Recently I purchased a kimsufi i3 server for static content replicating and found that there are much free resources on the node, so I decided to also use it for several other virtual machines. Previously, I did use qemu and XenServer, so this time I chose Proxmox to continue. The problem on Kimsufi is that the server only comes with 1 IP, and we need to find out a way to use it. As some of you may know, we can share internet connection between host and guest machines using NAT, and we will continue with this approach. This tutorial will help you set up Windows VM on Proxmox with 1 IP.
Setting up Proxmox
Simply choose to provision your server with Proxmox and you are all done.
Proxmox will save ISO at /var/lib/vz/template/iso/, so you will need to download OS iso to these. As we will install Windows Server 2008 and will use virtio network driver, we will download the following iso:
- Windows Server 2008 at Microsoft Website
- Virtio for Windows at FedoraProject repo
- Windows Server 2012R2 at Microsoft Website
Creating VM Bridge
By default, Proxmox will create vmbr0 as a default bridge for using network as a replacement for eth0. We will need to create a new bridge called vmbr2. We will use this bridge for VMs network connection and will perform some INPUT port forwarding from the primary IP to local IPs of VM.
We will edit /etc/network/interfaces and add vmbr2 as follows:
iface vmbr2 inet static
post-up echo 1 > /proc/sys/net/ipv4/ip_forward
post-up iptables -t nat -A POSTROUTING -s ‘192.168.0.0/24’ -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s ‘192.168.0.0/24’ -o vmbr0 -j MASQUERADE
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp –dport 13389 -j DNAT –to 192.168.0.1:3389
post-down iptables -t nat -D PREROUTING -i vmbr0 -p tcp –dport 13389 -j DNAT –to 192.168.0.1:3389[/bash]
In the above configuration:
- We choose the IP of the bridge is 192.168.0.254. This will be used as network gateway in VMs.
- We enable NAT routing from VMs with IP range 192.168.0.0/24 to vmbr0.
- We enable port forwarding from 13389 to 3389 (default remote desktop port) of the VM with IP 192.168.0.1
- You can add as many port forwarding rules as you would like. With this method, we can easily use 1 IP to serve for various VMs on different ports.
Then, we will let the new bridge up:
NOTE: We will need to edit /etc/network/interfaces and not create a new cfg file in /etc/network/interfaces.d since Proxmox might not understand the interface over there (even the interface can be up/down normally). In case the VM network is reset after reboot, try to change the network gen script at /etc/one-context.d/00-network and add the following line to configure_network() function:
cat /etc/network/interfaces.d/*.cfg >> /etc/network/interfaces
Now we will need to create a new VM. As we will use Windows as a VM, we will need to do as follows:
- Go to your Proxmox control panel https://YOUR_IP_ADDRESS:8006/
- First, go to the node, remember the DNS field value. For example: 18.104.22.168. We will use this as DNS information for network inside VMs.
- Click on “Create VM” on the top right of the screen.
- In “General” tab, choose your VM ID and Name
- In “OS” tab, choose Microsoft Windows 7/2008r2 (win7)
- In “CD/DVD” tab, choose the downloaded Windows 2008 ISO
- In “Hard Disk”, “CPU” and “Memory” tabs, choose your HDD, CPU and RAM configuration
- In “Network” tab, choose “Bridge mode” and select “vmbr2” in the Bridge field.
- Done, confirm and create VMs
- You will need to access to the Console to install the OS. Click on the newly created VM in Proxmox and Click on “Console” menu. You will need to have Java installed to be able to view the console.
Setting up VM Network
First, we need to install virtio network card. Mount the downloaded ISO to the VM’s CD/DVD to start installing.
After installing the Windows OS, you will need to configure the network information. We will choose the VM IP 192.168.0.1, so will need to enter the following information in the network:
- IP address: 192.168.0.1
- Subnet mask: 255.255.255.0
- Default gateway: 192.168.0.254 (vmbr2 IP)
- DNS: 22.214.171.124 (server DNS)
The above configuration is fine in case there is no firewall installed in the host machine. However, in case there is a firewall (such as CSF), we must also add the rules for NAT forwarding. Configuration for csf can be found as follows:
[bash]# nano /etc/csf/csfpre.sh
/sbin/iptables -t nat -A POSTROUTING -s ‘192.168.0.0/24’ -o vmbr0 -j MASQUERADE
/sbin/iptables -t nat -A PREROUTING -i vmbr0 -p tcp –dport 13389 -j DNAT –to 192.168.0.1:3389[/bash]
Add the following lines to /etc/csf/csfpost.sh:
/sbin/iptables -F FORWARD
/sbin/iptables -P FORWARD ACCEPT[/bash]
The, restart the firewall
That’s all. Of course if you have many VMs running on the same port (such as web servers on port 80), just continue port forwarding at the apps server (for example, running nginx as a reverse proxy and forwarding to proper VMs based on domain name).
Setup Share folder from Host to VMs
First, install samba:
[bash]apt-get install nfs-kernel-server samba samba-common-bin[/bash]
Then, create a folder in /var/lib/vz to share (since Proxmox by default has the largest partition in /var/lib/vz):
Next, we will need to create samba user who can access samba folder sharing later. The samba user must have permission on folder to be shared and must be a valid unix user. As in my environment, nothing is public so I also use root user to avoid setting too much permission (otherwise, we must create unix user by useradd/adduser command and then change folder permission to this new added user):
[bash]smbpasswd -a root[/bash]
Modify /etc/samba/smb.conf to add the following sharing information:
path = /var/lib/vz/storage
comment = Samba share for storage files
valid users = root
public = no
writable = yes
printable = no
create mask = 0765[/bash]
Next, open port 137,138,139 in the firewall for samba file sharing
Restart csf and samba service
Then, in Windows guest, we can connect to the samba file sharing via
Remove No Valid Subscription warning
[bash]sed -i.bak “s/data.status !== ‘Active’/false/g” /usr/share/pve-manager/js/pvemanagerlib.js[/bash]