Proxmox VE does not come with a firewall by default there are several solutions to this problem but the most flexible and robust is integrating the Shorewall firewall. This document assumes a basic knowledge of the Shorewall program and will not cover all of Shorewall capabilities but will give you a good working model to get you started. For more advanced topics check out the Shorewall documentation.
Shorewall will have 3 zones: 1) the fw zone which is the Proxmox host, 2) the net zone which is the Internet and 3) the dmz zone which is where the virtual machines will reside. The hardware just has one network interface card; vmbr0 is a just a bridge interface.
Here is the video of my presentation from the Utah Open Source Conference 2009 entitled, "Introduction to OS Virtualization, Containers and OpenVZ". Warren Sanders manned the camera. I used Kdenlive to edit it and create the title screen. Attached below you can find PDFs for my slides, the OpenVZ Brochure we were handing out, as well as white paper from the Linux Foundation about who writes the Linux kernel.
For those interested in a much higher quality Ogg Theora version, you can find that here:
(right-click, save link as...)
I've been aware of Proxmox VE for a couple of years now. I've installed it a few times and tested it out. I have recommended it to others and know a few local people using it in production (at MSU-Bozeman and Rocky Mountain College for example). Since I'm involved in the OpenVZ community I've also noticed some of the contributions to OpenVZ that have come from Proxmox VE (vzdump for example) and have run into Martin Maurer in the comments section of this site. I asked him if he would be interested in doing an interview and he accepted.
What is Proxmox VE?
Proxmox VE is a very light-weight Debian-based distribution that includes a kernel with support for both KVM and OpenVZ. This means you get the best of both virtualization worlds... containers (OS Virtualization) and fully-virtualized machines (Machine Virtualization). Proxmox VE also includes a very powerful yet easy to use web-based management system with clustering features. Boot the Proxmox VE install media, answer a few simple questions, and within 10 minutes you have a very powerful virtualization platform you can manage from a web browser. Install it on one or more additional machines that are networked together and use Proxmox VE's cluster management tool to create a virtualization cluster that allows for centralized management, automated backups, iso media and template syncing, as well as virtual machine migration features. Proxmox VE really is a time saving turnkey solution... and it is freely available under a GPL license.
Andrew Niemantsverdriet from Rocky Mountain College gave a presentation entitled, "Proxmox to Virtualize Infrastructure" at Linuxfest Northwest 2009 in Bellingham, WA. A PDF of his slides has been added as an attachment.
To view the video, click on the full story or the thumbnail image on the right.
Virtualization has been a buzz word for a few years now. Some people think it has been over-hyped but I'm not one of those people. The big competing products seem to be: VMware, Xen, KVM, VirtualBox, Parallels (including OpenVZ), and Hyper-V.
Is there too much choice out there? Choice isn't bad, is it? Will there eventually be a market shake up with a thinning of product candidates as a result? Will someone try to proclaim that they are the virtualization "standard"? I don't really know. I certainly like competition and don't think having a number of competing products is bad. There are both proprietary products and FOSS products. As you can guess, I lean towards the later if at all possible.
Update: Full article now includes two embedded flash videos from Red Hat.
Proxmox VE is a “bare metal” ISO Linux distribution that is a virtual machine platform. It is geared towards enterprise users and designed to be installed on enterprise grade hardware. The Proxmox VE distribution combines two virtual machine technologies; KVM and OpenVZ as well as a web interface to manage everything. Proxmox VE also integrates into its web interface a way to manage multiple computers as a cluster. For the rest of the article Proxmox VE shall be referred to as PVE. This article is written about PVE 1.1, the latest stable release.
I was wondering just how many OpenVZ containers I could create on a beefy machine and how many processes the Linux kernel would be happy running so I decided to do an experiment.
I have two OpenVZ hosts... one is the primary and the other is a backup machine. Both of them are HP Proliant DL380 Gen5 machines with dual, quad-core Xeon processors, 32GB of RAM, 32GB of swap, and a 600GB /vz partition. I decided to use the backup OpenVZ machine for the experiment.
Wow, being a guest on The Linux Link Tech Show... with fantastic hosts Dann, Linc, Allan, and Pat... was great. I had a lot of fun. Yes, there were some technical problems at the beginning of the show that caused it to start a little late... and unfortunately I didn't have a way to boost my volume... and I don't know how it sounded live because I wasn't tuned into the live stream... but the archive recording isn't too bad. I'm guessing Dann cranked up the volume whenever I was talking.
For those who missed the live show, here are links to the .ogg and .mp3 archives:
The first "Introduction to OpenVZ" screencast that I did was over 1.5 years ago and it has become somewhat outdated... so I decided to make a new one.
If desired, you may download the full-quality Ogg Theora video:
openvz-brief-intro.ogv (114MB) (Right-click, Save Link As...)