New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Automate deployment of NAT VMs on Proxmox?
What's the most efficient way to auto-deploy deploy NAT VMs with probably a few ports forwarded. I'm doing a personal project for educational purposes where I want to be able to deploy NAT VMs on-the-fly and delete them too if needed. I read that Terraform may be a good option? I noticed that there are quite a few providers here on LET that provide NAT VMs, what are your approaches?
The OS I am using is the latest Proxmox.
Comments
I look forward to your offerings.
cloud-init is a thing.
You clone your ready proxmox template, update the settings like password or ssh public key, network and you start the vm.
I have a bunch of proxmox templates which I use mainly for NanoKVM here.
https://img.nanokvm.net/
I also use them on my private KS-LE, clone, configure and boot.
Gonna build them on Jenkins at some point, like this.
https://jenkins.microlxc.net/
KVM or LXC (proxmox containers)?
Mainly KVM, but LXC would be good too, which I believe would be easier.
500 is Debian 10 and 501 is Debian 11.
You basically you wget it into /var/lib/vz/dump
Then you just restore it, click clone, full clone, which is important and configure network and your ssh pub key or set a password, which is enabled on these templates and you got a shiny new VM.
Deploy your virtual machines via Proxmox API with Cloudinit. Then, your "personal project" can add a forwarding rule on the host-level firewall using a bash script or tools like Ansible, Puppet, etc.
Using scripts to configure forwarding rules, regularly detecting the id of vm and assigning appropriate ports should be the simplest start.
Considering that all this is not complicated, a bash script for a timed task can even work (although it may not be very beautiful, it is indeed feasible)
I have a little script written here that probably does something like port and port segment forwarding manually.
He's overly rudimentary, and even the interactions are still written in Chinese, but if you don't mind, I think it can be used as a rudimentary reference.