Install Proxmox VE with NAT on Hetzner: Difference between revisions

Prequisites

1. Download PVE iso:

curl http://download.proxmox.com/iso/proxmox-ve_8.2-1.iso -o /tmp/proxmox-ve.iso

2. Might need to install qemu and ovmf:

sudo apt-get install -y qemu ovmf

Install

1. Start system in rescue mode

2. Set variables

INTERFACE_NAME=$(udevadm info -q property /sys/class/net/eth0 | grep "ID_NET_NAME_PATH=" | cut -d'=' -f2)
IP_CIDR=$(ip addr show eth0 | grep "inet\b" | awk '{print $2}')
GATEWAY=$(ip route | grep default | awk '{print $3}')
IP_ADDRESS=$(echo "$IP_CIDR" | cut -d'/' -f1)
CIDR=$(echo "$IP_CIDR" | cut -d'/' -f2)

# Get the primary and secondary disks
PRIMARY_DISK=$(lsblk -dn -o NAME,SIZE,TYPE -e 1,7,11,14,15 | sed -n 3p | awk '{print $1}')
SECONDARY_DISK=$(lsblk -dn -o NAME,SIZE,TYPE -e 1,7,11,14,15 | sed -n 1p | awk '{print $1}')
THIRD_DISK=$(lsblk -dn -o NAME,SIZE,TYPE -e 1,7,11,14,15 | sed -n 2p | awk '{print $1}')

3. Start qemu with installer cd-rom:

qemu-system-x86_64 -daemonize -enable-kvm -m 10240 -k en-us \
-drive file=/dev/$PRIMARY_DISK,format=raw,media=disk,if=virtio,id=$PRIMARY_DISK \
-drive file=/dev/$SECONDARY_DISK,format=raw,media=disk,if=virtio,id=$SECONDARY_DISK \
-drive file=/dev/$THIRD_DISK,format=raw,media=disk,if=virtio,id=$THIRD_DISK \
-drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,readonly=on \
-drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw \
-cdrom /tmp/proxmox-ve.iso -boot d \
-vnc :0,password=on -monitor telnet:127.0.0.1:4444,server,nowait

echo "change vnc password pa$$w0rd6" | nc -q 1 127.0.0.1 4444

4. Connect and install Proxmox:

Use VNC with the port 5900. At the end, uncheck the restart option, then stop the virtual machine:

printf "quit\n" | nc 127.0.0.1 4444

5. Start again without the installer:

qemu-system-x86_64 -daemonize -enable-kvm -m 10240 -k en-us \
-drive file=/dev/$PRIMARY_DISK,format=raw,media=disk,if=virtio,id=$PRIMARY_DISK \
-drive file=/dev/$SECONDARY_DISK,format=raw,media=disk,if=virtio,id=$SECONDARY_DISK \
-drive file=/dev/$THIRD_DISK,format=raw,media=disk,if=virtio,id=$THIRD_DISK \
-drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,readonly=on \
-drive file=/usr/share/OVMF/OVMF_VARS.fd,if=pflash,format=raw \
-vnc :0,password=on -monitor telnet:127.0.0.1:4444,server,nowait \
-net user,hostfwd=tcp::2222-:22 -net nic

echo "change vnc password pa$$w0rd6" | nc -q 1 127.0.0.1 4444

6. Create interfaces config for NAT, then copy it on the system:

The first virtualmachine which will be created is a router, as that will handle the network traffic coming from WAN

A few available options: openWRT, PfSense

cat > /tmp/proxmox_network_config << EOF
auto lo

iface lo inet loopback

iface $INTERFACE_NAME inet manual

auto vmbr0
iface vmbr0 inet static
  address $IP_ADDRESS/$CIDR
  gateway $GATEWAY
  bridge_ports $INTERFACE_NAME
  bridge_stp off
  bridge_fd 0
#Do not use

auto vmbr1
iface vmbr1 inet static
        address 172.16.16.1/24
        bridge-ports none
        bridge-stp off
        bridge-fd 0
        post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --destination $IP_ADDRESS -m multiport ! --dports 22,8006 -j DNAT --to 172.16.16.254
        post-up iptables -t nat -A PREROUTING -i vmbr0 -p udp --destination $IP_ADDRESS -j DNAT --to 172.16.16.254
        post-up iptables -t nat -A POSTROUTING -s '172.16.16.0/24' -o vmbr0 -j MASQUERADE
#WAN
EOF

For the copy, use the password which you set for root

scp -o StrictHostKeyChecking=no -P 2222 /tmp/proxmox_network_config root@localhost:/etc/network/interfaces

Sources