Cluster and https certs

A

alexc

Active Member
Apr 13, 2015
123
4
38
Looks like I found well-known mislogic which I wasn't aware of:

I set up several hardware nodes independently on PVE 5.2, put it into DNS (let me call it host01.mydomain.com, host02.mydomain.com etc. for the example purpose) and even got LE certs to access it over https without warnings. That was nice and well straight to do.

Then I decided to create a cluster of it, which was easy to do too.

But after the cluster is created, I can not log in into host02.mydomain.com, host03, host04..., but to host01.mydomain.com only (the 01 was the cluster initial host), since Proxmox removed old certs I attached to host02... and replace it with its own certs.

I can replace it back, but now I do affraid if it can produce problems on cluster - so if I should do that?

Another thing I face with when cluster was created is that it can not tell the difference between 'local' storages of different nodes. There are local storage on each node by default, and I can not bound it to specific node. And yes, I have no shared storage to keep VMs available from different hosts ( I don't need that). Should I edit storage.cfg manually?
 
alexc said:
I can replace it back, but now I do affraid if it can produce problems on cluster - so if I should do that?
Click to expand...
see https://pve.proxmox.com/wiki/Certificate_Management
(on cluster join, the database of the to joined node gets overwritten with the one from the cluster, so the certificates will be overwritten, but it makes no problem having custom certificates)

alexc said:
Another thing I face with when cluster was created is that it can not tell the difference between 'local' storages of different nodes. There are local storage on each node by default, and I can not bound it to specific node.
Click to expand...
yes this is by design

the api still differentiate the storages of the node with the path, e.g.:

/api2/json/nodes/pve01/storage/local
vs
/api2/json/nodes/pve02/storage/local

only the definition (which content types) is identical
if you really need different local storages (for what ever purpose), you can deactivate the default 'local' storage
and create a new directory storage for each node that point to '/var/lib/vz' and is restricted to some nodes
just note that in that case, you will not be able to migrate a vm from one node to another (not even offline), since
the api needs the storages to be named the same
 
Thank you for the explanations!

Frankly I use cluster as a single point of control, not like HA or what ever such. But rare migration is something that may be useful (even offline), so I'll consider this. Somehow I missed that while learning about cluster.

But then, if I say have several nodes with different storages, e.g.
- host01
--- local (100G, SSD)
- host02
--- local (200G, HDD)

So API won't notice the difference and won't say it can not migrate VM of 150G size from host02 to host01, right? And the only way I can ake it is to name local's differently, like:
- host01
--- local-host01 (100G, SSD)
- host02
--- local-host02 (200G, HDD)

and as of this, I will not be able to do 'migrate' since it won't see the same storage on different host and it won't allow me to tell which storage on destination node to use?
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back