non graphical, SSH and basic tools only

apt-get install nano sudo nfs samba-common

usermod -aG sudo [your-username]

switch to username all commands thereafter use sudo when needed

This container puts a label on each machine based on a config that matches service names. If the service is running the label gets a 1 and if the label get as 0 its not running. this can be used with constraints to either locate serices on a node with another service OR make sure a service doesn't land on a node with another service

I would love to find a better version of this that does this without the need for the manual config file (you can use a file bindmount instead of a config if you prefer)

State is all read-only in a config

1. This assumes all nodes are manager nodes
2. This assumes you already have agents managed as s stack / swarm service via portainer (see my other not recommended stack)
3. this assumes you have the portainer bind mounts on some shared medium (ceph, gluster, NFS, SMB - if you run it on one of the last two don't blame me if it corrupts)
4. my suggestiton is get your non-managed portainer working with your shared storage before you go any further
5. BACKUP ALL YOUR STACKS / SECRETS AND CONFIGS - WORST CASE YOU CAN RECREATE EVERY STACK / SECRET / CONFIG BY HAND FAIRLY QUICKLY

this gist is part of this series

This assumes you are running Proxmox 8.2 and that the line source /etc/network/interfaces.d/* is at the end of the interfaces file (this is automatically added to both new and upgraded installations of Proxmox 8.2).

This changes the previous file design thanks to @NRGNet for the suggestions to move thunderbolt settings to a file in /etc/network/interfaces.d it makes the system much more reliable in general, more maintainable esp for folks using IPv4 on the private cluster network (i still recommend the use of the IPv6 FC00 network you will see in these docs)

This will result in an IPv4 and IPv6 routable mesh network that can survive any one node failure or any one cable failure. Alls the steps in this section must be performed on each node

This one is the one that has to work, even more so the domain controllers. This is what my swarm looks like

you may want to read from the bottom up as later migrations are where i had the process more locked and less experimentation

So the plan is as follows (and is based on my experience with home assistant oddlye enough)

1. Backup node 1 VM with synology hyper-v backup

Now that i have nailed the qm disk import command and given all linux kernel have the virtio drivers in them after 5.6 this should be a breeze!

Export VHD from Hyper-V into share proxmox can see (tbh at this point if you don't know how...)

I created a 4GB VM with no disks at all andthe virtio network. Make sure you connect it to a live bridge or hass will hand at starting network manager I added a TPM drive

I Use windows admin center - it is a sever 2019 no gui install. I am uising these generic instructions to import so won't document in detail.

Learning from the disaster moving my DCs where i went the hardway (backup and restore - which did work) this time i will use the right versions of the disk import command qm disk import [...]

I had real issues with driver install - while i ran the installer and everything seemed to install it didn't

original gist content

Why? Well it turns out long lived VHDX's often error on import with qm and never import.

original gist content

tl;dr it worked - but due to an issue with the disk I had to use the synology bare metal restore into the VM and then use the disk shuffle approach i outlined in the parent gist to this one

The purposes of this gist:

1. setup an smtp smarthost/relay that can send mail to Exchange Online 365 Office Outlook M365 (they keep renaming it)
2. setup postfix each proxmox host and backup server to use this relay
3. require the relay does authentications from devices like pve and pbs - having an open SMTP relay inside the network is not something i can bring myself to do
4. And incidentally document the istall of a HA LXC based on debian

Also i am aware i probably over engineered this - after i had done this i realized postfix as shipped in PVE and PBS was attmepting to contact a variety of servers in my network based on DNS - i still haven't figured the logic out for that.... maybe all i needed was a relay and an MX record (and no config on PVE and PBS?)

TODO