Difference between revisions of "How to build Proxmox tmpfs image"
(comment out bind bind and make-rprivate) |
(remove apparmor) |
||
Line 40: | Line 40: | ||
The ATU plugin is available in openQRM Enterprise. It allows the configuration synchronisation of the server to be maintain during reboots and power loss events. The ATU plugin is open source and written in bash and allows the start up sequence to be controlled and important configuration and service start sequences especially important for Proxmox VE. | The ATU plugin is available in openQRM Enterprise. It allows the configuration synchronisation of the server to be maintain during reboots and power loss events. The ATU plugin is open source and written in bash and allows the start up sequence to be controlled and important configuration and service start sequences especially important for Proxmox VE. | ||
+ | '''Ensure apparmor is removed;''' | ||
+ | apt remove --assume-yes --purge apparmor | ||
'''<big>Let's Start:</big>''' | '''<big>Let's Start:</big>''' |
Revision as of 14:30, 19 August 2024
Follow the steps below to convert Proxmox VE to a pxe booted tmpfs memory resident operating system.
Once you have a running openQRM Server you can follow these steps.
This process is supported in both the community and enterprise versions of openQRM.
You will need the following plugins enabled; dhcpd, tftp, nfs-storage, tmpfs-storage, atu (optional, available in the enterprise package)
Pre-built Proxmox VE templates are available for download in the customer portal.
About openQRM:
openQRM Enterprise is a Turn Key Deployment and Management Platform, with over 55 plugins allowing variety of deployment options. This article describes the deployment methods to convert Proxmox into a tmpfs image allowing servers to PXE boot and Run Proxmox as a memory resident operating system requiring now attached storage. This is perfect for compute nodes and allow KVM and LXC to operate as normal. Proxmox can connect to a variety of storage options including; NFS, Ceph, Gluster, iSCSI and more.
Why is this solution so exciting ?
When data centre operators deploy compute nodes, they no longer need network or attached storage to run that node. This solution allows a compute node to pxe network boot an operating system into a ram disk. This ram disk is essentially the local storage for the server. Being memory resident the system ram is exceptionally fast, several times faster in order of magnitude than NVMe. So if the node lost network connectivity it would still be able to function as the node would have already been booted and running just like it had local attached storage.
Hold on this is too good to be true, what are the down sides ?
Well its memory resident, so if power is lost the local configuration would be lost. However if the node is part of a cluster then the cluster would hold the PVE configuration and if using the ATU plugin is used the configuration would be synchronised and retained on the openQRM server.
Requirements:
- openQRM Community or Enterprise (a KVM is the suggested option)
- optional: openQRM ATU Plugin for advanced server and cluster configuration and boot management
- CPU 64bit Intel EMT64 or AMD64
- PCI(e) passthrough requires VT-d/AMD-d CPU flag support
- Debian 11 Bullseye
Suggest minimum specification for:
- openQRM Server: 1GB & 1 CPU
- Virtual or Hardware Node (booted via tmpfs) 6-8GB. 4GB for tmpfs and 2-4GB for OS and Services.
- The clustering requires co-ordinated initialisation and configuration backup. The ATU Plugin orchestrates these steps for cluster management and configuration backup.
What is the ATU plugin ?
The ATU plugin is available in openQRM Enterprise. It allows the configuration synchronisation of the server to be maintain during reboots and power loss events. The ATU plugin is open source and written in bash and allows the start up sequence to be controlled and important configuration and service start sequences especially important for Proxmox VE.
Ensure apparmor is removed;
apt remove --assume-yes --purge apparmor
Let's Start:
1. Adding a Proxmox Kernel to openQRM:
- Download PVE Kernel (check to see if there is a newer kernel) -
- Proxmox 8 - http://download.proxmox.com/debian/dists/bookworm/pve-no-subscription/binary-amd64/proxmox-kernel-6.5.13-5-pve_6.5.13-5_amd64.deb
- Proxmox 7 (Stable) - http://download.proxmox.com/debian/dists/bullseye/pve-no-subscription/binary-amd64/pve-kernel-5.11.22-3-pve_5.11.22-6_amd64.deb
- Proxmox 7 (Testing) - http://download.proxmox.com/debian/dists/bullseye/pve-no-subscription/binary-amd64/pve-kernel-6.2.9-1-pve_6.2.9-1_amd64.deb
- Install Kernel locally
- then add the Kernel to openQRM. Replace KERNEL_NAME, KERNEL_VER, OPENQRM_UI_USER, OPENQRM_UI_PASS, SERVER_NAME with the appropriate variables)
- /usr/share/openqrm/bin/openqrm kernel add -n KERNEL_NAME -v KERNEL_VER -u OPENQRM_UI_USER -p OPENQRM_UI_PASS -l / -i initramfs -m csiostor
- /usr/share/openqrm/bin/openqrm kernel add -n pve-5.11.22-6 -v 5.11.22-3-pve -u openqrm -p openqrm -l / -i initramfs -m csiostor
2. Creating Image suitable to TMPFS Boot:
- Create Image - To create an image for Proxmox VE (image will be named "proxmox_image") which can be used as a tmpfs image, follow these steps;
- apt-get -y install debootstrap
- mkdir -p /exports/proxmox_image/dev/pts /exports/proxmox_image/proc /exports/proxmox_image/var/run/dbus
- Boostrap with either Debian 11 or 12
- Debian 11:
- debootstrap --arch amd64 buster /exports/proxmox_image/ https://deb.debian.org/debian/
- Debian 12:
- debootstrap --arch amd64 bookworm /exports/proxmox_image/ https://deb.debian.org/debian/
- Debian 11:
- mount --bind /dev/ /exports/proxmox_image/dev/
- mount --bind /dev/pts /exports/proxmox_image/dev/pts
- mount --bind /proc /exports/proxmox_image/proc
- #mount --make-rprivate /exports/proxmox_image/
- mount --bind /var/run/dbus /exports/proxmox_image/var/run/dbus
- #mount --bind /exports/proxmox_image/ /exports/proxmox_image/
- #mount --make-rprivate /exports/proxmox_image/
- chroot /exports/proxmox_image
- apt-get update; apt-get install wget net-tools screen locales collectd telnet whois traceroute nfs-kernel-server jq bash rsyslog portmap open-iscsi rsync sudo xinetd ifupdown2 dnsutils ethtool curl unzip screen iftop lshw smartmontools nvme-cli lsscsi sysstat htop mc rpl dropbear iputils-ping ipmitool procmail zsh-common
- dpkg-reconfigure locales
- dpkg-reconfigure tzdata
- Follow steps (Start at "Install Proxmox VE") @
- Proxmox 7 - https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_11_Bullseye
- Proxmox 8 - https://pve.proxmox.com/wiki/Install_Proxmox_VE_on_Debian_12_Bookworm
- We do not need to install grub or any other boot loaders
- To install ceph support, add the relavent repository and add packages;
- apt-get -y install ceph ceph-common ceph-fuse ceph-mds ceph-volume gdisk nvme-cli
- To add FRRouting add the relavent repository and add packages;
- apt-get -y install frr frr-pythontools
- set root password; passwd
- (optional) implement noclear for getty/inittab;
- mkdir -p /etc/systemd/system/getty@tty1.service.d/
- edit file; /etc/systemd/system/getty@tty1.service.d/noclear.conf add contents;
[Service]
TTYVTDisallocate=no
- Remember: /etc/hosts needs a valid hostname with your ip address
- This is managed with the ATU plugin
- symlink ssh.service to sshd.service required for pve-cluster;
- ln -s /usr/lib/systemd/system/ssh.service /etc/systemd/system/sshd.service
- exit chroot, type exit
- umount binds;
- umount /exports/proxmox_image/dev/pts
- umount /exports/proxmox_image/dev
- umount /exports/proxmox_image/proc
- umount /exports/proxmox_image/var/run/dbus
- (optional) If using the ATU Plugin follow these steps;
- (if using the ATU plugin) For reference only; since Proxmox/Debian uses systemd management of services needs to be done externally of the chroot. To find enabled services;
- systemctl list-unit-files --root /exports/proxmox_image/| grep -v disabled | grep enabled
- (if using the ATU plugin) These services are managed by the ATU plugin. Since the ATU plugins manages cluster initialisation these services need to be started in an orderly fashion by the plugin. So we then remove services from startup, systemd is not friendly, so we need to point systemctl to the root directory as follows;
- /bin/systemctl disable rc-local --root /exports/proxmox_image/
- /bin/systemctl disable pve-cluster.service corosync.service pve-guests.service collectd.service ksm.service ksmtuned.service proxmox-boot-cleanup.service --root /exports/proxmox_image/
- /bin/systemctl disable lvm2-lvmpolld.socket lvm2-monitor.service --root /exports/proxmox_image/
- /bin/systemctl disable frr.service pvenetcommit.service --root /exports/proxmox_image/
- /bin/systemctl disable lxc.service lxc-net.service lxcfs.service lxc-monitord.service --root /exports/proxmox_image/
- /bin/systemctl disable portmap.service rpcbind.service nfs-client.target --root /exports/proxmox_image/
- /bin/systemctl disable iscsid.service iscsi.service open-iscsi.service --root /exports/proxmox_image/
- /bin/systemctl disable pve-firewall.service pvefw-logger.service pvesr.timer pve-daily-update.timer --root /exports/proxmox_image/
- /bin/systemctl disable pve-ha-crm.service pve-ha-lrm.service pve-lxc-syscalld.service --root /exports/proxmox_image/
- /bin/systemctl disable pvebanner.service pvedaemon.service pvenetcommit.service --root /exports/proxmox_image/
- /bin/systemctl disable pveproxy.service pvestatd.service --root /exports/proxmox_image/
- /bin/systemctl disable qmeventd.service spiceproxy.service ssh.service --root /exports/proxmox_image/
- /bin/systemctl disable rsyslog.service syslog.service --root /exports/proxmox_image/
- /bin/systemctl disable smartd.service dm-event.socket rbdmap.service --root /exports/proxmox_image/
- /bin/systemctl disable ceph.target ceph-fuse.target frr.service --root /exports/proxmox_image/
- /bin/systemctl disable zfs.target zfs-mount.service zfs-share.service --root /exports/proxmox_image/
- /bin/systemctl disable zfs-import.target zfs-import-cache.service zfs-volumes.target zfs-volume-wait.service zfs-share.service --root /exports/proxmox_image/
- /bin/systemctl disable netdiag.service rsync.service console-setup.service --root /exports/proxmox_image/
- /bin/systemctl disable iscsi dropbear nfs-ganesha-lock nvmefc-boot-connections nvmf-autoconnect zfs-zed pvescheduler.service --root /exports/proxmox_image/
- /bin/systemctl disable nfs-blkmap iscsid.socket postfix --root /exports/proxmox_image/
- If you have ceph installed disable;
- /bin/systemctl disable ceph-crash.service ceph-mds.target ceph-mgr.target ceph-mon.target ceph-osd.target remote-fs.target --root /exports/proxmox_image/
- If you have Ganesha installed for nfs;
- /bin/systemctl disable nfs-ganesha.service nfs-ganesha-lock.service nfs-common.service --root /exports/proxmox_image/
- /bin/systemctl disable puppet --root /exports/proxmox_image/
- /bin/systemctl disable zfs.target zfs-mount.service nfs-kernel-server --root /exports/proxmox_image/
- (if using the ATU plugin) disable services (some services may not exist):
- /bin/systemctl disable pvedaemon pve-proxy pve-manager pve-cluster cman corosync ceph pvestatd qemu-server rrdcached spiceproxy --root /exports/proxmox_image/
- (if using the ATU plugin) For reference only; since Proxmox/Debian uses systemd management of services needs to be done externally of the chroot. To find enabled services;
- Tar the Image;
- mkdir -p /usr/share/openqrm/web/boot-service/tmpfs/
- cd /exports/proxmox_image
- tar --exclude=usr/src --exclude=var/lib/apt/lists --exclude=usr/lib/jvm --exclude=var/lib/apt/lists --exclude=usr/share/man --exclude=usr/share/doc --exclude=usr/share/icons --numeric-owner -czf /usr/share/openqrm/web/boot-service/tmpfs/proxmox_image.tgz .
- When taring the image above, there are other directories that are not required that can be excluded. We suggest the uncompressed image size to be 55-60% of the available tmpfs volume size allocated (4GB as below).
3. Configuring openQRM to support above template:
- Activate dhcpd plugin then the tftp plugin
- Activate NFS Storage (if not already done so)
- Under Plugins -> Storage -> NFS-Storage
- Add NFS Storage;
- name "openqrm-nfs"
- Deployment Type: "nfs-deployment"
- Add NFS Volume (this triggers tmpfs storage)
- Under Plugins -> Storage -> NFS-Storage -> Volume Admin -> Edit -> proxmox_image "ADD IMAGE"
restart openQRM server/vm in case of duplicate services started from chroot image initialisation- Now create a TmpFs-Storage: Plugins -> Storage -> Tmpfs-storage -> Volume Admin -> New Storage
- Name: openqrm-tmpfs
- Deployment Type: tmpfs-storage
- Now Create an Image: Components -> Image -> Add new Image -> Tmpfs-root deployment -> click edit on the "openqrm-tmpfs" -> Click "ADD NEW VOLUME"
- Name: pve7
- Size: 4 GB
- Description: proxmox ve 7
- Now network boot a new node either a KVM or Physical machine, you will need to link this resource to a server. A resource is a blank system/server and a Server is a configuration applied to a resource/system/server. So when a system has booted via dhcp/pxe then system will enter an "idle" state and will be selectable as "idle" for this next step.
- Click "ADD A NEW SERVER"
- Select the resource
- then select the image for server, select the pve7 = tmpfs-deployment as previously setup (leave the tick on edit image details after selection.)
- then click "Install from NAS/NFS" select the "proxmox_image" as above then click submit
- then select the kernel pve-5.11.22-6 then click submit
- Done
- You will then need to "start" the server, click "start", the idle resource will then reboot and boot the image as created above
- Once booted you may need to restart sshd and pve-cluster
- systemctl restart ssh pve-cluster
Notes/Customisations:
- Postfix may error a warning on boot, edit /etc/mailname
- Nodes booted with out the ATU plugin will lose configuration upon reboot!
- when changing kernel versions, a stop and start of the server is required
This technology preview displays the tmpfs memory resident capabilities to support Proxmox VE as a memory resident operating system.
About the ATU Plugin:
The ATU plugin is a server service management configuration tool. It supports generic systems as well as Proxmox VE. It is responsible for boot management and the configuration and cluster configuration synchronisation with the openQRM server. Orchestrating the system service start/stop with configuration synchronisation with the openQRM server. This is a vital plugin for tmpfs based operating systems.
About openQRM:
openQRM is available in both community and enterprise versions. Both versions are open source with the enterpise package available for commercial support and numerous additional plugins being available. With over 60 plugins available openQRM manages storage, network, monitoring, cloud, management and virtualisation. It is the toolkit of choice for data centres.