Ceci est le premier des trois volets concernant l’installation, la configuration et l’exploitation de Proxmox VE pas-à-pas.
Dans cette première partie, nous allons nous attarder sur l’installation proprement dite mais sans passer par l’installateur de Proxmox VE.
Nous allons utiliser un liveCD afin de construire une Debian Buster agrémentée des paquets présents dans les dépôts Proxmox.
Table des matières
Machine cible
Nous allons effectuer notre installation sur une machine de bureau relativement ancienne. Cette machine est un Dell Optiplex 990 dont les caractéristiques sont :
- 1 processeur 4 coeurs et 8 threads Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
- 16 Go de RAM DDR3 @ 1333MHz
- 500 Go de disque dur Seagate ST500DM002 @ 7200RPM
- Amorçage en mode BIOS
Media d’installation
Nous allons utiliser SystemRescueCD en version 5.3.2 et démarrer dessus deux fois :
- une première fois afin d’effacer toutes les données du disque dur et de créer une nouvelle table de partition,
- une seconde fois afin de procéder à l’installation distante via SSH .
Préparation de la machine cible
Identification du disque dur
Entrée :
lsblk -io KNAME,TYPE,SIZE,MODEL | grep disk
Sortie :
sda disk 465.8G ST500DM002-1BD14 sdb disk 7.2G Recovery USB
Notre disque à effacer sera donc sda.
Effacement des partitions existantes
Entrée :
shred -n 1 -v /dev/sda
Sortie :
shred: /dev/sda: pass 1/1 (random)... shred: /dev/sda: pass 1/1 (random)...524MiB/466GiB 0% shred: /dev/sda: pass 1/1 (random)...1.1GiB/466GiB 0% ..................................................... shred: /dev/sda: pass 1/1 (random)...465GiB/466GiB 99% shred: /dev/sda: pass 1/1 (random)...466GiB/466GiB 100%
Création d’une nouvelle table de partitions
Entrée :
sgdisk -og /dev/sda
Sortie :
Creating new GPT entries. Warning: The kernel is still using the old partition table. The new table will be used at the next reboot or after you run partprobe(8) or kpartx(8) The operation has completed successfully.
Vérification de la table de partitions
Entrée :
sgdisk -p /dev/sda
Sortie :
Disk /dev/sda: 976773168 sectors, 465.8 GiB Model: ST500DM002-1BD14 Sector size (logical/physical): 512/4096 bytes Disk identifier (GUID): 7042969A-A304-4487-A274-2C26AD5B8410 Partition table holds up to 128 entries Main partition table begins at sector 2 and ends at sector 33 First usable sector is 34, last usable sector is 976773134 Partitions will be aligned on 2048-sector boundaries Total free space is 976773101 sectors (465.8 GiB) Number Start (sector) End (sector) Size Code Name
Redémarrage
Entrée :
reboot
Récupération de l’adresse réseau
Entrée :
ifconfig | grep "inet.*broadcast"
Sortie :
inet 192.168.1.42 netmask 255.255.255.0 broadcast 192.168.1.255
Création du mot de passe pour connexion
Entrée :
passwd
Installation à distance
Connexion via SSH
Entrée :
ssh root@192.168.1.42
Initialisation des variables
Entrée :
export LANG=C distro="buster" userName="admin" userId=10001 information="FOO Admin" hostName="proxmox" domainName="foo.bar" xkbLayout="us" xkbModel="pc105" xkbVariant="" xkbOptions="" hardDisk="sda" lvmDisk="pve" ethernetCard="eth0" phyMem=`expr $(free -g |awk '/^Mem:/{print $2}') + 1` ipAddress=192.168.1.100 ipCidr=24 ipNetwork=192.168.1.0 ipGateway=192.168.1.254 ipDNS1=192.168.1.1 ipDNS2=1.1.1.1 ipDNS3=8.8.8.8 ipDNS4=9.9.9.9
Partitionnemement
Entrée :
sgdisk -n 1::+256M -t 1:ef02 -c 1:"BIOS boot" /dev/$hardDisk sgdisk -n 2 -t 2:8e00 -c 2:"System" /dev/$hardDisk
Sortie :
Caution: invalid backup GPT header, but valid main header; regenerating backup header from main header. **************************************************************************** Caution: Found protective or hybrid MBR and corrupt GPT. Using GPT, but disk verification and recovery are STRONGLY recommended. **************************************************************************** Setting name! partNum is 0 The operation has completed successfully. Setting name! partNum is 1 The operation has completed successfully.
Volumes logiques
Entrée :
pvcreate /dev/$hardDisk"2" vgcreate $lvmDisk /dev/$hardDisk"2" lvcreate -L $phyMem"G" -n swap $lvmDisk lvcreate -L 50G -n root $lvmDisk lvcreate -l 100%FREE --thinpool data $lvmDisk
Sortie :
Physical volume "/dev/sda2" successfully created. Volume group "pve" successfully created Logical volume "swap" created. Logical volume "root" created. Logical volume "data" created.
Formatage
Entrée :
mkswap /dev/mapper/$lvmDisk-swap -L $lvmDisk"_swap" mkfs.ext4 /dev/mapper/$lvmDisk-root -L $lvmDisk"_root"
Sortie :
Setting up swapspace version 1, size = 16 GiB (17179865088 bytes) LABEL=pve_swap, UUID=7e2434e3-ced3-43b3-9fdb-5e295e91ee6e mke2fs 1.43.9 (8-Feb-2018) Creating filesystem with 13107200 4k blocks and 3276800 inodes Filesystem UUID: e26dd2d0-eafa-42ea-ad41-9199bf27e510 Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208, 4096000, 7962624, 11239424
Montage des partitions
Entrée :
mkdir /install/ swapon /dev/mapper/$lvmDisk-swap mount /dev/mapper/$lvmDisk-root /install mkdir /install/local
Installation du système de base
Entrée :
debootstrap --arch=amd64 $distro /install/ http://debian.mirrors.ovh.net/debian/
Configuration de /etc/fstab
Entrée :
cat << EOF > /install/etc/fstab `printf "%-50s%-20s%-10s%-20s%-10s%-5s\n" "# " "" "" "" "" ""` `printf "%-50s%-20s%-10s%-20s%-10s%-5s\n" "UUID=\"$(blkid -o value -s UUID /dev/mapper/pve-root)\"" "/" "ext4" "errors=remount-ro" "0" "1"` `printf "%-50s%-20s%-10s%-20s%-10s%-5s\n" "UUID=\"$(blkid -o value -s UUID /dev/mapper/pve-swap)\"" "none" "swap" "sw" "0" "0"` `printf "%-50s%-20s%-10s%-20s%-10s%-5s\n" "proc" "/proc" "proc" "defaults" "0" "0"` EOF
Configuration de /etc/hostname
Entrée :
cat << EOF > /install/etc/hostname $hostName EOF
Configuration de /etc/hosts
Entrée :
cat << EOF > /install/etc/hosts `printf "%-20s%-40s%-30s%-5s\n" "127.0.0.1" "localhost.localdomain" "localhost"` `printf "%-20s%-40s%-30s%-5s\n" "$ipAddress1" "$hostName.$domainName" "$hostName"` # The following lines are desirable for IPv6 capable hosts `printf "%-20s%-40s%-30s%-5s\n" "::1" "localhost" "ip6-localhost" "ip6-loopback"` `printf "%-20s%-40s%-30s%-5s\n" "fe00::0" "ip6-localnet"` `printf "%-20s%-40s%-30s%-5s\n" "ff00::0" "ip6-mcastprefix"` `printf "%-20s%-40s%-30s%-5s\n" "ff02::1" "ip6-allnodes"` `printf "%-20s%-40s%-30s%-5s\n" "ff02::2" "ip6-allrouters"` `printf "%-20s%-40s%-30s%-5s\n" "ff02::3" "ip6-allhosts"` EOF
Configuration du réseau
Entrée :
cat << EOF > /install/etc/network/interfaces auto lo iface lo inet loopback auto $ethernetCard iface $ethernetCard inet manual auto vmbr0 iface vmbr0 inet static address $ipAddress/$ipCidr gateway $ipGateway bridge_ports $ethernetCard bridge_stp off bridge_ fd 0 network $ipNetwork #Internet EOF
Entrée :
cat << EOF > /install/etc/systemd/resolved.conf [Resolve] #DNS= #FallbackDNS= #Domains= #LLMNR=yes #MulticastDNS=yes #DNSSEC=allow-downgrade #DNSOverTLS=no #Cache=yes #DNSStubListener=yes #ReadEtcHosts=yes EOF
Entrée :
cat << EOF > /install/etc/resolv.conf search $domainName nameserver $ipDNS1 nameserver $ipDNS2 nameserver $ipDNS3 nameserver $ipDNS4 EOF
Configuration du fuseau horaire
Entrée :
chroot /install ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime
Configuration des dépots
Entrée :
cat << EOF > /install/etc/apt/sources.list `printf "%-50s%-25s%-5s\n" "deb http://ftp.fr.debian.org/debian/" "$distro" "main contrib non-free"` `printf "%-50s%-25s%-5s\n" "deb http://ftp.fr.debian.org/debian/" "$distro-updates" "main contrib non-free"` `printf "%-50s%-25s%-5s\n" "deb http://security.debian.org/" "$distro/updates" "main contrib non-free"` `printf "%-50s%-25s%-5s\n" "deb http://deb.debian.org/debian" "$distro-backports" "main contrib non-free"` EOF
Entrée :
cat << EOF > /install/etc/apt/sources.list.d/pve-no-subscription.list `printf "%-50s%-25s%-5s\n" "deb http://download.proxmox.com/debian/pve" "$distro" "pve-no-subscription"` EOF
Entrée :
wget http://download.proxmox.com/debian/proxmox-ve-release-6.x.gpg -O /install/etc/apt/trusted.gpg.d/proxmox-ve-release-6.x.gpg
Montage des ressources
Entrée :
mount --bind /dev /install/dev mount --bind /dev/pts /install/dev/pts mount --bind /sys /install/sys mount --bind /run /install/run/ mount -t proc /proc /install/proc
Mise à jour
Entrée :
chroot /install apt update chroot /install apt full-upgrade
Installation du noyau
Entrée :
chroot /install apt install grub-pc \ proxmox-ve
Installation des outils complémentaires
Entrée :
chroot /install apt install bridge-utils \ console-setup \ dmidecode \ fail2ban \ gdisk \ htop \ keyboard-configuration \ locales \ lvm2 \ man \ mc \ ncdu \ net-tools \ open-iscsi \ openssh-server \ pciutils \ postfix \ screen \ sudo \ tree \ usbutils \ vim
Configuration du shell
Entrée :
sed -i 's/#force_color_prompt=yes/force_color_prompt=yes/g' /install/etc/skel/.bashrc
Entrée :
cat << EOF >> /install/etc/skel/.bashrc if [ \`whoami\` = root ]; then PS1='\${debian_chroot:+(\$debian_chroot)}\[\033[01;31m\]\u@\[\033[01;33m\]\$(hostname)\[\033[01;31m\].\$(hostname -d)\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]# ' else PS1='\${debian_chroot:+(\$debian_chroot)}\[\033[01;32m\]\u@\[\033[01;33m\]\$(hostname)\[\033[01;32m\].\$(hostname -d)\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\\$ ' fi EOF
Entrée :
\cp /install/etc/skel/.bashrc /install/root/
Mot de passe administrateur
Entrée :
chroot /install passwd
Ajout utilisateur
Entrée :
chroot /install useradd -m -G adm,cdrom,dip,games,plugdev,sudo,video -s /bin/bash -d /local/$userName $userName -u $userId -c "$information" chroot /install passwd $userName
Service rc.local
Entrée :
cat << EOF > /install/etc/systemd/system/rc-local.service [Unit] Description=/etc/rc.local Compatibility ConditionPathExists=/etc/rc.local [Service] Type=forking ExecStart=/etc/rc.local start TimeoutSec=0 StandardOutput=tty RemainAfterExit=yes SysVStartPriority=99 [Install] WantedBy=multi-user.target EOF
Entrée :
cat << EOF > /install/etc/rc.local #!/bin/sh -e # # rc.local # # This script is executed at the end of each multiuser runlevel. # Make sure that the script will "exit 0" on success or any other # value on error. # # In order to enable or disable this script just change the execution # bits. # # By default this script does nothing. exit 0 EOF
Entrée :
chmod +x /install/etc/rc.local chroot /install systemctl enable rc-local.service
Suppression de la bannière
Entrée :
sed -i '/exit\ 0/i\sed -i \"s/data.status !== '\'Active\''/false/g\" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js' /install/etc/rc.local sed -i '/exit\ 0/i\systemctl restart pveproxy.service' /install/etc/rc.local
Supression du dépôt entreprise
Entrée :
echo "" > /install/etc/apt/sources.list.d/pve-enterprise.list
Configuration des locales
Entrée :
sed -i 's/# fr_FR.UTF-8 UTF-8/fr_FR.UTF-8 UTF-8/g' /install/etc/locale.gen
Entrée :
cat << EOF > /install/etc/default/locale LANG=fr_FR.UTF-8 LC_MESSAGES=fr_FR.UTF-8 EOF
Entrée :
chroot /install dpkg-reconfigure -f noninteractive locales
Configuration du clavier
Entrée :
cat << EOF > /install/etc/default/keyboard XKBMODEL="$xkbModel" XKBLAYOUT="$xkbLayout" XKBVARIANT="xkbVariant" XKBOPTIONS="$xkbOptions" BACKSPACE="guess" EOF
Entrée :
chroot /install dpkg-reconfigure -f noninteractive keyboard-configuration
Configuration de la console
Entrée :
cat << EOF > /install/etc/default/console-setup ACTIVE_CONSOLES="/dev/tty[1-6]" CHARMAP="UTF-8" CODESET="Lat15" FONTFACE="VGA" FONTSIZE="8x16" VIDEOMODE= EOF
Entrée :
chroot /install dpkg-reconfigure -f noninteractive console-setup
Configuration du serveur SSH
Entrée :
sed -i 's/#PermitRootLogin\ prohibit-password/PermitRootLogin\ no/g' /install/etc/ssh/sshd_config sed -i 's/X11Forwarding\ yes/X11Forwarding\ no/g' /install/etc/ssh/sshd_config
Installation du gestionnaire d’amorçage
Entrée :
sed -i 's/GRUB_CMDLINE_LINUX=\"\"/GRUB_CMDLINE_LINUX=\"net.ifnames=0 biosdevname=0\"/g' /install/etc/default/grub chroot /install grub-install /dev/$hardDisk chroot /install update-grub chroot /install update-initramfs -u
Redémarrage
Entrée :
reboot