lae.proxmox

This tool helps you install and set up Proxmox Virtual Environment (PVE) versions 6.x, 7.x, and 8.x on Debian servers.

You can use this tool to create and manage single-node Proxmox installations or clusters with three or more nodes, specifically on Debian versions Buster (10) and Bullseye (11). With this tool, you can configure:

• Role-Based Access Control (RBAC) for PVE (roles, groups, users, access control lists)
• PVE Storage settings
• The datacenter.cfg file
• HTTPS certificates for the Proxmox web interface (you'll need to provide your own)
• Selection of PVE repositories (like pve-no-subscription or pve-enterprise)
• Watchdog modules (IPMI and NMI) with appropriate high availability manager configuration
• ZFS module setup and email notifications for ZED

When clustering is activated, you can also:

• Ensure all hosts can connect to each other as the root user via SSH
• Create a new PVE cluster or add existing nodes to it
• Set up Ceph storage in a PVE cluster
• Manage high-availability groups

Support and Contribution

For support or to contribute, you can join our Discord server: Discord Link. Note this is a temporary invitation.

Quick Start Guide

The main goal of this tool is to set up a Proxmox VE cluster, but it can also be used for quickly installing single-node Proxmox servers.

Make sure you have Ansible installed. Use a separate machine to run the installation (this is important because one step involves a reboot).

Save the following script as install_proxmox.yml:

- hosts: all
  become: true
  roles:
    - role: geerlingguy.ntp
      vars:
        ntp_manage_config: true
        ntp_servers:
          - clock.sjc.he.net
          - clock.fmt.he.net
          - clock.nyc.he.net
    - role: lae.proxmox
      vars:
        - pve_group: all
        - pve_reboot_on_kernel_update: true

To install the necessary roles, run:

ansible-galaxy install lae.proxmox geerlingguy.ntp

Then, execute the installation with:

ansible-playbook install_proxmox.yml -i $SSH_HOST_FQDN, -u $SSH_USER

Remember to include -K if your SSH user requires a sudo password. Use -k if you authenticate with a password instead of public keys. Make sure to include the comma after $SSH_HOST_FQDN to indicate you are providing a list of hosts.

Once the installation is complete, you should be able to access your Proxmox VE interface at https://$SSH_HOST_FQDN:8006.

Full Feature PVE 8.x Cluster Deployment

1. Create a directory for your playbook named lab-cluster. It should look like this:

lab-cluster/
├── files
│   └── pve01
│       ├── [SSL files]
├── group_vars
│   ├── all
│   └── pve01
├── inventory
├── roles
│   └── requirements.yml
├── site.yml
└── templates
    └── interfaces-pve01.j2

2. Prepare SSL certificates if needed (not necessary if using Proxmox's internal certificates).

3. Set up your inventory file as follows:

[pve01]
lab-node01.local
lab-node02.local
lab-node03.local

4. Specify your role requirements in roles/requirements.yml:

---
- src: geerlingguy.ntp
- src: lae.proxmox

5. Add NTP server settings to group_vars/all:

---
ntp_manage_config: true
ntp_servers:
  - lab-ntp01.local iburst
  - lab-ntp02.local iburst

6. Define pve01 group variables in group_vars/pve01. Adjust the values according to your environment:

---
pve_group: pve01
pve_watchdog: ipmi
pve_ssl_private_key: "{{ lookup('file', pve_group + '/' + inventory_hostname + '.key') }}"
pve_ssl_certificate: "{{ lookup('file', pve_group + '/' + inventory_hostname + '.pem') }}"
pve_cluster_enabled: yes
pve_groups:
  - name: ops
    comment: Operations Team
pve_users:
  - name: admin1@pam
    email: [email protected]
    firstname: Admin
    lastname: User 1
    groups: [ "ops" ]

7. Structure your playbook to install and configure necessary components, followed by setting up Proxmox.

8. Finally, run the playbook and set up your new Proxmox cluster.

You'll find that managing Proxmox clusters, storage, and users is simplified with this setup. Enjoy your Proxmox experience!