Rescue -> Reset
(host)# installimage -> Debian 11 -> RaidSetup#0 -> Hostname -> PartSetup#1 -> Save -> Reboot
(host)# Hostname#2 -> Install Proxmox#3 -> Install Debian 12 On Proxmox#4
RaidSetup#0
Raid0一直爽 数据火葬场
SWRAID 1
SWRAIDLEVEL 0
PartSetup#1 (The original partition must be commented)
屏蔽原分区方案
# PART /boot/efi esp 256M 可能可以不加
PART /boot ext3 1024M
PART lvm vg0 all
LV vg0 swap swap swap 1G
LV vg0 root / ext4 all
Hostname#2
apt update
apt -y install vim
vim /etc/hosts
# hostnamectl set-hostname honus (如果之前未设置hostname)
# Remove ipv6 hostname from /etc/hosts
Install Proxmox#3
# Install Proxmox VE
curl -o /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg http://download.proxmox.com/debian/proxmox-release-bullseye.gpg
echo "deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription" > /etc/apt/sources.list.d/pve-install-repo.list
apt update
apt -y full-upgrade
apt -y install proxmox-ve
# Install Proxmox VE Latest kernel
# apt list | grep pve-kernel
apt -y install pve-kernel-6.2.9-1-pve
apt -y install pve-headers-6.2.9-1-pve
proxmox-boot-tool kernel pin 6.2.9-1-pve
# Set up network
echo "net.core.default_qdisc=fq" >> /etc/sysctl.conf
echo "net.ipv4.tcp_congestion_control=bbr" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_dad = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_ra = 0" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_redirects = 1" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.accept_source_route = 0" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.autoconf = 0" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.disable_ipv6 = 0" >> /etc/sysctl.conf
echo "net.ipv6.conf.all.forwarding=1" >> /etc/sysctl.conf
sysctl -p
根据具体IP配置以下内容 可实现小鸡 ipv4 NAT访问 独立ipv6
vim /etc/network/interfaces
# ⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!
source /etc/network/interfaces.d/*
auto lo
iface lo inet loopback
iface lo inet6 loopback
auto eno1
iface eno1 inet manual
post-up /sbin/ethtool -K eno1 tx off rx off
iface eno1 inet6 manual
auto vmbr0
iface vmbr0 inet static
address [母鸡IP]
netmask [母鸡掩码]
gateway [母鸡网关]
bridge_ports eno1
bridge_stp off
bridge_fd 0
bridge_maxwait 0
iface vmbr0 inet6 static
address [母鸡IPV6]::2
netmask 64
gateway fe80::1
bridge_ports eno1
bridge_stp off
bridge_fd 0
auto vmbr1
iface vmbr1 inet static
address 192.168.0.1
netmask 255.255.255.0
bridge_ports none
bridge_stp off
bridge_fd 0
post-up iptables -t nat -A POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
post-down iptables -t nat -D POSTROUTING -s '192.168.0.0/24' -o vmbr0 -j MASQUERADE
iface vmbr1 inet6 static
address [母鸡IPV6]::3/64
bridge_ports none
bridge_stp off
bridge_fd 0
post-up echo 1 > /proc/sys/net/ipv6/conf/all/proxy_ndp
post-up echo 1 > /proc/sys/net/ipv6/conf/all/forwarding
post-up echo 1 > /proc/sys/net/ipv6/conf/default/forwarding
post-up /sbin/ip -f inet6 neigh add proxy [母鸡IPV6]::3 dev vmbr1
# 下面两行为一对,指::4/128的IPv6地址通过vmbr0转发出去,而进网增加了一条经::3在vmbr1上转发的规则,有几个独立的固定IPv6,则增加几对
post-up /sbin/ip -f inet6 neigh add proxy [母鸡IPV6]::4 dev vmbr0
post-up /sbin/ip -f inet6 route add [母鸡IPV6]::4 dev vmbr1
# 以下内容根据需要调整
# 将 [公网IP] 端口转发到到内网端口上
# 将外网1234端口转发到本地3389端口
post-up iptables -t nat -A PREROUTING -i vmbr0 -d [公网ipv4]/32 -p tcp -m multiport --dports 1234 -j DNAT --to 192.168.0.2:3389
post-down iptables -t nat -D PREROUTING -i vmbr0 -d [公网ipv4]/32 -p tcp -m multiport --dports 1234 -j DNAT --to 192.168.0.2:3389
# 用于解决内网小鸡无法互相访问问题
# 将来源为内网 目标为公网的请求直接发送到 192.168.0.2
post-up iptables -t nat -A PREROUTING -s 192.168.0.0/24 -d [公网ipv4] -p tcp -m multiport --dports 3389 -j DNAT --to-destination 192.168.0.2
# 来源为 [内网IP] 目标为 [内网IP] 直接发送给内网网关
post-up iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -d 192.168.0.0/24 -j SNAT --to-source 192.168.0.1
post-down iptables -t nat -D POSTROUTING -s 192.168.0.0/24 -d 192.168.0.0/24 -j SNAT --to-source 192.168.0.1
# ⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️
systemctl restart networking.service
reboot
uname -r
Install Debian 12 On Proxmox#4
# 下载镜像宿主机 wget http://debian.obspm.fr/debian-cd/12.1.0/amd64/iso-cd/debian-12.1.0-amd64-netinst.iso
# 创建虚拟机
系统 -> SCSI控制器(VirtIO SCSI Single) -> 机型(q35) -> Qemu代理(✔️) -> BIOS(OVMF (UEFI)) -> 添加TPM(❌) -> 添加EFI磁盘(✔️) -> 格式(QEMU映像格式(qcow2)) -> 预注册密钥(✔️)
磁盘 -> 总线设备(SCSI) -> 缓存(Write back) -> IO thread(✔️) -> 磁盘大小 -> 磁盘格式(QEMU映像格式(qcow2)) -> SSD仿真(❌) -> 备份(✔️) -> 只读(❌) -> 跳过复制(❌) -> 异步IO(默认)
CPU -> 插槽(1) -> 类别(host) -> 核心(12) -> 启用NUMA(✔️)
内存 61440
网络 -> 桥接(vmbr1) -> 模型(VirtIO) -> MAC地址(auto) -> 防火墙(❌) ->
# 启动时先用Esc键进入 BIOS 关闭安全启动
Device Manager -> Secure Boot Configuration -> Attempt Secure Boot(❌) -> Reset
# 手动配置网络分区
# 放行ssh root登陆
vim /etc/ssh/sshd_config
PermitRootLogin yes
systemctl restart ssh
Install Windows10 On Promox#5
教程参考知乎从零开始的all in one之pve安装windows,防止文章删除,存档于github
备注信息:
virtio 驱动从 https://fedorapeople.org/groups/virt/virtio-win/direct-downloads/stable-virtio/ 该网站下载
系统->BIOS 保持默认即可,否则无法启动
安装驱动之后如果网络依然不可用,自查是否支持dhcp,不支持手动配置网络
11代以下cpu显卡虚拟化
11.1 开启 iommu 和 gvt 支持
vim /etc/default/grub
修改前 GRUB_CMDLINE_LINUX_DEFAULT="quiet"
修改后 GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on i915.enable_gvt=1"
update-grub
11.2 加载内核直通模块
echo vfio >> /etc/modules
echo vfio_iommu_type1 >> /etc/modules
echo vfio_pci >> /etc/modules
echo vfio_virqfd >> /etc/modules
echo kvmgt >> /etc/modules
update-initramfs -u
11.3 重启主机
reboot
11.4 验证是否开启GVT
ls /sys/bus/pci/devices/0000:00:02.0/mdev_supported_types/ #自觉将00:02换成自己的。
#出现下面4个选项或者类似的即成功。
i915-GVTg_V5_1 i915-GVTg_V5_2 i915-GVTg_V5_4 i915-GVTg_V5_8
11.5 添加虚拟化显卡
硬件 -> 添加 -> PCI设备 -> 设备[0000:00:02:0] -> [选择一个]
11.6 启动虚拟机安装驱动
备注
# 去除订阅
echo "nameserver 8.8.8.8" >> /etc/resolv.conf && rm -rf pvetools && rm -rf /etc/apt/sources.list.d/pve-enterprise.list && export LC_ALL=en_US.UTF-8 && apt update && apt -y install git && git clone https://github.com/ivanhao/pvetools.git && echo "cd /root/pvetools && ./pvetools.sh" > pvetools/pvetools && chmod +x pvetools/pvetools* && ln -s /root/pvetools/pvetools /usr/local/bin/pvetools && pvetools
# gost转发脚本
wget --no-check-certificate -O gost.sh https://raw.githubusercontent.com/KANIKIG/Multi-EasyGost/master/gost.sh && chmod +x gost.sh && ./gost.sh
# iso 本地路径
/var/lib/vz/template/iso
# backup 本地路径
/var/lib/vz/dump
# 无需密码进入虚拟机
pct exec <vmid> bash
# 关闭无响应容器
ls -l /run/lock/qemu-server
ps -ef|grep "/usr/bin/kvm -id 100"|grep -v grep
rm -f /run/lock/qemu-server/lock-100.conf
qm unlock 100
qm stop 100
qm status 100
# 内核管理工具
proxmox-boot-tool kernel list
pve 硬盘扩容(虚拟机内执行)
# 手动在PVE界面扩容
# 进入虚拟机检查硬盘容量是否添加
apt -y install parted
fdisk -l
parted /dev/sda
> print
> Warning: Not all of the space available to /dev/sda appears to be used, you can fix the GPT to use all of thespace (an extra 209715200 blocks) or continue with the current setting?
> Fix/Ignore? Fix
> resizepart 3 100%
> quit
pvresize /dev/sda3
df -h
> /dev/mapper/honus--vg-root 292G 1.7G 275G 1% /
lvextend -l +100%FREE /dev/mapper/honus--vg-root
resize2fs -p /dev/mapper/honus--vg-root
pve 硬盘减容
pve进阶 11代以上 核显虚拟化
# 主机
apt install git dkms build-* unzip -y
git clone https://github.com/strongtz/i915-sriov-dkms.git
cd i915-sriov-dkms
vim dkms.conf
> PACKAGE_NAME="i915-sriov-dkms"
> PACKAGE_VERSION="6.1"
dkms add .
dkms install i915-sriov-dkms/6.1
dkms status == i915-sriov-dkms, 6.1, 6.1.10-1-pve, x86_64: installed
vim /etc/default/grub
> GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0 intel_iommu=on i915.enable_guc=3 i915.max_vfs=7"
update-grub
update-initramfs -u
apt -y install sysfsutils
echo "devices/pci0000:00/0000:00:02.0/sriov_numvfs = 7" > /etc/sysfs.conf
lspci | grep VGA
dmesg | grep i915
# 虚拟机
# Debian11 安装内核
# ⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️⬇️
cat <<EOT >> /etc/apt/preferences.d/stable.pref
# 500 <= P < 990: causes a version to be installed unless there is a
# version available belonging to the target release or the installed
# version is more recent
Package: *
Pin: release a=stable
Pin-Priority: 900
EOT
cat <<EOT >> /etc/apt/preferences.d/testing.pref
# 100 <= P < 500: causes a version to be installed unless there is a
# version available belonging to some other distribution or the installed
# version is more recent
Package: *
Pin: release a=testing
Pin-Priority: 400
EOT
mv /etc/apt/sources.list /etc/apt/sources.list.d/stable.list
sed 's/bullseye/testing/g' /etc/apt/sources.list.d/stable.list > /etc/apt/sources.list.d/testing.list
apt update && apt -y dist-upgrade && apt -y autoremove
apt search '^linux-image-6.*-amd64'
linux-image-6.1.0-7-amd64/testing 6.1.20-1 amd64
Linux 6.1 for 64-bit PCs (signed)
apt -y install linux-image-6.1.0-7-amd64
reboot
apt -y install dkms dwarves git linux-source-6.1 pahole vainfo
cd /usr/src
tar xJvf linux-source-6.1.tar.xz
cp /boot/config-6.1.*-amd64 /usr/src/linux-source-6.1/.config
/usr/src/linux-source-6.1/.config
> CONFIG_INTEL_MEI_PXP=m
> CONFIG_DRM_I915_PXP=y
cd /usr/src/linux-source-6.1
make deb-pkg LOCALVERSION=-sriov KDEB_PKGVERSION=$(make kernelversion)-1 -j12
dpkg -i /usr/src/*.deb
reboot
uname -r
# ⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️⬆️
ls /lib/firmware/i915/tgl_guc_70.1.1.bin
wget http://mirrors.ustc.edu.cn/proxmox/debian/dists/bullseye/pve-no-subscription/binary-amd64/pve-firmware_3.6-5_all.deb
dpkg -i pve-firmware_3.6-5_all.deb
apt install git dkms build-* unzip -y
git clone https://github.com/strongtz/i915-sriov-dkms.git
cd i915-sriov-dkms
vim dkms.conf
> PACKAGE_NAME="i915-sriov-dkms"
> PACKAGE_VERSION="6.1"
dkms add .
dkms install i915-sriov-dkms/6.1 --force
dkms status == i915-sriov-dkms, 6.1, 6.1.10-1-pve, x86_64: installed
vim /etc/default/grub
> GRUB_CMDLINE_LINUX_DEFAULT="consoleblank=0 intel_iommu=on i915.enable_guc=3"
update-grub
update-initramfs -u
lspci | grep VGA
dmesg | grep i915
ls /dev/dri