Dear colleagues,
We have been using different virtualization solutions for over a decade. We have used XEN (the open-source project) on Debian since 2018. It is time to move to KVM, and we are considering switching to PVE, too. We have built much automation over the years, especially with the network. We need a smooth and partial transition here.
NETWORK
We have separate management, data and storage networks. The hypervisors are isolated and are only bound to the management network.
We isolate projects by putting them in separate data VLANs. Every project consists of one to over a hundred VMs. Every project VLAN have its own RFC1918 (private) network. VMs get fixed IPs from their respective network address space through routers. The routers are in HA configuration with VRRP.
Some servers are only visible inside their project, and the rest have NAT from/to a public IP.
We have a complete set of automation tools to provision and delete VLANs/Networks, Public to private IP bindings, limit the bandwith and much more.
Thank you in advance for any help.
BR,
Alexander
We have been using different virtualization solutions for over a decade. We have used XEN (the open-source project) on Debian since 2018. It is time to move to KVM, and we are considering switching to PVE, too. We have built much automation over the years, especially with the network. We need a smooth and partial transition here.
NETWORK
We have separate management, data and storage networks. The hypervisors are isolated and are only bound to the management network.
We isolate projects by putting them in separate data VLANs. Every project consists of one to over a hundred VMs. Every project VLAN have its own RFC1918 (private) network. VMs get fixed IPs from their respective network address space through routers. The routers are in HA configuration with VRRP.
Some servers are only visible inside their project, and the rest have NAT from/to a public IP.
We have a complete set of automation tools to provision and delete VLANs/Networks, Public to private IP bindings, limit the bandwith and much more.
- Is there a standard way to guarantee that ProxMox will never bind an address to the VM`s VLANs?
- May we use the ProxMox networking to only nond all off the VMs to their respective VLANs and let us handle the rest with our tools?
- What is the best convention for ProxMox to group the VMs? It looks like "Resource Pools" might be helpful.
- What is the best place to hook our network provisioning? ProxMox has pre and post-start and stop hooks. Is there any pre-create or post-create hook? Alternatively, should we better use a pre-start one and check if the VM is we need to make a new definition by MAC, ID ore some custom identifier.
- Is there a better place for these pre-sales questions? Are these types of questions suitable for paid plan tickets?
Thank you in advance for any help.
BR,
Alexander