Adding a New Server to Existing Proxmox Cluster - Network Configuration and VM Communication

Z

zikou

Member
Nov 13, 2024
38
3
8
I’m looking for some guidance on expanding my Proxmox setup. Here’s my current setup and what I’m trying to achieve:

Current Setup

  • I have a dedicated OVH server running Proxmox.
  • On this server, I have a pfSense VM that handles VPN access for employees to connect to the internal network.
  • The server has reached its capacity, and I need to add a new server to scale my infrastructure.

What I Want to Achieve

  1. Add a New Server: I want to install Proxmox on a new server and join it to the existing server to form a cluster.
  2. VM Communication: After joining the cluster, I want VMs on the new server to be able to communicate with VMs on the old server.
  3. Employee VPN Access: Employees should be able to access VMs on the new server via the existing pfSense VPN.

Questions

  1. Cluster Setup:
    • Are there any specific considerations when joining the new server to the existing cluster to ensure seamless VM communication?
  2. pfSense and VPN:
    • Do I need to make any changes to pfSense (e.g., firewall rules, routing) to allow VPN access to VMs on the new server?
 
zikou said:
Are there any specific considerations when joining the new server to the existing cluster to ensure seamless VM communication?
Do I need to make any changes to pfSense (e.g., firewall rules, routing) to allow VPN access to VMs on the new server?
Click to expand...

You need vRack for such setup to work properly and seamlessly. Also vRack public IP range so you can "move" the IP with VMs among the servers in the cluster (i.e. whe you move that pfsense VM to another host in the cluster).

zikou said:
Add a New Server: I want to install Proxmox on a new server and join it to the existing server to form a cluster.
Click to expand...
You really need 3 servers or at least 2 servers + QDevice to keep quorum when one server is down[1]

You should adapt you current network config to support cluster and corosync links properly using vlans within the vRack [2]

[1] https://pve.proxmox.com/wiki/Cluster_Manager#_corosync_external_vote_support
[2] https://pve.proxmox.com/wiki/Cluster_Manager#_cluster_network
 
any tips I'm new to proxmox
also is it possible if we have new dedicated server (different providers not ovh)
 
zikou said:
is it possible if we have new dedicated server (different providers not ovh)
Click to expand...
No, a PVE node can't be on different providers. As stated in the link I sent you before [1], nodes must be at max 10ms from each other, IME being under 5ms is recommended. Maybe you could use professional support on this and/or training, please check the official Partners list [2]

[1] https://pve.proxmox.com/wiki/Cluster_Manager#_cluster_network
[2] https://www.proxmox.com/en/partners/find-partner/explore
 
VictorSTS said:
No, a PVE node can't be on different providers. As stated in the link I sent you before [1], nodes must be at max 10ms from each other, IME being under 5ms is recommended. Maybe you could use professional support on this and/or training, please check the official Partners list [2]

[1] https://pve.proxmox.com/wiki/Cluster_Manager#_cluster_network
[2] https://www.proxmox.com/en/partners/find-partner/explore
Click to expand...
I guess this is a task that should be done by senior because Im junior devops
 
  • Like
Reactions: VictorSTS
VictorSTS said:
No, a PVE node can't be on different providers. As stated in the link I sent you before [1], nodes must be at max 10ms from each other, IME being under 5ms is recommended. Maybe you could use professional support on this and/or training, please check the official Partners list [2]

[1] https://pve.proxmox.com/wiki/Cluster_Manager#_cluster_network
[2] https://www.proxmox.com/en/partners/find-partner/explore
Click to expand...
just want to know something to tell the ceo of the startup
I need to tell him that he should buy dedicated server in ovh not on other providers (latency)
 
You could read the documentation so you can give your CEO an informed opinion about what should be done and how to properly deploy Proxmox software. Again, if in doubt, refer your CEO to a partner or ask for official training [1].

A very personal opinion: If your CEO is a wise one, should hire knowledge and train their people so they can do their jobs at their best.

[1] https://www.proxmox.com/en/services/training-courses/course-catalog
 
  • Like
Reactions: Johannes S
Nothing personal at all and wasn't meant to be rude with the OP in any way. Sorry if it looks like that. Thanks for pointing it out.

I've been there too: tasked with a job that could not do because I lacked knowledge/experience/practice. What OP is asking to do isn't exactly dead simple and requires some expertise both with OVH and with PVE to do it right. I just feel that the OP needs a type of help that (I) just can't provide in a forum, so IMHO one of the best options is to look for consulting services.

Besides that, every PVE related question was politely answered with references to the documentation, so that can be used to justify the why's and how's to deploy PVE.
 
  • Like
Reactions: Johannes S
in that case:

zikou said:
Add a New Server: I want to install Proxmox on a new server and join it to the existing server to form a cluster.
Click to expand...

possible but likely not necessary. Your initial problem report is that you're running out of capacity- not that you want to increase fault tolerance. if thats not a requirement there's no reason to add the complexity- just add a new server and put a workload on it. If you DO want to upgrade your environment to be fault tolerant, there are a few ways to accomplish this. Which one to pursue depends on your level of competence is as an admin, your cost sensitivity, and what type of workload you are operating.
zikou said:
  1. VM Communication: After joining the cluster, I want VMs on the new server to be able to communicate with VMs on the old server.
  2. Employee VPN Access: Employees should be able to access VMs on the new server via the existing pfSense VPN.
Click to expand...

Again, cluster not required, but you will need to have a private subnet provided by OVH, and you will need to design the plumbing for operation. this is fairly simply network engineering but it does require some thought and consideration.

The simplest solution is to simply start deploying your workload on OVH's public cloud, and rethink how you provide remote access; tailscale can work well for this. This will be a more fault tolerant then your server, and likely cheaper (and tailscale is much faster and user friendly then the openvpn you are using now.) If not married to OVH, you can use any other vendor as well based on your price and feature sensitivity.

Next option- you CAN deploy more servers at OVH, but I dont know their engineering support capability to provide you with a network infrastructure to either provide the private networking you require or operate a cluster properly. If you dont feel you can ask them to upgrade your disks, I dont get a good sense you can depend on them for that. I know there are people who do operate proxmox clusters at cloud providers so it IS doable but I personally wouldn't want to operate anything more then a single server without having direct access to the hardware (physically and logically) and DEFINATELY offering capable remote hands.

Third option: consider deploying your own hardware at a datacenter local to you. you'd have full control over all aspects of the deployment and not be beholden to OVH (or whatever provider)
 
You must log in or register to reply here.
Top Bottom