Category: Proxmox

Kanidm with Proxmox and OIDC - The Full Setup

(2025-09-01):
In this HowTo we install and configure Kanidm on Linux Debian Trixie and use it for authentication with Proxmox by OIDC (OpenID Connect). In previous articles, I’ve shown how to integrate Proxmox VE with external identity providers such as Authentik and Keycloak, using them as realms to centralize authentication. Both of these solutions are powerful in their own right, but sometimes you might be looking for something that is more lightweight, simple to deploy, and secure by default—without sacrificing the features you’d expect from a modern identity management system. This is where Kanidm comes in. Kanidm is a modern, secure, and easy-to-use identity management platform built with a strong focus on simplicity and security. Its primary goal is to be a complete identity provider—meaning you shouldn’t need to run additional components like Keycloak to cover your use cases. With Kanidm, you already get everything you need in one place. Some .... [read more]

Proxmox VE in an Air-Gapped Environment - Creating a Local Repository Mirror

(2025-08-26):
Running your own package mirror (such as for Proxmox products) may seem like an advanced setup, but it addresses challenges that are increasingly relevant in modern infrastructures. At its core, a mirror is simply a local copy of selected repositories, yet the advantages extend far beyond faster downloads. By keeping a local mirror, organizations can reduce external bandwidth usage because every server pulls packages from the same local source rather than repeatedly accessing the internet. This also ensures consistency across nodes, avoiding scenarios where some machines install slightly newer or different packages than others, which can lead to unpredictable behavior. Additionally, relying on a local mirror provides controlled availability; even if an external repository is temporarily down, your systems remain unaffected. Security and compliance also benefit from a local mirror. Administrators can control which repositories and signing keys are trusted, reducing exposure to tampered or malicious sources. Snapshots of the .... [read more]

Debian 13 (Trixie) LXC Container Image for Proxmox 8 and Proxmox 9

(2025-08-24):
It’s now been several weeks since the release of Debian 13 (Trixie), but there is still no official LXC container template for it from Proxmox. Back when Debian 13 was in its final freeze stage, I had already created an early template ( debian-13-standard_13.x-beta_lxc_proxmox_amd64.tar.gz ) so I and also you could start testing. Since then, I’ve prepared a proper final version to share with the community, as many of you guys asked me to create one. This image is based on the official Proxmox Debian 12 (Bookworm) container template, which I upgraded to Debian 13 (Trixie). The result is a clean, ready-to-use LXC template that behaves just like the official ones and works on both Proxmox 8 and 9. If you want to get started with Debian 13 inside containers, simply place the template in your Proxmox storage and create a new container as usual. This saves the time and .... [read more]

Introducing Storage Management for Proxmox Nodes and Clusters with the new Ansible Module proxmox_storage

(2025-08-13):
Managing Proxmox storage resources at scale has traditionally been a cumbersome task. In clustered environments where consistency, reliability, and speed are critical, manually adding or removing storage definitions on each node wastes valuable time and introduces the risk of human error. Imagine configuring NFS shares, CephFS mounts, iSCSI targets or Proxmox Backup Server repositories across dozens or even hundreds of nodes, each in different locations, and having to repeat the same steps manually or with ad-hoc scripts. It slows down operations, disrupts automation pipelines, and often leads to inconsistencies between nodes. Until now, there was no clean, supported, and API-driven way to manage storage across Proxmox environments directly within Ansible. This is exactly the gap the new proxmox_storage module fills. Recently added to the upstream community.proxmox Ansible collection, this module introduces a structured and reliable approach to provisioning storage on single Proxmox VE nodes or entire clusters, fully aligned with .... [read more]

Building Modern Proxmox Infrastructures in 2025: Automated, Scalable, and Open for Everyone

(2025-08-11):
The Proxmox ecosystem has grown massively in recent months – and one of the key reasons behind this growth is the strong and active community that continues to push the project forward after the VMware aquisition by Broadcom. You can really feel the momentum. There is a lot happening around Proxmox, and the pace is only picking up. I see this every day in my own work. Proxmox has become one of the most important parts of my tech stack. It’s reliable, flexible, and can be used in so many different ways. Some use it in the classic ClickOps style through the UI. Others build semi-automated setups by using the tools Proxmox already provides. And then there are the fully automated deployments, which is where things really get interesting. That’s especially true if you’re moving away from other virtualization solutions. When you have multiple clusters, running in different locations and .... [read more]

Debian 13 (Trixie) Beta LXC Container Image for Proxmox 8 and Proxmox 9

(2025-07-31):
With Proxmox 9 now officially released as the first beta version and based on Debian Trixie, and the final Debian 13 release just a few days away, it makes sense to start preparing and testing early. Especially in virtualized environments like Proxmox, it’s helpful to evaluate upcoming systems before they become the new stable default. I’ve noticed that there isn’t a widely available LXC container template for Debian Trixie yet. Since I wanted to begin testing some setups myself, I decided to create a Debian Trixie-based LXC template image that can be used on both Proxmox 8 and Proxmox 9 installations. This makes it easy to spin up containers running Debian 13 without having to build the template from scratch. If you’re curious about how your applications behave on the next major Debian release or if you’re planning future upgrades, this should save you some time and effort. To use .... [read more]

ProxLB at The Dutch Proxmox Day 2025

(2025-07-29):
Oh, it’s that time of year again! On September 25th, 2025, we’re heading to Ede, Netherlands for the Dutch Proxmox Day 2025. The Dutch Proxmox Day is a yearly conference fully focused on everything around Proxmox. If you’re working with Proxmox VE or just curious about what’s possible, this is the event to be at. This event is organized by Tuxis B.V., a Dutch company deeply involved in the Proxmox community. Admission? Completely free, thanks to the amazing sponsors CT and KPN. What to Expect This year’s speaker lineup is packed with well-known names: o Tuxis B.V. o Proxmox GmbH o credativ GmbH o Veeam o European Space Agency (ESA) From technical deep-dives to real-world cluster challenges, you’ll hear firsthand how Proxmox is being used across industries – from data centers to satellites. A Sneak Peek: ProxLB – Smarter Clusters for Proxmox Okay, here’s something I’m personally excited about: this .... [read more]

Proxmox 9 (PVE) Beta 1 - A First Look

(2025-07-19):
Proxmox VE 9 Beta 1 has just been released and marks a significant milestone as it’s now based on the upcoming Debian 13 "Trixie." This major upgrade brings a modernized foundation while continuing the trusted stability and features of previous versions. One of the standout improvements in this release is the introduction of VM snapshot support for thick-provisioned LVM storage, a feature that’s now available as a technology preview. With a new storage property enabled, snapshots can persist the current disk state under a named volume and spin up a new one from that snapshot which is particularly useful for setups using shared LVM storage, such as LUNs provided via iSCSI or Fibre Channel. Upgrading from Proxmox VE 8.4 is designed to be seamless, allowing existing users to transition smoothly to the new version. Another powerful addition is the expansion of the software-defined networking (SDN) stack with the concept of .... [read more]

Proxmox Cloud Image and Bare-Metal Auto Installation Image

(2025-07-17):
Testing & Automating Proxmox Deployments Over the last few months, I’ve been asked quite a few times how I test my Ansible modules and ProxLB setup in an automated, reproducible way. Especially when working on new features or debugging something deeper, having a clean and quickly deployable Proxmox instance is incredibly useful. The same question often comes up in another form too: “How can I spin up Proxmox on a bare-metal machine without going through the ISO installer step by step?” or “Is there a Proxmox Cloud Image that I can just boot up like with Ubuntu or Debian?” Up until now, there hasn’t really been a good out-of-the-box solution for this: at least not one that is quick, reliable, and can be integrated easily into automation pipelines. That’s why I went ahead and built exactly that: a prebuilt, ready-to-use Proxmox 8.4 image for both bare-metal auto-installations and cloud environments .... [read more]

Introducing License Management for Proxmox Nodes with the New Ansible Module proxmox_node

(2025-07-12):
Managing Proxmox subscription licenses at scale has always been a challenge. Especially in enterprise environments, manual assignment of licenses across hundreds of nodes can be inefficient and error-prone. Until now, there wasn't a supported, API-driven way to integrate license management directly into Ansible workflows. The proxmox_node Module The new proxmox_node module (merged into the community.proxmox collection) allows you to manage Proxmox nodes programmatically. Key features include: o Bulk license import o Power state control (shutdown/start/WoL) o DNS configuration o SSL certificate management o Fully supports Ansible check_mode This module integrates seamlessly into your automation pipelines, making licensing, node configuration, and other administrative tasks fully API-driven and repeatable. Examples Add a Subscription License Adding a subscription license to a Proxmox VE node can be done like this: - name: Place a subscription license on a Proxmox VE Node community.proxmox.node: api_host: proxmoxhost api_user: root@pam api_password: password123 validate_certs: false node_name: de-cgn01-virt01 subscription: state: .... [read more]

NFSv3 vs NFSv4 Storage on Proxmox: The Latency Clash That Reveals More Than You Think

(2025-07-04):
When it comes to virtualization, many people still think that NFS isn’t suitable for serious workloads in their enterprise environment and that you need to rely on protocols like iSCSI or Fibre Channel to get proper performance. That mindset might have made sense years ago, but times have changed. Today, we have access to incredibly fast networks and not only in enterprise but even at home. It’s not uncommon to see 10 Gbit networking in home labs, and enterprises are already moving to 25, 40, 100, or even 400 Gbit infrastructure. So the bottleneck is no longer bandwidth rather than the protocol overhead and hardware interaction that really matters. NFS, despite being around for decades, is often underestimated. Many still think of it as a basic file-sharing protocol, not realizing how far it’s come and how capable it is when properly configured and used with the latest versions. Especially in .... [read more]

Building Your Own PKI with Step-CA – From Root CA to Proxmox Integration with ACME

(2025-06-29):
Running your own on-prem PKI (Public Key Infrastructure) can be a game-changer and it’s not just for enterprises, but also for advanced homelabs. Whether it’s about securing internal services, managing client certificates for S/MIME email encryption, or just having full control over certificate issuance, operating your own root CA brings a lot of flexibility and independence. There are many ways to set up a basic CA, even just using OpenSSL on the command line. But as soon as your setup grows, you’ll quickly run into limitations. Things like revoking certificates, publishing CRLs, using OCSP, or automating issuance via the ACME protocol become essential. And that’s where more powerful tools come in. Popular solutions like FreeIPA, HashiCorp Vault, or EJBCA offer robust PKI functionality, but they can be overkill for some environments or tricky to integrate with specific workflows. One tool that’s gained a lot of traction in recent years is .... [read more]

From Scripted Chaos to Clean API: Proxmox Cluster Setup with Ansible Done Right with the New proxmox_cluster Module

(2025-06-18):
Until now, automating Proxmox cluster setups with Ansible often meant relying on hacky shell or command module usages within playbooks/roles and dealing with poor error handling. That changes with my new Ansible modules, proxmox_cluster and proxmox_cluster_info . If you're following me, you might have already found this as a sneak peek in my post about how BoxyBSD boosted the Proxmox ecosystem. These tools leverage the official Proxmox API, enabling direct and reliable cluster creation and joining. Already available in the upstream Ansible Community Proxmox collection, they include robust error handling and support for both user and token-based authentication. Usage Using these new modules is straightforward and simply requires one task for creating or joining a Proxmox cluster. Create a Proxmox VE Cluster - name: Create a Proxmox VE Cluster community.proxmox.proxmox_cluster: state: present api_host: proxmoxhost api_user: root@pam api_password: password123 api_ssl_verify: false link0: 10.10.1.1 link1: 10.10.2.1 cluster_name: "devcluster" Join a Proxmox VE .... [read more]

How My BoxyBSD Project Boosted the Proxmox Ecosystem

(2025-06-06):
When I first started BoxyBSD, I had a fairly straightforward goal in mind: Build a completely free VPS hosting platform with full IPv6 support aimed at beginners and small open-source projects. Something simple, lightweight, and accessible. But as the project evolved, I realized it was becoming much more than just a small personal project and BoxyBSD started giving back - not only to open-source in general but also to the Proxmox community in ways I hadn't anticipated. What surprised me the most was how deep I had to dive into architectural decisions that I initially thought wouldn't matter that much - surprisingly it also changed my whole initial idea running everything on FreeBSD with bhyve - and let me say - it should become completely different! Managing resources efficiently across multiple VMs, fully automated deployment, monitoring system including all guests, clustering across different locations and live migrations of guests - .... [read more]

Proxmox and Authentik OIDC – Install, Configure and Connect Authentik to Proxmox VE

(2025-05-22):
When exploring secure and efficient authentication options for a Proxmox setup, Authentik paired with OpenID Connect (OIDC) emerges as a compelling choice, particularly for those who prioritize open-source tools and in-house data control. Authentik, an open-source identity provider, empowers administrators to customize authentication flows without the constraints of proprietary systems, avoiding escalating costs or rigid limitations. By integrating OIDC, it enables seamless single sign-on, allowing users to access Proxmox with a single, secure login, eliminating the hassle of managing multiple credentials. For those wary of external cloud services, Authentik’s ability to run on local servers ensures that sensitive data, such like user credentials, access logs, and more, remain fully in-house, a critical advantage for privacy and regulatory compliance. Setting up Authentik with Proxmox is straightforward; configuring the OIDC realm with a client ID and secret delivers a robust, secure authentication layer for managing virtual machines and containers. The open-source nature .... [read more]

Incus for Containers and VMs: A Powerful Proxmox Alternative? A Step-by-Step Guide to build a Cluster

(2025-05-04):
Incus is a versatile and efficient tool for managing both system containers and virtual machines, offering a unified way to run full Linux systems. It supports a wide range of Linux distributions and relies on a simple but powerful REST API. Whether you’re running a single machine or scaling across a full data center, Incus adapts easily to your needs. It can transform your setup into something that feels like a lightweight private cloud, letting you run various workloads with optimized resource usage. If you’re looking for a cost-effective way to manage infrastructure, containerize environments, or deploy VMs, Incus is definitely worth considering. Note: Sounds interesting so far? You can also try Incus immediately online right here. Table of Contents o Incus vs Proxmox – The Main Differences o Core Technologies: QEMU and LXC o Clustering and High Availability o Load Balancing and Rebalancing o Ease of Use and Web .... [read more]

Introducing ProxLB 1.1.0 as an Advanced Loadbalancer for Proxmox Clusters: A Complete Code Refactor for Enhanced Performance and Stability

(2025-04-01):
April, April! No, even it’s the first of April – this is real! After months of development, I’m thrilled to announce the release of ProxLB 1.1.0 – thanks to my company credativ GmbH for sponsoring this project where I could work on this during my work time! It’s been quite the journey since I started this project in mid-2024, and this latest version marks a significant milestone. With a complete code refactor, improved load balancing behavior, and numerous bug fixes, ProxLB is now more stable and capable than ever. ProxLB Origins and Purpose ProxLB was born out of a need for a straightforward load balancing solution for Proxmox clusters for my BoxyBSD project, something akin to VMware’s DRS. Also several customers at my company – credativ GmbH – asked for DRS alike features when migrating to Proxmox. This made me polish it up and release it as an opensource project .... [read more]

Proxmox and Windows VMs: Why the Native CPU Type Might Be a Bad Idea

(2025-03-23):
It’s a long story when it comes to run Windows VMs in Proxmox and luckily the things became pretty well in the recent years. However, from time to time people start complaining about performance issues that are mostly only visible on Windows systems and this has mostly three major reasons: o Missing Drivers / Guest Tools o Wrong configuration / usage (e.g., still using VMDK disk files, controllers, devices) o Wrong CPU Type As said, within the recent years the situation got much better but we also had to deal with some insane hardware vulnerabilities like Spectre and Meltdown for CPUs. Spectre and Meltdown are two significant security vulnerabilities that affect modern processors, particularly those from Intel, AMD, and ARM. Discovered in 2017 and publicly disclosed in early 2018, these vulnerabilities exploit critical flaws in speculative execution, a performance optimization technique used by CPUs. And this is also partly a .... [read more]

HowTo: Proxmox Backup Server – Prometheus Exporter and Grafana Dashboard

(2025-03-14):
Proxmox Backup Server is an essential tool for anyone running Proxmox Virtual Environment (PVE) or managing backups efficiently in a virtualized setup. It provides a high-performance and deduplication-enabled backup solution that ensures data protection while keeping storage demands in check. But like any critical infrastructure component, monitoring its performance and status is key to ensuring smooth operations and quick troubleshooting. This is where integrating metrics into a single solution, like a Prometheus and Grafana setup, becomes invaluable. Instead of manually checking logs or relying on periodic status reports, a well-integrated monitoring system provides real-time insights into the health and performance of the backup server. With Prometheus scraping metrics and Grafana visualizing them in intuitive dashboards, administrators gain a clear view of key indicators such as backup job status, storage utilization, performance bottlenecks, and potential failures. This proactive approach helps to detect issues before they escalate and ensures that backups are .... [read more]

Virtualization in 2024: Market Trends, Open-Source Opportunities, Broadcom’s VMware Shake-Up, and Top Solutions to Watch

(2024-12-10):
The year 2024 marked a turning point for the virtualization industry. Following Broadcom’s acquisition of VMware, significant changes to VMware’s licensing model and pricing structure set off a wave of responses across the market. These changes had a profound impact on the virtualization landscape, altering long-held assumptions and forcing enterprises to re-evaluate their strategies. VMware had long been a leader in the virtualization space, with its solutions forming the backbone of countless enterprise data centers. Its platforms, including vSphere, vSAN, and NSX, were considered industry standards, praised for their robustness and feature set. However, post-acquisition, VMware’s licensing and pricing underwent substantial revisions. For many organizations, these changes represented a significant cost increase, leading to concerns about the sustainability of continuing with VMware’s solutions. The updates, while intended to align with Broadcom’s broader enterprise strategy, prompted businesses to reexamine their dependence on proprietary virtualization platforms. This shift created ripple effects, opening .... [read more]

Howto: Automated FreeBSD VM Deployment with ProxLB and Terraform

(2024-09-01):
In today’s fast-paced IT environments, automation is essential for maintaining efficiency and staying competitive. Whether you're managing a small-scale infrastructure or an enterprise-level system, the ability to deploy virtual machines (VMs) quickly, consistently, and with minimal manual intervention can be transformative. This is where tools like ProxLB and Terraform come into play, offering a powerful solution for automating the deployment and management of VMs. Why Terraform and not Ansible? I'm aware that Ansible is a great tool - also for such things - but Ansible might be slow in some cases with too many tasks and not writing own custom modules that improve the overall handling. Terraform is often the better choice when it comes just to build up a base infrastructure from scratch where Ansible can take over after this baseline has been set. So, let's have a look at the other tools used here. ProxLB is a robust .... [read more]

ProxLB - (Re)Balance VM Workloads Across Nodes in Proxmox Clusters.

(2024-07-06):
ProxLB (PLB) is an open-source Proxmox loadbalancer, but different! ProxLB is an application created to optimize the distribution of virtual machines (VMs) across Proxmox cluster nodes for significantly enhancing efficiency and performance. Utilizing the Proxmox API, ProxLB gathers and analyzes a comprehensive set of resource metrics from both the cluster nodes and the running VMs, including CPU usage, memory consumption, and local disk utilization. A key feature of ProxLB is its intelligent rebalancing capability, which redistributes VMs based on their memory, disk, or CPU usage. In those cases, the real memory consumption from the VM is taken instead of the potential maximum usage. This ensures no single node is overburdened while others remain underutilized, significantly enhancing cluster performance and reliability. By evenly distributing resources, ProxLB helps prevent performance bottlenecks and improves the overall stability of the cluster. Efficient rebalancing leads to better utilization of available resources, potentially reducing the need .... [read more]

{{ pagination }} | [categories]