Search results

I use headscale, too. But establishing a common network between my otherwise segregated PVEs means to circumvent my inner firewall. If I were willing to do this, it would easier to remove the firewall instead of making an effort to circumvent it. That is a very good point. I have not added it...

Yes, that would work, if both PVEs shared the same management network. But they don't. The networks outside my inner firewall and inside are totally segregated. Nothing goes in. That's the problem in my case. And, yes, I could put them on the same network and then the migration would be not an...

Okay, so set up a tailscale network for example. That is an option, but my objective is to let nothing from the outside reach behind my inner firewall. And having a common network between inside and outside would basically circumvent the inner firewall.

I'm aiming for maximum security. But, admittedly, I'm still learning. How so? The PVE management network is, of course, separate from the DMZ network. That is, actually, the contingency, I'm trying to provide for. Well, there is the obvious option of piercing my inner firewall. But I'm...

Yes, I believe that is a classic setup. And yes, there are two fully fledged firewalls. One on the edge to the internet and one behind it at the edge of my private LAN. It does seem so. Unless, of course, Proxmox take up my suggestion to have PDM act as a conduit. I'm feeling relative...

Only the VMs live in the DMZ. The PVE that serves them does not. The PVE management interface, of course, is on a separate management network and not reachable from the DMZ.

Up to now, it has been my policy to not allow anything from the outside into my inner firewall. Ideally, I would like to keep it that way. If no viable other solutions exist, port forwarding would indeed be an easy option. But how would I integrate the authentication into the PDM migration...

Up to now, it has been my policy to not allow anything from the outside into my inner firewall. Ideally, I would like to keep it that way. If no viable other solutions exist, wireguard certainly would be an option. And how would I use that to migrate a VM from outside in? Would I set up a new...

In my homelab I have a small cluster from which I serve some applications that live in my DMZ. And I have another node inside my inner firewall on which I run some apps that need not be reachable from the public internet. Amongs others, I run PDM from there. While from inside the firewall, it it...

This did the trick. Thank you.

Hi, I have a PBS running for a while without any issues. My PVE cluster is doing regular backups to the PBS. Today, I changed the PBS's name (and FQDN). Of course, under the new name (and the new FQDN) it can't be accessed anymore by PVE. So I edited the storage.cfg in PVE to reflect the PBS...

Sorry, this was almost two years ago. I don't remember the details. But from going through the posts, I'd say that I just replaced the disk and did not issue the repair command.

I had this problem once as well and I was looking for a way to avoid running into it again. Someone pointed out that you can set a quota on a zpool to protect some space from being used. zfs get quota <poolname> Unfortunately, this gives you an absolute value and you have to do the math...

Not exactly sure what my issue was. I had a container that would start. Then I updated Debian inside and afterwards it wouldn't start anymore. But it was not the Debian 13.1 issue mentioned above because I checked and it still said Debian 13.0. Anyway, updating PVE (including pvecontainer from...

So I tried this and the conversion worked (as per mbr2gpt). But now, when I start the VM, the console doesn't connect to it anymore. So I don't get to see what is happening in the VM anymore. (I did switch to OVMF.) (At first, I tried without adding an EFI file in PVE - because I thought that...

Thank you. I shall look out for upgrade guides in the future. I had not even considered there might be one.

Ah, no I didn't follow that guide, didn't even know it existed. The upgrade "happened" somewhat unplanned: I have a three node cluster and when one node went into a boot loop I seized the opportunity to replace it with more powerful hardware. When I installed the new node, I installed the latest...

I have this on my Ceph status page. It is my understanding that squid is the latest CEPH release and it is available for PVE. So why does PVE tell me it wants an earlier release?

Thank you, that worked!

The way I understand it, in the folder /etc/pve/nodes/<node B>/qemu-server there are only the conf files for the VMs on node B. And the same goes for nodes C and D. So if I want the VM to be on node D, I need to put the conf file in the <node D> folder (the VM's disks should be on each node via...