Proxmox: Difference between revisions
networking |
+ |
||
| Line 1: | Line 1: | ||
The Proxmox Vitural Environment (as of 2025-09-15) lives on the citric-acid machine and can be accessed via https://citric-acid.csclub.uwaterloo.ca:8006. |
|||
== Setting up Proxmox == |
== Setting up Proxmox == |
||
To setup proxmox, from `Server View`, open the `Datacenter` page. Then go to `Permissions -> Realms`. |
To setup proxmox, from `Server View`, open the `Datacenter` page. Then go to `Permissions -> Realms`. |
||
| Line 10: | Line 12: | ||
Currently, <code>vmbr0</code> is used for bridged network and <code>vmbr1</code> is used for NAT (see [https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading Proxmox's wiki on NAT networking] for setup instruction). <code>vmbr0</code> uses the CSC DHCP server, so you can use DHCP there, but <code>vmbr1</code> requires manual IP assignment. |
Currently, <code>vmbr0</code> is used for bridged network and <code>vmbr1</code> is used for NAT (see [https://pve.proxmox.com/wiki/Network_Configuration#sysadmin_network_masquerading Proxmox's wiki on NAT networking] for setup instruction). <code>vmbr0</code> uses the CSC DHCP server, so you can use DHCP there, but <code>vmbr1</code> requires manual IP assignment. |
||
Note that only using <code>vmbr1</code> requires you to use SSH ProxyJump via citric-acid to access the inner container, as it wouldn't have a public IP. |
|||
Revision as of 21:22, 15 September 2025
The Proxmox Vitural Environment (as of 2025-09-15) lives on the citric-acid machine and can be accessed via https://citric-acid.csclub.uwaterloo.ca:8006.
Setting up Proxmox
To setup proxmox, from `Server View`, open the `Datacenter` page. Then go to `Permissions -> Realms`.
Then just make sure pam is setup lol
Networking
There are two ways to do networking: network bridge and NAT. Network bridge will put the container/virtual machine on the CSC network (basically side-by-side to proxmox itself), while NAT will encapsulate the container/VM inside a private subnet that is only visible to proxmox host itself.
For services that only exposes HTTP/HTTPS, NAT is more desirable since multiple services can share a host nginx instance, only requiring the host IP to have 80/443 port opened to the Internet, thus saving some IP address in our pool and save some trips to the IST for firewall exemption. But for services that requires custom ports to be opened (for example, BigBlueButton requires a range of UDP ports to be exposed for relaying video streams), using the network bridge and giving the container/VM its own public IP might be easier.
Currently, vmbr0 is used for bridged network and vmbr1 is used for NAT (see Proxmox's wiki on NAT networking for setup instruction). vmbr0 uses the CSC DHCP server, so you can use DHCP there, but vmbr1 requires manual IP assignment.
Note that only using vmbr1 requires you to use SSH ProxyJump via citric-acid to access the inner container, as it wouldn't have a public IP.