Proxmox VE
Mirror
https://mirrors.tuna.tsinghua.edu.cn/proxmox/iso/
https://mirrors.tuna.tsinghua.edu.cn/ubuntu-cloud-images/noble/current/
https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/virtio-win.iso
Install
自主分区:
- swap 0
- ~~root 20G~~
PVE Server
# sources pve8
sed -i 's|^deb http://deb.debian.org|deb https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list
sed -i 's|^deb http://ftp.debian.org|deb https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list
sed -i 's|^deb http://security.debian.org|deb https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list
rm /etc/apt/sources.list.d/ceph.list
rm /etc/apt/sources.list.d/pve-enterprise.list
source /etc/os-release
echo >> /etc/apt/sources.list "deb https://mirrors.tuna.tsinghua.edu.cn/proxmox/debian $VERSION_CODENAME pve-no-subscription"
# sources pve9
sed -i 's|^URIs: http://deb.debian.org|URIs: https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list.d/debian.sources
sed -i 's|^URIs: http://ftp.debian.org|URIs: https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list.d/debian.sources
sed -i 's|^URIs: http://security.debian.org|URIs: https://mirrors.tuna.tsinghua.edu.cn|g' /etc/apt/sources.list.d/debian.sources
rm /etc/apt/sources.list.d/ceph.sources
rm /etc/apt/sources.list.d/pve-enterprise.sources
source /etc/os-release
cat << EOF >/etc/apt/sources.list.d/proxmox.sources
Types: deb
URIs: https://mirrors.tuna.tsinghua.edu.cn/proxmox/debian/pve
Suites: $VERSION_CODENAME
Components: pve-no-subscription
Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg
EOF
# apt
apt update && apt full-upgrade -y
apt install -y aria2 curl wget htop vim iftop iotop tree netcat-openbsd net-tools ifupdown2
apt install -y libgl1 libegl1
# lvm
lvremove /dev/pve/data
lvextend -rl +100%FREE /dev/pve/root
lvs
vgs
pvs
df -hT
# storage
/etc/pve/storage.cfg
# bash
sed -i 's|# zh_CN.UTF-8 UTF-8|zh_CN.UTF-8 UTF-8|' /etc/locale.gen
locale-gen
echo >> ~/.bashrc "export LC_ALL='en_US.UTF-8'"
echo >> ~/.bashrc "PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '"
# vim
cat << EOF >~/.vimrc
syntax on
hi Comment ctermfg=6
let loaded_matchparen=1
set encoding=utf-8
set tabstop=4
set softtabstop=4
set expandtab
set ruler
set showcmd
set showmatch
set hlsearch
set incsearch
EOF
KVM Guest
Image
aria2c -c -x 10 -s 10 https://mirrors.huaweicloud.com/ubuntu-cloud-images/noble/current/noble-server-cloudimg-amd64.img
qemu-img convert -f qcow2 -O raw noble-server-cloudimg-amd64.img noble-server-cloudimg-amd64.raw
mkdir -p /raw
# fdisk -ul noble-server-cloudimg-amd64.raw
mount -o loop,offset=$((2099200 * 512)) noble-server-cloudimg-amd64.raw /raw
sed -i "s@http://.*archive.ubuntu.com@http://mirrors.huaweicloud.com@g" /raw/etc/apt/sources.list.d/ubuntu.sources
sed -i "s@http://.*security.ubuntu.com@http://mirrors.huaweicloud.com@g" /raw/etc/apt/sources.list.d/ubuntu.sources
sed -i "s@http://.*archive.ubuntu.com@http://mirrors.huaweicloud.com@g" /raw/etc/cloud/cloud.cfg
sed -i "s@http://.*security.ubuntu.com@http://mirrors.huaweicloud.com@g" /raw/etc/cloud/cloud.cfg
umount /raw
Create
# 创建虚拟机
qm create 100
# 导入 cloudimg 文件作为硬盘
# qm importdisk 100 noble-server-cloudimg-amd64.raw local-lvm --format raw
# qm set 100 --scsihw virtio-scsi-pci --scsi0 local-lvm:vm-100-disk-0
qm importdisk 100 noble-server-cloudimg-amd64.raw local --format raw
qm set 100 --scsihw virtio-scsi-single --scsi0 local:100/vm-100-disk-0.raw
# 设置启动盘
qm set 100 --boot c --bootdisk scsi0
# 添加 cloudinit 设置
# qm set 100 --ide2 local-lvm:cloudinit
qm set 100 --ide2 local:cloudinit,format=raw
qm set 100 --ciuser root
qm set 100 --ciupgrade 0
qm set 100 --sshkey ~/.ssh/authorized_keys
# 添加网卡设置
qm set 100 --net0 virtio,bridge=vmbr0
# qm set 100 --ipconfig0 ip=dhcp
# qm set 100 --ipconfig0 ip=192.168.1.11/24,gw=192.168.1.1
# 其他杂项设置
qm set 100 --serial0 socket --vga serial0
qm set 100 --agent enabled=1,fstrim_cloned_disks=1,type=virtio
qm set 100 --ostype l26
qm set 100 --onboot 1
qm set 100 --cpu host
qm set 100 --name ubuntu
# 设置 CPU 内存 硬盘
qm set 100 --cores 1
qm set 100 --memory 1024
qm resize 100 scsi0 10G
系统初始化设置
- name: kvm
hosts: all
gather_facts: false
vars:
ansible_python_interpreter: /usr/bin/python3
basic_tools:
- build-essential
- python3-dev
- python3-pip
- cron
- curl
- git
- htop
- iftop
- iptables
- man
- mosh
- mtr-tiny
- net-tools
- p7zip-full
- qemu-guest-agent
- tree
- vim
- vnstat
- wget
- zip
- jq
- yq
pre_tasks:
- raw: bash -c "test -e /usr/bin/python3 || (apt -qqy update && apt install -qqy python3)"
tasks:
- name: 设置为中国时区
timezone: name='Asia/Shanghai'
- name: 设置 bash 命令行提示符为彩色
lineinfile:
path: /root/.bashrc
regexp: "^#?force_color_prompt=yes"
line: force_color_prompt=yes
- name: vim 的自定义配置
copy:
content: |
"syntax on"
dest: /root/.vimrc
force: true
backup: true
- lineinfile:
path: "/root/.vimrc"
line: "{{ item }}"
with_items:
- syntax on
- hi Comment ctermfg = 6
- let loaded_matchparen=1
- set encoding=utf-8
- set tabstop=4
- set softtabstop=4
- set expandtab
- set ruler
- set showcmd
- set showmatch
- set hlsearch
- set incsearch
- name: 启用 ipv4 的转发,并禁用 ipv6
copy:
content: |
# Automatically generated by Ansible\n
dest: /etc/sysctl.conf
force: true
backup: true
- lineinfile:
path: "/etc/sysctl.conf"
line: "{{ item }}"
with_items:
- net.ipv4.ip_forward = 1
- fs.file-max = 262144
- vm.max_map_count = 262144
- net.ipv6.conf.all.disable_ipv6 = 1
- net.ipv6.conf.default.disable_ipv6 = 1
- net.ipv6.conf.lo.disable_ipv6 = 1
- name: 调整系统参数
lineinfile:
path: "/etc/security/limits.conf"
line: "{{ item }}"
with_items:
- "* soft nofile 262144"
- "* hard nofile 262144"
- "root soft nofile 262144"
- "root hard nofile 262144"
- name: 安装系统更新
apt:
upgrade: full
update_cache: true
- name: 安装系统基础的应用工具
apt:
name: "{{ item }}"
state: present
with_items: "{{ basic_tools }}"
- name: 停用 systemd-resolved
systemd_service:
name: systemd-resolved
state: stopped
enabled: false
- name: 删除旧的 resolv.conf
file:
path: /etc/resolv.conf
state: absent
- name: 添加新的 resolv.conf
copy:
content: |
# Automatically generated by Ansible
nameserver 114.114.114.114
dest: /etc/resolv.conf
- name: 卸载 snap step 1
shell: "snap remove {{ item }}"
loop:
- lxd
- core20
- snapd
ignore_errors: yes
- name: 卸载 snap step 2
systemd: name=snapd state=stopped
ignore_errors: yes
- name: 卸载 snap step 3
apt: name=snapd state=absent
- name: 卸载 snap step 4
file: path=/root/snap state=absent