Search results

You are correct. It did not work, because of how it's designed. I have default DROP policy and when such is set, ipfilter does not work correctly. I decided to go with my firewall rules, which block in both ways (ipfilter does only egres filtering, relying on mac filter) and mac filter. Works...

@dietmar What rights should a user created on PBS have, in order for PVE nodes to fully use it as a backup target? What packages must one install to have PBS as a possible target under storage in PVE datanceter GUI? I can see PBS as a target in PVE GUI only, if I install PBS and PVE on the...

Well I did what you suggested and it did not work. I just checked what iptables rules look like on the host and I fund this match: -A tap100i0-OUT -m set ! --match-set PVEFW-100-ipfilter-net0-v4 src -j DROP so it seems that ipset is named PVEFW-$VMID-ipfilter-net$NEITD-v4 and not ipfilter-netX...

Ah, tnx for the reply spirit. So I just remove all my firewall rules, tick the ip filter box and add new ipset named ipfilter-netX where X matches net ID from hardware section? Cool, will try.

I'm about to put PM6 into production and would like to address this issue before doing so. Are there any builds that contain this feature nowdays?

Hi T., thank you for your reply. As I do not plan to run any other VMs except for backup VM, i will kindly ask you to elaborate on "add coupling between the cluster (one of the backup sources) and the backup server (the target), which may become an issue on outages". What kind of issue can...

HI guys, i'm about to start playing with PM backup server. I have it currently installed on bare metal. I noticed, that it can not be a part of cluster, and got me thinking, is there any reason not to install it just as a VM in PM itself? I see only advantages.

I have only 16 GB, so it can't be that. :-)

Thank you for taking the time to reply.

Hi, i would create a VM as it is required. Same disk size as the transferred raw source. Then i would zfs remove rpool/data/vm-lxc-orwhatherver-vm-ID-disk-ID, to delete it's disk. The I would replace the disk with zfs send and receive or zfs rename rpool/sync/vm-103-disk-0...

Hi guys, i wonder what solutions do / would you use to create a public cloud with ProxMox? PMs HTTP GUI is not suitable for public users, because it reveals too much info about the cluster even with the most basic permissions. There is also no automatic provisioning, payment processing...

Just a note in case of a confusion for future readers. :-) Looks like MH_MUC revived an old thread. In original issue we have had proxmox <= 5 and there is no efi boot with ZFS, and instructions still hold true. Latter issue looks like from PM 6 where we can have EFI boot and ZFS, hence the new...

If just one VM in locked, use qm unlock VMID or something like this...

Idea: did you check MTU size on PM hosts network interfaces, like what do you see when running: ip l l ?

I just took 5 minutes and wrote this, as there are no nagios plugins existing for monitoring pve-zsync jobs. Haven't really tested it yet, just sent it to my coworker, but I guess it should work as expected. Feel free to make it more advanced, share your mods back or just use as is...

@dcsapak there is also an option to "cheat" with this implementation and migrate suspended VMs. In this case, all you need to fix is locking mechanism. See here: https://bugzilla.proxmox.com/show_bug.cgi?id=2252 As a bonus, we also get to keep ZFS snapshots on migration!

Is working as expected. Replication is not backup. Try pve-zsync to have more snapshots on both sides. Try other ZFS backup scripts or write your own to have more snaps on destination than on source.

Seems that you are correct in the case i checked: root@p32:~# ls -la /etc/ssh/ | grep -i known -rw------- 1 root root 6601 Oct 29 17:54 ssh_known_hosts lrwxrwxrwx 1 root root 25 Oct 29 17:25 ssh_known_hosts.old -> /etc/pve/priv/known_hosts I guess I can just rm ssh_known_hosts and...

No1 knows this? Shouldn't /etc/pve be identical on all nodes?

if it is so trivial, please do contribute and submit the code yourself.