Rapid Topology Deployment with Proxmox

One of the benefits of using Proxmox is the ability to perform management functions via a built-in CLI utility. For a recap of this functionality, check out the previous blog post about Increasing Operational Efficiency in Proxmox with PVESH.

Beyond doing normal management activities within Proxmox, this functionality can be leveraged to rapidly deploy virtual machines and their corresponding virtual switches. This allows the administrator to create configurations to represent topologies for testing specific use-cases. Since these configurations can be defined as text, it can be used for rapid deployment via copy/paste into the command line. Also, it can be distributed to others for sharing those topologies.

Planning the Topology

It is beneficial to have a network design on paper prior to creating the configuration files that define the topology. This is useful to prevent mistakes in the configuration file as well as serve as a guideline to make sure the configuration has the intended results. In this particular case, we will be using a simple straight forward topology which is defined in the screenshot below.

Once the design is in place, we can move on to creating the templates.

Templates in Proxmox

Creating templates is one of the most useful features in Proxmox. In a nutshell, it allows you to “copy” a pre-configured VM and generate it into its own instance. The more detailed explanation of this is explained in the following quote:

A template is a fully pre-configured operating system image that can used to deploy KVM virtual machines. Creating a special template is usually preferred over cloning an existing VM.

Deploying virtual machines from templates is blazing fast, very comfortable and if you use linked clones you can optimize your storage by using base images and thin-provisioning.

https://pve.proxmox.com/wiki/VM_Templates_and_Clones

While this article will not dive into the complete details of creating templates, we will cover at a high level the methodology on creating a template for use within the context of this article.

Creating a Template in Proxmox

To create a template in Proxmox, follow the steps below:

1. Within the Proxmox UI, right-click the VM you wish to turn into a template | Select “Convert to Template”

2. Select “Yes” from the “Confirm” dialog box to continue the process to convert the VM to a template

Please note: At this point, you will not be able to start this template like a normal VM and you will need to create a clone of this template as a new VM to use it.

3. Confirm that the VM has been converted by noting the change of the icon as well as an “OK” from the event log status at the bottom

Creating VMs from Templates

To create a VM from a template, follow the steps below:

1. Right-click the template | Select “Clone”

2. In the “Clone VM” dialog box, fill out the applicable fields | Click “Clone”

3. Confirm that the VM was successfully created

While these steps can be completed from the WebGUI, the amount of administrative overhead associated with creating the template, modifying the hardware resources and updating the network connectivity does not scale with large topologies.

To gain efficiencies and rapidly deploy the topology, the pvesh command can be leveraged.

Deploying with PVESH

Once the templates have been created, the PVESH utility can be utilized to quickly generate VMs. To accomplish this, follow the section below:

Creating the VM from Template with PVESH

To streamline the creation of the VMs, two commands are ran. The first is to create the VM from the template.

pvesh create /nodes/pve1/qemu/<id of template>/clone --newid <new id of VM> --name <name of new vm>

The second is to set the hardware parameters on the newly created VM.

pvesh set /nodes/pve1/qemu/<id of VM>/config --net0 virtio,bridge=vmbr1,tag=<vlanid>

Although it is not specifically highlighted, the virtual networking is dictated via the use of the “–net#” command referenced in the command above. This leverages the already created virtual bridges within Proxmox and assigns the corresponding VLAN to those bridges.

Resultant Configurations

The resultant configurations for each of the components are as follows:

Windows1

pvesh create /nodes/pve1/qemu/20000/clone --newid 4000 --name windows1
pvesh set /nodes/pve1/qemu/4000/config --net0 virtio,bridge=vmbr1,tag=310

FortiGate1

pvesh create /nodes/pve1/qemu/10000/clone --newid 4001 --name fortigate1
pvesh set /nodes/pve1/qemu/4001/config --net0 virtio,bridge=vmbr1,tag=350 --net1 virtio,bridge=vmbr1,tag=300 --net2 virtio,bridge=vmbr1,tag=310

FortiGate2

pvesh create /nodes/pve1/qemu/10000/clone --newid 4002 --name fortigate2
pvesh set /nodes/pve1/qemu/4002/config --net0 virtio,bridge=vmbr1,tag=350 --net1 virtio,bridge=vmbr1,tag=300 --net2 virtio,bridge=vmbr1,tag=320

Windows2

pvesh create /nodes/pve1/qemu/20000/clone --newid 4003 --name windows2
pvesh set /nodes/pve1/qemu/4003/config --net0 virtio,bridge=vmbr1,tag=320

Results

Once all of the configurations have been generated, they can be pasted in the command line and the topology can be generated quickly.

To show all of the commands in its entirety, I copied the commands into NotePad++.

Prior to pasting the commands via the Proxmox CLI, I confirmed the current topology of VMs within the Proxmox navigation.

Since the topology is defined via text, it can all be pasted at one time and Proxmox will execute those commands via the pvesh utility.

After pasting these commands into the Proxmox CLI, the new topology of VMs can be confirmed via the Proxmox GUI:

At this point, the VMs are created but they still need to have configurations applied to them before they can be used. The information in the article about cloud-init can be leveraged to apply a zero-touch provisioning of the Fortinet assets within the deployed topology.

I know that this was a lot of information but I hope it proves useful in leveraging Proxmox to quickly stand up topologies for simulation as well as production deployment. Leave a comment below and let me know how the information in this article impacts your operations.