Our PROXMOX Private Cloud provider allow you to create WordPress server containers on your PROXMOX nodes from inside the WPCD dashboard. With it, you do not need to manually configure your containers and then treat them as custom servers.
Once setup, the integration with the WPCD UI is as seamless as other public cloud services such as DigitalOcean, AWS etc.
However, to make this work requires a lot of setup inside PROXMOX itself. Private clouds are complex to setup and configure so this should not be a surprise.
Promox is a complex beast to properly setup and run. A production level cluster will likely start at $500 per month at a hosting provider. If you’re running a smaller cluster this provider will likely not work well for you.
Our provider offers a basic codebase and deploys WP servers properly using most implementations of default Proxmox software. But it is fully expected that, based on how you configure your networking, server groups, firewalls etc., you will need some customization.
Because of this expectation, the provider is not available without a services contract and we do not offer free support for it.
Before attempting to install the WPCD Proxmox Private Cloud provider, please check the following 8 items on your Proxmox nodes. These are the requirements for using the unmodified baseline version of this provider.
We have tested this provider on Proxmox V 7.2.7.
Earlier versions will not work.
Later versions may or may not work (though we expect that they would work).
Each Proxmox server node that will host a container must have SNAPD installed as well as the CERTBOT SNAP on it. Without these two items on the PROXMOX host the container will not be able to install Certbot. (If you’re not familiar with it, CERTBOT is the process that allow us to obtain free SSL certificates from LetsEncrypt).
apt-get install snapd -y snap install core snap install --classic certbot snap set certbot trust-plugin-with-root=ok snap install certbot-dns-cloudflare snap set certbot trust-plugin-with-root=ok snap install certbot-dns-dnsmadeeasy snap set certbot trust-plugin-with-root=ok snap install certbot-dns-google snap set certbot trust-plugin-with-root=ok snap install certbot-dns-ovh snap set certbot trust-plugin-with-root=ok snap install certbot-dns-route53 snap set certbot trust-plugin-with-root=ok
Each Proxmox server node that will host a container must have a custom APPARMOR profile file setup inside the /etc/apparmor.d/ folder. You can name the file anything you like but we suggest using the name wpcd. (So nano /etc/apparmor.d/wpcd will create an empty file in which you can add the following profile lines.)
profile wpcd flags=(attach_disconnected,mediate_deleted) { mount fstype=fuse, mount fstype=securityfs -> /sys/kernel/security/, deny /sys/kernel/security/** rwklx, }
The easiest way to get all new containers to use the new APPARMOR profile is to include it in the default APPARMOR configuration file. Open the file using NANO:
nano /etc/lxc/default.conf
Add the following line to the end of it:
lxc.apparmor.raw = #include </etc/apparmor.d/wpcd>
Save the file using CTRL-O and exit with CTRL-X.
Each container must then reference this file by modifying it’s configuration file:
nano /etc/pve/etc/<container ID>.conf
Where <container id> is usually a number such as 100. eg: nano /etc/pve/etc/100.conf
Add in the following lines:
lxc.apparmor.raw: #include <wpcd>
You will need to add at least one POOL under your datacenter. The default Proxmox installation does not create a pool for you so you need to create one yourself.
You can create a pool using DATACENTER->PERMISSIONS->POOLS screen.
The pool must be given the permissions of the ROOT user.
Then, you will need to add storage to the pool. You can do this under the MEMBERS tab for the pool – use the ADD button at the top of the tab.
Unfortunately you cannot use the default Proxmox templates for Ubuntu 18.04, 20.04 and 22.04. Instead you need to create customized versions of these templates:
Each Ubuntu template needs to be modified for the following and then saved with a new name.:
We will ask for these new names when configuring the provider in the WPCD settings area.
Once you’ve taken care of ALL the prerequisites on the PROXMOX cluster mentioned above, you can install the provider for WPCD.
The provider is just a regular WordPress plugin – upload and activate it from the WordPress PLUGINS screen.
Unlike all the other providers, there is a lot more to configure here. You will see the following sections on the settings screen for the provider:
Below is an explanation of how to proceed with configuring each section.
Start by navigating to the WPCLOUDDEPLOY → SETTINGS → CLOUD PROVIDERS tab and click on the PROXMOX sub-tab.
Fill out the following fields in the API KEYS section:
Click the SAVE SETTINGS button at the bottom of the screen – click it TWICE. This will cause provider to reach out to the cluster and collect some information which will populate some of the fields in the other sections.
Under the CONTAINER PLACEMENT section choose your PROXMOX NODE, PROXMOX POOL and STORAGE. If you met the pre-requisites and the api key is correct then there should be at least one entry in each of these drop-downs.
Then, click the SAVE SETTINGS button.
Next, you need to enter the names of the templates for each of the Ubuntu Operating Systems – 18.04, 20.04, 22.04.
One of the nice benefits about using our private cloud providers is you can customize these images and use them as the baseline operating system – a feature we don’t offer in our public cloud providers.
For more information about the format of these names please see the OS TEMPLATE NAMES section later in this document.
Since you’re using a private cloud, you need to let the provider know which public IP addresses can be used for containers. Every time we create a container, we will use one of these addresses. We track used addresses and restore them to the available pool when a container is deleted.
There is a special format for these addresses:
ipv4/cidr|gateway|mac-address
You can see an example in the image below.
The mac-address is optional but is sometimes needed because many hosting companies cache the IPv4->MAC ADDRESS relationship at their network edge. This caching can cause networking issues if an IPv4 address is reused with a different mac address. We recommend you use it if you’re not sure whether or not your host does this type of caching.
You do not need to enter any data into the USED IP ADDRESSES field. We will update this field as the IP addresses are used to create new containers.
One of the benefits of your own private cloud is you get to create your own server sizes instead of using the predefined ones given to you by the major cloud providers.
You can create as many sizes as you like. But you do need to create at least one.
As with the other providers you need to setup your SSH keys. Unlike most of them, you need to provide BOTH the public and private keys.
In the WPCD settings area for the Proxmox provider we ask for the name of the template for each operating system. The template names have the following restrictions as follows:
The basic Proxmox provider can only be used to assign containers to a single node. In order to use it on multiple nodes, you need to install the VIRTUAL PROVIDER add-on. Once that has been installed, you can create a virtual provider for each node– learn more in the Virtual Provider documentation.
snapd.failure.service is a disabled or a static unit, not starting it. snapd.snap-repair.service is a disabled or a static unit, not starting it.
sudo: setrlimit(RLIMIT_CORE): Operation not permitted
'unknown': unknown terminal type
You can suppress the setrlimit message by running the following command in each container after its provisioned:
echo "Set disable_coredump false" >> /etc/sudo.conf
If your only server provider is PROXMOX then you can also modify the bash script that sets up our server to run this command.