/en/tags/proxmox/Recent content in Proxmox on LichturmHugoen-GBFri, 23 May 2025 19:23:12 +0200/en/posts/pve_k8s_capi_testrun/Fri, 23 May 2025 19:23:12 +0200/en/posts/pve_k8s_capi_testrun/<h2 id="reading-material">Reading material</h2> <ul> <li><a href="https://cluster-api.sigs.k8s.io/user/quick-start.html" target="_blank">https://cluster-api.sigs.k8s.io/user/quick-start.html</a> (Select Proxmox)</li> </ul> <h2 id="setup--proxmox-cluster-api-user-account">Setup proxmox cluster-api user account</h2> <p>Our Cluster API provider for Proxmox (CAPMOX) will need to be able to manage resources in Proxmox. We can either follow the <a href="https://github.com/ionos-cloud/cluster-api-provider-proxmox/blob/main/docs/Usage.md#configuring-and-installing-cluster-api-provider-for-proxmox-ve-in-a-management-cluster" target="_blank">basic instructions</a> of the provider, which may grant a few more permissions than necessary, or we can define a more limited set of permissions ourselves. For comparison, here&rsquo;s the simple variant using the <code>PVEVMAdmin</code> role:</p> <div class="highlight"><pre tabindex="0" style="color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span>pveum user add capmox@pve </span></span><span style="display:flex;"><span>pveum aclmod / -user capmox@pve -role PVEVMAdmin </span></span><span style="display:flex;"><span>pveum user token add capmox@pve capi -privsep <span style="color:#ae81ff">0</span> </span></span></code></pre></div><p>And here is a somewhat more minimal permission setup I ended up going with, based on the required permissions described <a href="https://github.com/ionos-cloud/cluster-api-provider-proxmox/blob/main/docs/advanced-setups.md#proxmox-rbac-with-least-privileges" target="_blank">here</a> and some of my own findings:</p>/en/posts/pve_k8s_image-builder/Sun, 27 Apr 2025 13:58:54 +0200/en/posts/pve_k8s_image-builder/<p>After thinking about what to use for the Kubernetes cluster, the next step is building an image with the necessary software to start our VMs from. Manually updating nodes with kubeadm is not just more error-prone, it also gets tedious quickly once we have more than a low single digit numbers of nodes.</p> <h2 id="building-images-with-image-builder">Building Images with image-builder</h2> <p>There is an official kubernetes project which produces VM-images for Cluster API called <a href="https://github.com/kubernetes-sigs/image-builder" target="_blank">image-builder</a>. image-builder can produce images for all kinds of virtualisation environments, and in the case of Proxmox, it starts a VM on the Proxmox Cluster to produce the VM template for Kubernetes. Under the hood, tools like <a href="https://developer.hashicorp.com/packer" target="_blank">Packer</a> and <a href="https://docs.ansible.com/" target="_blank">Ansible</a> are used. It is a bit on the heavy side, but it has a community around it, and for now, i like having something a bit more standardised.</p>/en/posts/pve_k8s_considerations/Wed, 23 Apr 2025 18:32:34 +0200/en/posts/pve_k8s_considerations/<p>The devloper of Portfolio Performance called working on his Free Software project »Therapeutic Programming«; that is to say, that from time to time, it is salubrious to work on a technical project where you get to make all the design decisions, and no external restrictions are placed on you. Just you and the issue at hand, with no time pressure, or meddling detracting from the enjoyment and discovery. I have learned a lot about the tools i use in my work by finding uses for them in my free time. Usually i come across other people&rsquo;s notes and documentation during this, which have always been very helpful. So, in the tradition of doing that, I will document building my own, homegrown, little datacenter for posterity.</p>