Logo

dev-resources.site

for different kinds of informations.

Install Proxmox on any bare metal server

Published at
10/2/2024
Categories
linux
proxmox
debian
Author
sergelogvinov
Categories
3 categories in total
linux
open
proxmox
open
debian
open
Author
13 person written this
sergelogvinov
open
Install Proxmox on any bare metal server

Introduction

Installing Proxmox on a bare metal server is easy when you have direct access.
But if you rent a server from a hosting provider, you might face some challenges:

  • No IPMI/iDRAC access: You don’t have remote tools to manage the server.
  • No DHCP/PXE network: The network doesn’t have DHCP or PXE, or you can't control it, so you can't boot from the network.
  • No templates available: The hosting provider doesn’t have a ready template for your server, even though you know Proxmox works on it.
  • Can't change disk partitions: The hosting provider’s templates don’t let you change disk partition sizes or filesystems.
  • Bonding interfaces required: The hosting provider uses bonding interfaces, which the standard net installer doesn’t support.
  • Minimal install desired: You want to install Proxmox with just the basics, without any extra software from the hosting provider.

These can make the installation more difficult.

I'd like to share my experience with the project ansible-role-debian-boot which solves most of the challenges.

The main idea is to use the existing operation system on the server to install Debian with you own partitioning table. Once Debian is installed, we will install Proxmox on top of it. Since Proxmox is based on Debian, this method works well.

We will use the Debian netinstall installer, which includes the kernel and initrd, along with a custom preseed file to automate the Debian installation. This approach allows us to configure the system with the correct partitioning and network settings without manual intervention.

Requirements

You need to have ansible installed on your local machine.

Download ansible-role-debian-boot role

ansible-galaxy role install sergelogvinov.debian-boot
Enter fullscreen mode Exit fullscreen mode

or clone the project (if you want to modify the files)

git clone https://github.com/sergelogvinov/ansible-role-debian-boot.git
Enter fullscreen mode Exit fullscreen mode

Usage

All options you can find here main.yml

I will show you the most important options:

# Reinstall the server with Debian
- hosts: all
  vars:
    # add a new entry to the GRUB menu with the Debian net installer. It will also download the netboot kernel and initrd to the server. (default: false)
    debian_grub: true
    # use kexec to reboot the server directly into the new kernel and initrd, without a full hardware reboot. (default: false)
    debian_kexec: true
    # rebuild the initrd, including the current network configuration and the custom preseed file to ensure proper booting and installation. (optional)
    debian_rebuild_initrd: true

    # Name or URL of the preseed file
    debian_preseed: proxmox.cfg

    # root password that will be used during the installation.
    debian_preseed_password: "password"
    # ssh key that will be added for root user.
    debian_sshkey: "ssh-rsa AAAA"

  roles:
    - ansible-role-debian-boot
Enter fullscreen mode Exit fullscreen mode

Predefined preseed files can be found here proxmox.cfg, proxmox-lvm.cfg.

The Ansible playbook configures the Debian net installer with the preseed file and the necessary boot arguments. Specifically, it will:

  • Set up the network configuration, including the interface, IP address, gateway, and DNS (DHCP is not required).
  • Use the preseed file to define the partitioning scheme and software to be installed.
  • Set the root password.
  • Add the SSH key for the root user.

Important: Remember to change the root password after the installation is complete for security reasons.

Options

Install through GRUB menu

debian_grub: true - will add the new entry to the grub menu with the Debian net installer.
It helps to boot the server with the Debian net installer, in case if you have access to the server console or through changing the boot order.

Some old servers or arm-based boards do not support the kexec command, so you can use the grub menu to boot the server with the Debian net installer.

Check new entry in the grub menu:

grep -A 4 'Debian Net' /boot/grub/grub.cfg
Enter fullscreen mode Exit fullscreen mode

Output:

menuentry "Debian Net Installer" {
    linux /boot/debian-kernel  keymap=us language=en country=US locale=en_US.UTF-8 priority=critical   url=https://raw.githubusercontent.com/sergelogvinov/ansible-role-debian-boot/main/files/bookworm/proxmox-lvm.cfg
    initrd /boot/debian-initrd.gz
}
### END /etc/grub.d/15_debian_installer ###
Enter fullscreen mode Exit fullscreen mode

Install through kexec

debian_kexec: true - will use the kexec to boot the server with the new kernel and initrd.
If you do not have access to the server console, you can use the kexec to boot the server with the new kernel and initrd.
After successful loading the new kernel and initrd, the server will boot with the Debian Net installer with the preseed file.

Cautions: this option will reboot the operation system without any confirmation and format the disk.

Rebuild initrd

debian_rebuild_initrd: true - will download and rebuild the initrd with the network configuration, ssd keys and the preseed file.
All necessary files will be added to the initrd.
And dyring the boot process, the installer will use the network configuration and the preseed file stored in the initrd.

Ansible will add the following files to the initrd:

find /boot/preseed/ -type f
Enter fullscreen mode Exit fullscreen mode

Output:

# Additional network configuration (for bonding interfaces)
/boot/preseed/lib/debian-installer.d/S25bonding-interfaces
# Sshd configuration
/boot/preseed/lib/debian-installer.d/S60sshd
# Helper script to keep the network up (for bonding interfaces)
/boot/preseed/usr/bin/if-keep-up.sh
# ssh_host keys copied from the host
/boot/preseed/etc/ssh/sshd_config
/boot/preseed/etc/ssh/ssh_host_rsa_key
/boot/preseed/etc/ssh/ssh_host_ed25519_key
/boot/preseed/etc/ssh/ssh_host_ecdsa_key.pub
/boot/preseed/etc/ssh/authorized_keys
/boot/preseed/etc/ssh/ssh_host_ecdsa_key
/boot/preseed/etc/ssh/ssh_host_ed25519_key.pub
/boot/preseed/etc/ssh/ssh_host_rsa_key.pub
# Pinning the network interface
/boot/preseed/etc/udev/rules.d/70-persistent-net.rules
# For manual network trubleshooting (network config from previous OS)
/boot/preseed/network.sh
# Preseed file
/boot/preseed/debian-preseed.cfg
Enter fullscreen mode Exit fullscreen mode

Preseed file

Customize the preseed file, which will be used to install the Debian.
Official preseed example.

debian_preseed: "https://raw.githubusercontent.com/sergelogvinov/ansible-role-debian-boot/main/files/{{ debian_version }}/proxmox.cfg"
Enter fullscreen mode Exit fullscreen mode

Preseed file with Soft RAID1

The Proxmox installer does not support Soft RAID1, only zfs for redundancy to the root partition.
But zfs requires a lot of memory and proper configuration.
So, sometimes it is better to use Soft RAID1.

Base my experience, almost all hosting providers offer servers with 2 disks.
So, Soft RAID1 is a good choice.

Preseed file proxmox.cfg will install the Debian with Soft RAID1 the following partitioning:

Partition Type Mount Size
1,2 BIOS/EFI
3 ext4 /boot 1G
4 swap 4G
5 Softraid + lvm all

lvm partition: root - 20G, vz - 4G, volume group data - all free space

/dev/md0               943M  197M  682M  23% /boot
/dev/sdb2              512M  164K  512M   1% /boot/efi
/dev/mapper/data-root   20G  3.0G   17G  16% /
/dev/mapper/data-vz    3.8G   60M  3.7G   2% /var/lib/vz
Enter fullscreen mode Exit fullscreen mode

Preseed file for one disk

Preseed file proxmox-lvm.cfg will install the Debian on one disk with LVM the following partitioning:

Partition Type Mount Size
1,2 BIOS/EFI
3 ext4 /boot 1G
4 swap 4G
5 lvm all

lvm partition: root - 20G, vz - 4G, volume group data - all free space

/dev/sdb3              943M  197M  682M  23% /boot
/dev/sdb2              512M  164K  512M   1% /boot/efi
/dev/mapper/data-root   20G  3.0G   17G  16% /
/dev/mapper/data-vz    3.8G   60M  3.7G   2% /var/lib/vz
Enter fullscreen mode Exit fullscreen mode

You can clone the project and modify the preseed file for your needs.
Preseed variable debian_preseed can be a URL to the preseed file.
Or use debian_rebuild_initrd flag to add everything to the initrd.

Install in rescue mode

If you cloud provider has a rescue mode, you can use it to boot the server and run the ansible playbook to install Debian.
As all operation system runs in memory, you can use only kexec installation method.

# Reinstall the server in rescue mode
- hosts: all
  vars:
    debian_grub: false
    debian_kexec: true
    debian_rebuild_initrd: true

    debian_preseed_password: "password"
    debian_sshkey: "ssh-rsa AAAA"

    debian_preseed: proxmox.cfg
  roles:
    - ansible-role-debian-boot
Enter fullscreen mode Exit fullscreen mode

Install with bond interface

The Debian net installer does not support bonding interfaces (port channels) by default.
However, some hosting providers require the use of bonding interfaces for network connectivity.

If your server does not initialize its network interfaces in bonding mode, the installation will not have access to the network, potentially causing the installation process to fail or become incomplete.

So, ansibe role define the bonding interface and take care of this issue.
You need to set debian_rebuild_initrd: true and debian_interface: bond0 in the playbook.
Ansible will add some scripts to the initrd to initialize the bonding interface for you.

To resolve this issue, an ansible role can be defined to configure the bonding interface and handle network initialization during the Debian installation.
In your playbook, you need to set the following variables:

debian_rebuild_initrd: true
debian_interface: bond0
Enter fullscreen mode Exit fullscreen mode

Ansible will then add the necessary scripts to the initrd, ensuring that the bonding interface (bond0) is properly initialized.
This will allow the network interfaces to be set up correctly during the installation process, enabling network access for the installer.

Post-installation tasks

After the installation, pressid run following tasks:

  • allow root login via ssh and set the password debian_preseed_password
  • add ssh key for the root user debian_sshkey
  • run ansible playbook to fix default settings for the Proxmox
    • ansible-role-system - basic system settings
    • ansible-role-iptables - add default iptables rules
sed -i 's/PermitRootLogin .*/PermitRootLogin Yes/g' /target/etc/ssh/sshd_config; echo 'PermitRootLogin Yes' >>/target/etc/ssh/sshd_config; \
mkdir /target/root/.ssh; \
wget -O /target/root/.ssh/authorized_keys {{ url if debian_sshkey is url else 'https://github.com/sergelogvinov.keys' }}; \
chmod 0600 /target/root/.ssh/authorized_keys; \
wget -O /target/root/proxmox-playbook.yaml https://raw.githubusercontent.com/sergelogvinov/ansible-role-debian-boot/main/files/bookworm/proxmox-playbook.yaml; \
in-target ansible-galaxy role install git+https://github.com/sergelogvinov/ansible-role-system.git,main; \
in-target ansible-galaxy role install git+https://github.com/sergelogvinov/ansible-role-iptables.git,main; \
in-target mkdir /dev/shm; \
in-target ansible-playbook --connection=local /root/proxmox-playbook.yaml; \
rm -rf /target/.ansible /target/root/proxmox-playbook.yaml;
Enter fullscreen mode Exit fullscreen mode

Feel free to modify the pressed command preseed/late_command for your needs or remove it at all.

Pressed templates:

Install Proxmox

Now that Debian is installed, the next step is to install Proxmox on top of it.

You can use the following official documentation,
or use the ansible role ansible-role-proxmox.

Download the role:

ansible-galaxy role install sergelogvinov.proxmox
Enter fullscreen mode Exit fullscreen mode

Add the role to the playbook:

# Install Proxmox
- hosts: all
  roles:
    - ansible-role-proxmox
Enter fullscreen mode Exit fullscreen mode

It adds the Proxmox repository and installs the Proxmox packages.
After the installation, reboot the server.

Conclusion

We've had an old operating system on the server, and we've installed Debian with a custom partitioning scheme and network configuration, without manual intervention.
And than we've installed Proxmox on top of it.

The project ansible-role-debian-boot under MIT license, so feel free to fork and modify this project. Just remember to leave a star on the project :)

I hope this article helps you successfully install Debian and Proxmox on any hosting provider.

proxmox Article's
30 articles in total
Favicon
How to Build and Manage Virtual Machines Using Proxmox CLI: A Step-by-Step Guide
Favicon
Efficient Proxmox Backups: How to Use NAKIVO Backup & Replication
Favicon
Introduction à Terraform avec Proxmox
Favicon
Proxmox Virtual Machine optimization
Favicon
Complete Data Protection Guide: Backing Up Proxmox Virtual Machines
Favicon
Proxmox Backup by NAKIVO: The Ultimate Solution for VM Data Protection
Favicon
Proxmox cpu affinity for VMs
Favicon
Self-Host a Joplin Sync Server in Proxmox
Favicon
A Detailed Guide to Securing Proxmox Virtual Machines via NAKIVO Backup & Replication
Favicon
How to recover and update Proxmox 8 firewall configuration in SQLite when you locked yourself out
Favicon
Proxmox: Resize Your Local (pve) Disk
Favicon
Network performance optimization with Nvidia ConnectX on Proxmox
Favicon
Learning Ansible, Proxmox and LXC, Part 1
Favicon
Proxmox HugePages for VMs
Favicon
Disable or Hide Local Storage on Proxmox VE
Favicon
Install Proxmox on any bare metal server
Favicon
Proxmox Network Storage: Firewall Rules
Favicon
How to Install Ubuntu 24.04 on Proxmox VE
Favicon
Install Ubuntu 24.04 on Proxmox VE
Favicon
Proxmox and NAS: Implementing VLANs for Network Isolation
Favicon
Proxmox: Network Storage
Favicon
Create an Ubuntu Cloud-Init Template on Proxmox: The Command Line Guide
Favicon
Proxmox Security Series:Securing Root Access
Favicon
How to Backup Proxmox VM in Vinchin Backup & Recovery?
Favicon
Using Packer and Proxmox to Build Templates
Favicon
Proxmox Security Series: Strengthening Your Virtual Environment
Favicon
Saying Hello to the Room
Favicon
Setting Up The Home Lab: Setting up Kubernetes Using Ansible
Favicon
Setting Up The Home Lab: Terraform and Cloud-Init
Favicon
Effortless VM Data Security with NAKIVO and Proxmox Backup

Featured ones: