HA for Proxmox Cluster management portal

flahiker

New Member
Jul 15, 2023
4
4
3
Largo, FL
www.dougjenkins.com
I was wondering what would be the best course of action to setup HA for the Proxmox web portal? I am currently usin HAProxy but I noticed that when I go into a console of one of the VMs, it does not use the same server that I am on (connection is probably not sticky).

I was thinking a better way is to setup keepalived service on each node and create the virtual IP here as my management portal endpoint.

Thoughts?
 
I was wondering what would be the best course of action to setup HA for the Proxmox web portal? I am currently usin HAProxy but I noticed that when I go into a console of one of the VMs, it does not use the same server that I am on (connection is probably not sticky).
Yes, then make it sticky ;)

Haven't used HAProxy before, but there are solutions for Traefik and nginx, just search the forums.
 
I was wondering what would be the best course of action to setup HA for the Proxmox web portal?
I use a nginx reverse proxy with round-robin to one of the nodes. This revese proxy itself is a VM which may be put under HA - but for me it is not as in case it dies I still can access all nodes directly.

As usual: ymmv :)
 
Thank you for your replies. I solved this problem by implementing keepalived on each proxmox node and setup a VIP using keepalived.

For example, I have a 3 node proxmox cluster on IPs 192.168.1.61, 192.168.1.62, 192.168.1.63. I setup a Virtual IP using keepalived on 192.168.1.60 and configured it with a master/backup strategy. This routes all tcp traffic across the 3 nodes which is helpful to manage.

here are my steps:

#Install the package (works on Ubuntu and Debian)
Code:
apt-get install keepalived

# Create the /etc/keepalived/keepalived.conf file with your configuration
Code:
nano /etc/keepalived/keepalived.conf

#enable and start the service. Verify that it works
Code:
systemctl enable keepalived
systemctl start keepalived
systemctl status keepalived

#Keepalived.conf on node#1 (MASTER)
Code:
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 205
priority 140
advert_int 1
unicast_src_ip 192.168.1.61
unicast_peer{
  192.168.1.62
  192.168.1.63
}

authentication {
   auth_type PASS
   auth_pass ###PASSWORD###
}

virtual_ipaddress {
        192.168.1.60/24
    }
}

#Keepalived.conf on node#2 (BACKUP)
Code:
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 205
priority 140
advert_int 1
unicast_src_ip 192.168.1.62
unicast_peer{
  192.168.1.61
  192.168.1.63
}

authentication {
   auth_type PASS
   auth_pass ###PASSWORD###
}

virtual_ipaddress {
        192.168.1.60/24
    }
}

#Keepalived.conf on node#3 (BACKUP)
Code:
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 205
priority 140
advert_int 1
unicast_src_ip 192.168.1.63
unicast_peer{
  192.168.1.61
  192.168.1.62
}

authentication {
   auth_type PASS
   auth_pass ###PASSWORD###
}

virtual_ipaddress {
        192.168.1.60/24
    }
}
 
Last edited:
Thanks for this config, however i'd like to know what you are doing about the port 8006 for the PVE? Are you still using it after your HA IP or are you having keepalived forward it?
 
Keepalived is only a virtual IP. Nothing related to ports. Proxmox is listening port 8006 on every IP, so it is listening also on that new VIP. So just reach the port to it.

IP and TCP are two different layers in the network stack and it is important to make the difference between the two...
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!