repository key] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : add pve-no-subscription repo] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : update system] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : install proxmox packages] *
changed: [192.168.102.51] => (item=[u'proxmox-ve', u'postfix', u'bridge-utils'])
TASK [tenhishadow.pve_on_debian : remove os prober to prevent injuring VMs] *
changed: [192.168.102.51] => (item=[u'os-prober'])
TASK [tenhishadow.pve_on_debian : search for standard kernels] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : remove standart kernels] *
changed: [192.168.102.51] => (item=[u'linux-image-4.9.0-4-amd64', u'linux-image-amd64'])
TASK [tenhishadow.pve_on_debian : configure network from template] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : rebooting the server] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : waiting for server to come back] *
k: [192.168.102.51 -> localhost]
TASK [tenhishadow.pve_on_debian : remove enterprise repo] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : install several packages] *
changed: [192.168.102.51] => (item=chrony)
changed: [192.168.102.51] => (item=htop)
ok: [192.168.102.51] => (item=telnet)
changed: [192.168.102.51] => (item=nmap)
changed: [192.168.102.51] => (item=screen)
changed: [192.168.102.51] => (item=tcpdump)
changed: [192.168.102.51] => (item=iptraf)
changed: [192.168.102.51] => (item=sudo)
ok: [192.168.102.51] => (item=bridge-utils)
TASK [tenhishadow.pve_on_debian : set timezone] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : generate locales] *
ok: [192.168.102.51] => (item=en_US.UTF-8)
changed: [192.168.102.51] => (item=ru_RU.UTF-8)
TASK [tenhishadow.pve_on_debian : configure chrony] *
changed: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : start and enable chrony] *
ok: [192.168.102.51]
TASK [tenhishadow.pve_on_debian : configure journald] *
changed: [192.168.102.51]
RUNNING HANDLER [tenhishadow.pve_on_debian : restart networking] *
changed: [192.168.102.51]
RUNNING HANDLER [tenhishadow.pve_on_debian : restart chrony] *
changed: [192.168.102.51]
RUNNING HANDLER [tenhishadow.pve_on_debian : restart journald] *
changed: [192.168.102.51]
PLAY RECAP *
192.168.102.51             : ok=24   changed=21   unreachable=0    failed=0

In short, the playbook does the same as described in the wiki, but does not install openiscsi (it writes a lot of errors if it is not configured). + configures the network using bridge-utils (enough for a start, you can easily override it on openvswitch, if necessary). Standard kernels are also deleted and the server is rebooted.

From the interesting part, I was a little stalled on how to remove old kernels and reboot the server, but after digging through the dpkg and Ansible documentation, I found a way out:

- name: search for standard kernels
  shell: "$( which dpkg ) --get-selections linux-image* | $( which grep ) -i install | $(which awk) '{print $1}'"
  args:
    executable: /bin/bash
  register: standart_kernels_installed
- name: remove standart kernels
  apt:
    name: "{{ item }}"
    state: absent
  with_items: "{{ standart_kernels_installed.stdout_lines|default([]) }}"
- name: rebooting the server
  shell: nohup bash -c "sleep 2s && reboot" &
  async: 0
  poll: 0
  ignore_errors: yes
  register: reboot
  tags: reboot
- name: waiting for server to come back
  local_action: wait_for host={{ proxmox_ip }} state=started
  when: reboot.changed
  async: 2400
  poll: 10
  tags: reboot

There is nothing criminal in deleting the current kernel (although a warning will be issued if you do it locally), since Proxmox provides its own kernel and replaces quite a lot of standard programs with programs from its repository.

Somewhere in the middle of the playbook, the target host will reboot, Ansible will wait (wait 2400 seconds, checking every 10 for availability) when the node is alive again, and then configure journald and chrony. Next, install a couple of utilities and that’s all, you will have the ready-made Proxmox waiting for you.

Also popular now: