Moving NethServer to run as Proxmov VM


(James Nesbitt) #1

Version: v7.5 Final

Issue: Hard disk is showing the first signs of pending failure

Aim: Install Proxmox on a new hard disk and have NethServer run as a VM

Current Setup: Intel 2.8Ghz with 4Gb RAM, 2 x NIC (1 x Red, 1 x Green) with the Red interface providing PPPoE internet connection.

My first question is, will Proxmox and NethServer run fine with 4Gb RAM? I know that the more RAM the system has the better, but will 4Gb do fine for a Home environment (Basic firewall/gateway, AD for LDAP users and Samba file shares with miniDLNA and Transmission).

My second question is, am I able to convert the current hard disk into a Virtual Disk Image which can be used by Proxmox? If yes, which Virtual Disk format would work best with Proxmox and which tool(s) would I use to create the Virtual Disk Image? Bear in mind that I’m working with 500-600Gb worth of data.

I have used VirtualBox quite a bit as well as VMWare Workstation long ago, so I am not unfamiliar with visualization, I just haven’t used Proxmox before and would like to give it a try.


(Dan) #2

The “native” disk image format for Proxmox (if you aren’t using ZFS, which you should consider, but more RAM would be recommended in that case) is QEMU’s .qcow2. Here’s some information about the conversion:
http://kvm.vger.kernel.narkive.com/3vU9EQ3x/using-qemu-img-to-directly-convert-physical-disk-to-kvm-image


(fpausp) #3

Migration of servers to Proxmox VE


(André Wismer) #4

@bwdjames

Hi

I’m a fairly heavy user of ProxMox - and NethServer. Both provide 90% of the IT environments at my clients.

ProxMox and NethServer will run with a 4 GB RAM restraint - just don’t expect much performance.
A friends home NethServer runs native with 3.5 GB RAM - with NextCloud and working as the home firewall.

From experience, you can migrate disks directly.

I do prefer resorting to Backup / Restore, if that’s possible.
That gives me the assurance that the “new” VM has all the right drivers (The way I want them!) and runs optimally in ProxMox.

A combination of using 1-2 clients to move away large files or folders (To a local USB disk or such) AND Backup might be an optimal method, also giving the option for “cleaning up” some folders.

I have done migrations using Backup, the largest was 400+ GB with PLENTY of mail in a few accounts.
I have also done the combined approach, simply because there were too much stuff on the server which would make more sense in a NAS, like ISO Images…

A few Notes on DiskSize in ProxMox:

A UN*X, Linux or Windows based VM machine running under Proxmox is quite easy to enlarge the Disk. This works well for all Windows after Win2000 (except Win10, untested by me). It also works well for NethServer and other Linux systems. Your mileage may vary…

Steps:

  • Make a bacjkup of the VM with Proxmox
  • Shut down the VM in Proxmox.
  • Under Hardware, enlarge the Disk. (This only gives you a “bigger” virtual Disk, but does NOT enlarge the partitions).
  • Boot the VM with SystemRescueCD (Download / Find with Google).
  • Start the GUI with startx, go to System and start up gparted.
  • Enlarge the System Partition using this tool, don’t forget to “write” the changes to disk with the Green OK Symbol.
  • Remove the SystemRescueCD Image, changing the Boot sequence back to your System-Disk.

This works very well!

My 2 cents
Andy


(fpausp) #5

There is also another method for NethServer HDDs:

Under the Proxmox GUI:

1. Click on the NS7-VM > Hardware > Hard Disk (xxx) > Resize disk > 1500

On the NS7 Console:

2. fdisk /dev/sda > p > d > 2 > n > p > 2 > First sector <Enter> > Last sector <Enter> w

3. reboot the server If you get this:
    WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
    The kernel still uses the old table. The new table will be used at
    the next reboot or after you run partprobe(8) or kpartx(8)

4. pvresize /dev/sda2
    
5. lvresize -l +100%FREE /dev/VolGroup/lv_root
    
6. xfs_growfs /dev/VolGroup/lv_root

(André Wismer) #6

@fausp

All roads lead to Rome - as the saying goes.

There are - at least for Linux - PLENTY of choice of On-Board tools to do the task.

:slight_smile:

Windows is a different animal, most Windows don’t come with any capable tools for resizing the Windows system disk…

:wink:

Some of us out here - at least those with less experience - need some pointers on how to get there…

My 2 cents
Andy


(fpausp) #7

:+1: :sunglasses:


(James Nesbitt) #8

Thanks for the help and advise guys, its much appreciated.

Considering the potential issue with drivers, I might just go for a clean install - thanks for highlighting this.

@Andy_Wismer I am not too concerned with performance, what is the response time and performance actually like for your friend’s installation which runs with 3.5Gb RAM?


(Jeroen Visser) #9

I run various production servers on a Proxmox installation. My case will not help you, as it utilizes a proper NAS which handles the ZFS sorage and fiber to connect the two, so response times are not representative of memory allocated, but given your requirements, the server would get 2GB of RAM.

Here is a screenshot of the dahboard of our production samba fileshare/vsftpd/nextcloud server, during production hours, on 4 GB. It is perfectly responsive.

I should note that our Proxmox environment has plenty resources:

TL;DR: 4GB should be enough for running both Proxmox and Nethserver.

Note: If your Proxmox server is running the filesystem as well (as in: local storage) this will cause overhead on the machine. If you then add another VM, it might get bussy fast, depending on load. In your scenario you talk about 1 VM tho, so if this is only for easy of administration, and remains 1 machine, you should be fine. Else, you should probably think about building a FreeNAS (or alike) with a RAID10 setup to host the diskfiles.

Format depends on preference. I want to be able to make Proxmox VM snapshots. That requires qcow2 format. If you create individual ZFS pools per server, you could do with ZFS snaphost and use RAW. qcow2 is a bit slower then RAW, but honestly, not really that noticeable.

Your limiting factor for accesstimes will most certainly be your storage, not your memory.


(James Nesbitt) #10

Thanks very much @planet_jeroen


(André Wismer) #11

Hi
Considering the fact that we’re using DynDNS (Not a real fixed IP), it’s quite OK.
My friend does use NextCloud (mostly for pictures) from 4-5 iOS gadgets…
I do the admin from remote.
There’s also Zabbix running on that NethServer.

Here’s the Interface:
https:// abho-nethserver DOT abii DOT ch:980

Andy


(Joel Clendineng) #12

Probably do not want to expose 980 to RED interface, keep it green and VPN in to manage remote. Bad idea to expose the management UI to the public web. Just my opinion.


(Dan) #13

Agree. If only there were a way for remote users to change their passwords without it.


(Joel Clendineng) #14

VPN :slight_smile: Set them up in roadwarrior.


(Dan) #15

Sure, that would do it. It would also greatly complicate things for some not-very-tech-savvy users, and the only thing it would do is allow them to change their password.


(André Wismer) #16

@Jclendineng

Hi

I’m quite aware of the fact, and fully endorse that.

However, as quite common, clients don’t listen to the experts, or insist on having that same simple password used for the last 15-20 years - AND accessible from the Internet…
-> Only to have their systems compromised in 2-3 Weeks or Months.

Some people don’t realize that even a VERY OLD 486er can brute force alphabetic Passwords without any Caps or special Symbols within hours or even minutes. Anything more modern or powerful is so much faster.

An Idea from SME-Server for the User-Password problem:
SME-Server had, like NethServer an Admin-Interface (https://your-server.com/server-manager) but without any special ports (externally). And there was a separate User-Interface (https://your-server.com/user-manager), allowing Users to:

  • change passwords
  • redirect mail
  • vacation message
  • etc

This Interface has MUCH less permissions and can be exposed to the internet.

It’s also true, that even with much less privacy and security, people CAN login to FB, Twitter, Apple or Google - and change their passwords or such. Users (lusers) expect such “comfort”. Not always best for IT or security, but that’s the way things are.

My 2 cents
Andy


(Joel Clendineng) #17

Hey I wasn’t going to go there. :smiley: Its pick 1, security or ease. Whatever is most important, go with that. You hit the nail on the head. Does not really matter if its harder, users will have to learn. If you gave someone the option of losing money through hacking or using a vpn, Id say most would take the vpn. I know this situation is not critical at all, just a good way to think these days. Breaches happen usually because security is to hard for a end user, so a company makes it easier, and that end user ends up getting hacked, not the company, taking the company with it. Security is only as good as the weakest link.