Quantcast
Channel: Proxmox Support Forum
Viewing all 171679 articles
Browse latest View live

What interface should I enable the Datacentre firewall on?

June 14, 2015, 5:03 am
$
0
0
I'm using PVE 3.4-6

I'd like to firewall off all ports that I don't need on a couple of MVs. Looking at https://pve.proxmox.com/wiki/Proxmox_VE_Firewall, I think (but I'm not sure) that I need to add rules to enable the PVE admin UI and ssh first though.

So I've set up a security group called "admin" on the Datacentre that looks like this:

security-group.png

I now want to add that group to the rules set. But what do I specify for the interface?

add-rule.png

My host's network looks like this:

network.png

Any clues much appreciated.
Attached Images
Search

[SOLVED] And when those passengers

June 14, 2015, 1:32 pm

supporting President Obama’s

June 14, 2015, 1:43 pm

Windows xp machine shutsdown

June 14, 2015, 2:32 pm
$
0
0
Hi please i visualized my physical windows xp machine...The funny thing is that after running the backups at night the machines Shutdown they do not go back online..


I need your help here please and i will be grateful if some one could help me

windows 2003 vm restarted unexpectedly

June 14, 2015, 7:35 pm
$
0
0
I have a pve cluster with 3 nodes which were installed with pve official iso version 3.3.
The cluster has run for 46 days and everything was ok, until 2 windows 2003 vms restarted unexpectedly.
The halt vm report an warning from "USER32", with "reason" system failure stop error, and "reason code" 0x805000f.

Plus the unexpectedly restarted vm, I got a crazy windows 2003 vm, whose system time is about halt an hour faster than the pve server, and the cpu usage is about 60%.

what's the reason of the pve cluster? how can I fix the problem?

External DHCP not getting to guests

June 14, 2015, 7:43 pm
$
0
0
I've configured my system with a bridge. I have a DHCP server on the local network, and I want guests to pick up DHCP from it. However, the DHCP is not being forwarded on to the guest.

It gets through to the bridge interface.
Code:
root@pve1:~# tcpdump -ni vmbr0 port 67 or port 68
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vmbr0, link-type EN10MB (Ethernet), capture size 65535 bytes
21:45:05.368257 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:05.368303 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:05.368740 IP 192.168.1.1.67 > 192.168.1.167.68: BOOTP/DHCP, Reply, length 300
21:45:06.358140 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:06.358183 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:06.358599 IP 192.168.1.1.67 > 192.168.1.167.68: BOOTP/DHCP, Reply, length 300
21:45:08.332625 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:08.332671 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:08.333096 IP 192.168.1.1.67 > 192.168.1.167.68: BOOTP/DHCP, Reply, length 300
21:45:12.290124 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:12.290167 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
21:45:12.290586 IP 192.168.1.1.67 > 192.168.1.167.68: BOOTP/DHCP, Reply, length 300
It doesn't get to the tap interface.
Code:
root@pve1:~# tcpdump -ni tap100i0 port 67 or port 68
tcpdump: WARNING: tap100i0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap100i0, link-type EN10MB (Ethernet), capture size 65535 bytes
22:18:01.574322 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:01.574379 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:02.562958 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:02.563013 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:04.540882 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:04.540935 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:08.494840 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
22:18:08.494902 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from e6:ab:50:ad:8a:d6, length 387
I have tried turning the firewall on and off, adding accept rules, and changing the enable DHCP, enable firewall, and MAC filter settings, and it makes no difference. I have another KVM host (not proxmox) where this same setup works perfectly, so I know the technology is capable and the rest of the network is configured correctly, it must be something on the proxmox hosts. What else can I check?

ceph : [client] rbd cache = true override qemu cache=none|writeback

June 14, 2015, 11:23 pm
$
0
0
Hi,

a small note about ceph,

currently if you define

[client]
rbd_cache=true|false

in /etc/ceph/ceph.conf

it's override the qemu cache=none|writeback.
(so you'll always have cache enable of disable from rbd_cache value for all your vms)

It's a bug, and ceph team have send a fix this week.

So, for now, it's better to remove rbd_cache from ceph.conf

[SOLVED] exit code 9 after dist-upgrade

June 15, 2015, 12:27 am
$
0
0
Hi all,

I updated my proxmox intallations from 2.3 to version 3.4 on two servers.
One with subscription-key, one without.

On the server with subscription and enterprise repo, I get following error when I try to start or dump a container:
Code:
Container already locked
TASK ERROR: command 'vzctl start 101' failed: exit code 9
or
Container already locked
TASK ERROR: command 'vzctl destroy 101' failed: exit code 9
I already deleted the /var/lib/vz/lock/ VCID.lck, but still not able to start the container.
The container is located on a separate storage with NFS, storage is mounted and I can access it from therminal within proxmox.

On the testingserver (no-subscription repo) all containers work fine.

Any idea??
Search

How do I firewall a VM?

June 15, 2015, 4:22 am
$
0
0
Hi guys,

First time using the proxmox firewall and I need some guidance.

I have created a security group with an allow rule for SSH and the web interface at the datacenter level, inserted it and have enabled the firewall.

Now I want to protect one of my kvm VM's with the PVE firewall. I have enabled the firewall for the virtual machine and its default is set to REJECT, however traffic can still get through. What do I need to do to apply the firewall to my VM's with a default REJECT? I want to define ACCEPT rules to allow only the ports I specify and reject everything else.

Webmin: Can't get it installed for the LIFE of me.

June 15, 2015, 7:33 am
$
0
0
I want to test out Proxmox to possibly get away from ESXi since I'm having all kinds of hardware compatibility issues with it right now.

I just complete the installation and want to get webmin installed. I followed all the videos and guides for it on Woodel.com but none if it has worked. I can't install any of the dependencies no matter what I do.

First I do the following after downloading the webmin installer and I get the following message:

Quote:
root@pve:/options# dpkg -i webmin_1.750_all.deb

Selecting previously unselected package webmin.
(Reading database ... 31133 files and directories currently installed.)
Unpacking webmin (from webmin_1.750_all.deb) ...
dpkg: dependency problems prevent configuration of webmin:
webmin depends on libio-pty-perl; however:
Package libio-pty-perl is not installed.
webmin depends on apt-show-versions; however:
Package apt-show-versions is not installed.


dpkg: error processing webmin (--install):
dependency problems - leaving unconfigured
Errors were encountered while processing:
webmin
So I then try and install the missing dependancy packages by typing apt-get install -f and get the following:

Quote:
root@pve:/options# apt-get install -f

Reading package lists... Done
Building dependency tree
Reading state information... Done
Correcting dependencies... Done
The following packages will be REMOVED:
webmin
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
1 not fully installed or removed.
After this operation, 146 MB disk space will be freed.
Do you want to continue [Y/n]? y
(Reading database ... 55999 files and directories currently installed.)
Removing webmin ...
If I try to install the packages one by one I get the following:

Quote:
root@pve:/options# apt-get install libio-pty-perl

Reading package lists... Done
Building dependency tree
Reading state information... Done
Package libio-pty-perl is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source


E: Package 'libio-pty-perl' has no installation candidate
I feel like I'm going in circles here and nothing is working. What am I doing wrong?

Additional IPs

June 15, 2015, 8:22 am
$
0
0
Hello,Got 2 additional IPs(failover from OVH)I have 6 Windows instances installed.I need 3 Windows Machines to use 1 IPs and 3 instances to use the other IP.How can this be done most efficiently? Do I need to setup pfsense vm?

Storage Pass-through?

June 15, 2015, 12:41 pm
$
0
0
Does Proxmox offer hardware pass-through of storage controllers? Or can I at least pass through all the disks individually so that one specific VM sees them natively? I want to setup an unRAID VM and need to be able to get smart controls and individual disk spin-up/spin-down using hdparm.

[SOLVED] Stewart and Cargile have been linked

June 15, 2015, 2:59 pm

proxmox image clone

June 15, 2015, 3:38 pm
$
0
0
Does anyone know if there is a protocol to clone the entire Proxmox install along with accompanying vms so can migrate to new hardware server? Thank you,

grub defekt nach Festplattenausfall/Grub doesnt work after HDDcrash

June 15, 2015, 5:39 pm
$
0
0
Hallo zusammen,

ich hatte einen Festplattenausfall, den ich wieder reparieren konnte. Die MDs sind nun wieder alle da.
Leider bekomme ich mein System aber nicht zum booten, denn Grub gibt mir nur die SHELL aus.
Ich muss dazu sagen, das ich den Grub erst versucht habe auf sda zu übertragen. Da das aber nicht klappte habe ich ihn neu installiert:

[CODE]

mount /dev/md2 /mnt/
mount /dev/md1 /mnt/boot
mount -o bind /dev /mnt/dev
mount -o bind /sys /mnt/sys
mount -t proc /proc /mnt/proc

chroot /mnt/

grub-install /dev/sda
update-grub
[CODE]

die Grub.cfg sieht wie folgt aus:
Code:
# DO NOT EDIT THIS FILE
#
# It is automatically generated by /usr/sbin/update-grub using templates
# from /etc/grub.d and settings from /etc/default/grub
#

### BEGIN /etc/grub.d/00_header ###
set default=0
set timeout=5
insmod raid
set root=(md2)
search --fs-uuid --set fe63770c-b7e6-4a27-a738-f5dd070b26bd
if font /usr/share/grub/ascii.pff ; then
  set gfxmode=640x480
  insmod gfxterm
  insmod vbe
  terminal gfxterm
fi
### END /etc/grub.d/00_header ###

### BEGIN /etc/grub.d/05_debian_theme ###
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
### END /etc/grub.d/05_debian_theme ###

### BEGIN /etc/grub.d/10_hurd ###
### END /etc/grub.d/10_hurd ###

### BEGIN /etc/grub.d/10_linux ###
### END /etc/grub.d/10_linux ###

### BEGIN /etc/grub.d/30_os-prober ###
### END /etc/grub.d/30_os-prober ###

### BEGIN /etc/grub.d/40_custom ###
# This file is an example on how to add custom entries
### END /etc/grub.d/40_custom ###
Ich meine da fehlt doch einiges. Aber was genau muss ich hier reinschreiben, das mein Grub wieder bootet?

Vielen Dank für eure Hilfe

Tobias
Search

how to safe offline proxmox with CT

June 15, 2015, 10:23 pm
$
0
0
Hello,
i have a proxmox installation witch i can not boot anymore.
Now i would like to know witch files do i have to safe at my offlein-filesystem that i can use the backup after reinstalling the Hostsystem.
Do i only have to safe /var/lib/vz ? What do i have to do, to get the CT working at a new hostsystem?

i can not use vzdump 101 in hetzner recovery-modus. Here i get this error:
Code:
INFO: starting new backup job: vzdump 101
INFO: Starting Backup of VM 101 (openvz)
ERROR: Backup of VM 101 failed - command 'vzctl status 101' failed with exit code 5
INFO: Backup job finished with errors
Thanks a lot

Tobias

ARP across different subnets with one NIC per guest

June 15, 2015, 10:50 pm
$
0
0
Hi All,

Recently I posted in another forum about a strange issue I've discovered with one of our VM's. I had thought the issue may have been something specific to Debian as our windows hosts don't seem to have this issue, but it seems not.

In the proxmox environment I have one vmbr device which has two subnets running on top of it. What is happening is that a guest from one subnet is able to directly communicate with a guest in the other subnet without passing through the gateway; something that it should not be able to do.

Topology:
Server A > Gateway > Server B

Now, Server A and Server B both have IP addresses in /27 blocks adjacent to one another; for example:
Server A: 10.0.0.40/27
Server B: 10.0.0.2/27

When Server A is sends an ARP to the wire for 10.0.0.2, Server B is answering directly, instead of routing through the gateway.

I'm wondering if this is perhaps a bug/issue with the vmbr driver in Proxmox?

And just to answer the logical question... Yes, I have checked that the subnet's are specified correctly ;)

Here is the relevant info from the servers:

SERVER A:

root@XXXXXX:~# ip addr show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether XX:XX:XX:9e:26:52 brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.210.40/27 brd XXX.XXX.210.63 scope global eth0


SERVER B:

root@XXXXXX:~# ip addr show
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether XX:XX:XX:39:30:ba brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.210.2/27 brd XXX.XXX.210.31 scope global eth0


PCAP:

No. Time Source Destination Protocol Info
100 283.624027 XX:XX:XX:39:30:ba Broadcast ARP Who has XXX.XXX.210.40? Tell XXX.XXX.210.2
101 283.624226 XX:XX:XX:9e:26:52 XX:XX:XX:39:30:ba ARP XXX.XXX.210.40 is at XX:XX:XX:9e:26:52


Any help/comments on this is greatly appreciated.

Thanks
Anubis

Proxmox Backup

June 16, 2015, 2:28 am
$
0
0
Hi to all,

I'm using proxmox for the first time and I have some doubts about the backup feature.

Is possible to backup also my VM on Proxmox to the harddrive of other PC on the same network?
I'm asking this because if the harddrive of the PC with Proxmox installed fails is important to have a copy of my VMs on other PC so I can restore all quickly.

Sorry if this is a beguinner question...

Thanks,

Back up failing

June 16, 2015, 3:18 am
$
0
0
Hi,

Wonder if someone could help.

I'm getting the following error when trying to backup a snapshot of a vm


INFO: starting new backup job: vzdump 105 --remove 0 --mode snapshot --compress lzo --storage Backup_server --node ns6450343
INFO: Starting Backup of VM 105 (openvz)
INFO: CTID 105 exist mounted running
INFO: status = running
INFO: backup mode: snapshot
INFO: ionice priority: 7
INFO: creating lvm snapshot of /dev/mapper/pve-data ('/dev/pve/vzsnap-ns6450343-0')
INFO: Logical volume "vzsnap-ns6450343-0" created
INFO: creating archive '/mnt/backup/proxmox_vzdump/dump/prox5/dump/vzdump-openvz-105-2015_06_16-11_49_40.tar.lzo'
INFO: find: `./var/lib/jenkins/workspace/live-master-mailer/rp/src/main/webapp/js': Input/output error

--- --- i get this error all the way through on every file.

NFO: tar: ./ghost: Read error at byte 0, while reading 512 bytes: Input/output error
INFO: Total bytes written: 32824709120 (31GiB, 20MiB/s)
INFO: tar: Exiting with failure status due to previous errors
ERROR: Backup of VM 105 failed - command '(cd /mnt/vzsnap0/private/105;find . '(' -regex '^\.$' ')' -o '(' -type 's' -prune ')' -o -print0|sed 's/\\/\\\\/g'|tar cpf - --totals --sparse --numeric-owner --no-recursion --one-file-system --null -T -|lzop) >/mnt/backup/proxmox_vzdump/dump/prox5/dump/vzdump-openvz-105-2015_06_16-11_49_40.tar.dat' failed: exit code 2
INFO: Backup job finished with errors
TASK ERROR: job errors


all other vm's back up ok (smaller in size)

Filesystem Size Used Avail Use% Mounted on
udev 10M 0 10M 0% /dev
tmpfs 26G 384K 26G 1% /run
/dev/md2 20G 4.7G 14G 26% /

Any help would be great full!

Via IPsec Mobile client host not reachable, with normal IPsec everything fine.

June 16, 2015, 4:16 am
$
0
0
Hey!
I have a strange issue:
After set up a VPN with IPsec mobile clients, I can't reach my Proxmox hosts.
With the IPsec site to site VPN everything works great.

The basic settings (Network settings, addresses) are the same, only the security settings (which Phase protocols, and so on) are different.
I have never seen something like this, so I am really confused, maybe someone can give me an hint what to check.

Thanks
Viewing all 171679 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>