Hello All,
As I have done other things in my professional carreer, I have missed some chunks of the IT, unfortunately also bigger chunks. Now working on my project I am in the middle of nowhere, exposing the ip of the management to internet.
I am setting up one DL380 with Proxmox, 128 GB RAM, 2 GPUs, 1,4 TB SSD consumer grade RAID (through the HP controller, is that a big issue?) for a smaller startup project with 2-5 VMs, (2 with the GPUs for Inventor and Autocad, the rest simply for some access of whatever it would be needed.) Next Cloud, OpenProject + there is a separate QNAP NAS for the backup and replication.
The point of that is, that if some guy is going to have some chunk of the startup job, that he would be working on the already existing remote resources, whereever he is, which are not hosted on the internet, so if the designer woould be needing 6 GB of GPU RAM, 10 cores - ok, it's given, the work resource for the startup is provided, while all the data of his work will be always in possession of the project owner and also locally hosted. In some means, whatever he is creating stays 'off-internet' and not copiable from him (given the right configuration)
I have numerous questions for making it right. Where I've done the installations. I bought a domain as well.
The goals:
1. to make it easily usable for secure remote usage of the VMs + the NextCloud and the OpenPoject, and this to all users involved in the Startup. I would prefer through some dashboard, where the different users for the startup project will be choosing their machines, but I read that the dashboards are having issues with the security
2. to image everything (from proxmox itself upto all VMs, without the user data) once 100% done and push it in a securely retrievable way to the Qnap. If Proxmox is going to fail - restore. if the VMs with the GPUs passtrough fail - restore and ready. (the hdw is not with me, but i can have onsite support easily)
3. incremental backups of the users data and the Nextcloud, only of the new data to the QNAP sitting in same LAN, but in different building.
I want help to:
1. somehow divide the access to the management and the users resources. The management of Proxmox, NextCloud, OpenProject, QNAP, and maybe network, should be also accessible from Internet, or maybe accessible only trough some virtual or real device. Dunno how to proceed.
2. setup secure and easy access through domain name to Nextcloud (I have already bought a domain)
3. setup secure and easy access through domain name to OpenPoject (I have already bought a domain)
so far done: the turnkey debian with Nextcloud holds also the OpenPoject, but with 2 databases. My point was to have less for backup and replication. Now, I cannot access the OpenPoject through a browser of local VM.... it is always openning the nextcloud
4. setup secure and easy access to the VMs (For now it is only 2 windows machines, it could grow with another 2 windows machines and 1-2 linux machines, but not expecting them to be all running at once) I would prefer through some dashboard, where the different users for the startup project will be choosing their machines. Dunno how to proceed. Have never installed dashboard on some Proxmox + have always used Port-forwarding to access some VM. It must end now.
5. once everything is done all the fine tunes, software and settings, image-backup everything for easy and fast restore (proxmox, nextcloud-project, VMs with passthroughs and their settings) How to set up the backups and connect the Qnap NAS for this case?
6. move an older VM disk to a newer installation, which older VM machine is not there any more, but only the disk is, and I would like to attach to a newer machine. Due to some update the passthrough had died back then. Now I would like to recover some data out if.
It sounds silly, but I do not know how to proceed, what choices out of the whole mix of design possbilities to choose from, and how to design it to be faster and to the end + dunno how to configure it on some points. For now I am accessing the Proxmox through...the static IP assigned from the ISP + switching off everything, when not using it.
And? how to do all that, given that it is up, running, two Win VMs are there, NextCloud and OpenPoject are there on one VM and there, I've bought the domain + one QNAP TS 419P+, have static IP on the server side.
How to configure it to the end, so it would be not eating too much processor, space, bandwith, it would be secure to be used, and I won't be emprisoned for the time of the rest configurations to come?
Thank you, guys, every elaborations is welcome. What input data, you would like to have, so you could help me better? Sadly, even if I have studied IT at the university, I've missed some more recent hands on experience of it, as I have also studied another bachelor of Business Management and have worked in 2 fields other than the IT. This one would also help me to recover, cause this one is a real-world scenario for ProxMox and will not stay as a home lab only. Proxmox clearly deserves real-world usage, I would say!
As I have done other things in my professional carreer, I have missed some chunks of the IT, unfortunately also bigger chunks. Now working on my project I am in the middle of nowhere, exposing the ip of the management to internet.
I am setting up one DL380 with Proxmox, 128 GB RAM, 2 GPUs, 1,4 TB SSD consumer grade RAID (through the HP controller, is that a big issue?) for a smaller startup project with 2-5 VMs, (2 with the GPUs for Inventor and Autocad, the rest simply for some access of whatever it would be needed.) Next Cloud, OpenProject + there is a separate QNAP NAS for the backup and replication.
The point of that is, that if some guy is going to have some chunk of the startup job, that he would be working on the already existing remote resources, whereever he is, which are not hosted on the internet, so if the designer woould be needing 6 GB of GPU RAM, 10 cores - ok, it's given, the work resource for the startup is provided, while all the data of his work will be always in possession of the project owner and also locally hosted. In some means, whatever he is creating stays 'off-internet' and not copiable from him (given the right configuration)
I have numerous questions for making it right. Where I've done the installations. I bought a domain as well.
The goals:
1. to make it easily usable for secure remote usage of the VMs + the NextCloud and the OpenPoject, and this to all users involved in the Startup. I would prefer through some dashboard, where the different users for the startup project will be choosing their machines, but I read that the dashboards are having issues with the security
2. to image everything (from proxmox itself upto all VMs, without the user data) once 100% done and push it in a securely retrievable way to the Qnap. If Proxmox is going to fail - restore. if the VMs with the GPUs passtrough fail - restore and ready. (the hdw is not with me, but i can have onsite support easily)
3. incremental backups of the users data and the Nextcloud, only of the new data to the QNAP sitting in same LAN, but in different building.
I want help to:
1. somehow divide the access to the management and the users resources. The management of Proxmox, NextCloud, OpenProject, QNAP, and maybe network, should be also accessible from Internet, or maybe accessible only trough some virtual or real device. Dunno how to proceed.
2. setup secure and easy access through domain name to Nextcloud (I have already bought a domain)
3. setup secure and easy access through domain name to OpenPoject (I have already bought a domain)
so far done: the turnkey debian with Nextcloud holds also the OpenPoject, but with 2 databases. My point was to have less for backup and replication. Now, I cannot access the OpenPoject through a browser of local VM.... it is always openning the nextcloud
4. setup secure and easy access to the VMs (For now it is only 2 windows machines, it could grow with another 2 windows machines and 1-2 linux machines, but not expecting them to be all running at once) I would prefer through some dashboard, where the different users for the startup project will be choosing their machines. Dunno how to proceed. Have never installed dashboard on some Proxmox + have always used Port-forwarding to access some VM. It must end now.
5. once everything is done all the fine tunes, software and settings, image-backup everything for easy and fast restore (proxmox, nextcloud-project, VMs with passthroughs and their settings) How to set up the backups and connect the Qnap NAS for this case?
6. move an older VM disk to a newer installation, which older VM machine is not there any more, but only the disk is, and I would like to attach to a newer machine. Due to some update the passthrough had died back then. Now I would like to recover some data out if.
It sounds silly, but I do not know how to proceed, what choices out of the whole mix of design possbilities to choose from, and how to design it to be faster and to the end + dunno how to configure it on some points. For now I am accessing the Proxmox through...the static IP assigned from the ISP + switching off everything, when not using it.
And? how to do all that, given that it is up, running, two Win VMs are there, NextCloud and OpenPoject are there on one VM and there, I've bought the domain + one QNAP TS 419P+, have static IP on the server side.
How to configure it to the end, so it would be not eating too much processor, space, bandwith, it would be secure to be used, and I won't be emprisoned for the time of the rest configurations to come?
Thank you, guys, every elaborations is welcome. What input data, you would like to have, so you could help me better? Sadly, even if I have studied IT at the university, I've missed some more recent hands on experience of it, as I have also studied another bachelor of Business Management and have worked in 2 fields other than the IT. This one would also help me to recover, cause this one is a real-world scenario for ProxMox and will not stay as a home lab only. Proxmox clearly deserves real-world usage, I would say!
Last edited: