Proxmox: Difference between revisions
Created page with "== Setting up Proxmox == To setup proxmox, from `Server View`, open the `Datacenter` page. Then go to `Permissions -> Realms`. Then just make sure pam is setup lol" |
networking |
||
| Line 3: | Line 3: | ||
Then just make sure pam is setup lol |
Then just make sure pam is setup lol |
||
== Networking == |
|||
There are two ways to do networking: network bridge and NAT. Network bridge will put the container/virtual machine on the CSC network (basically side-by-side to proxmox itself), while NAT will encapsulate the container/VM inside a private subnet that is only visible to proxmox host itself. |
|||
For services that only exposes HTTP/HTTPS, NAT is more desirable since multiple services can share a host nginx instance, only requiring the host IP to have 80/443 port opened to the Internet, thus saving some IP address in our pool and save some trips to the IST for firewall exemption. But for services that requires custom ports to be opened (for example, BigBlueButton requires a range of UDP ports to be exposed for relaying video streams), using the network bridge and giving the container/VM its own public IP might be easier. |
|||
Currently, <code>vmbr0</code> is used for bridged network and <code>vmbr1</code> is used for NAT (see [https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading Proxmox's wiki on NAT networking] for setup instruction). <code>vmbr0</code> uses the CSC DHCP server, so you can use DHCP there, but <code>vmbr1</code> requires manual IP assignment. |
|||
Revision as of 19:26, 15 September 2025
Setting up Proxmox
To setup proxmox, from `Server View`, open the `Datacenter` page. Then go to `Permissions -> Realms`.
Then just make sure pam is setup lol
Networking
There are two ways to do networking: network bridge and NAT. Network bridge will put the container/virtual machine on the CSC network (basically side-by-side to proxmox itself), while NAT will encapsulate the container/VM inside a private subnet that is only visible to proxmox host itself.
For services that only exposes HTTP/HTTPS, NAT is more desirable since multiple services can share a host nginx instance, only requiring the host IP to have 80/443 port opened to the Internet, thus saving some IP address in our pool and save some trips to the IST for firewall exemption. But for services that requires custom ports to be opened (for example, BigBlueButton requires a range of UDP ports to be exposed for relaying video streams), using the network bridge and giving the container/VM its own public IP might be easier.
Currently, vmbr0 is used for bridged network and vmbr1 is used for NAT (see Proxmox's wiki on NAT networking for setup instruction). vmbr0 uses the CSC DHCP server, so you can use DHCP there, but vmbr1 requires manual IP assignment.