]>
Commit | Line | Data |
---|---|---|
03c03402 DM |
1 | Installation |
2 | ============ | |
3 | ||
4 | {pmg} is based on Debian and comes with an installation CD-ROM | |
5 | which includes a complete Debian ("stretch" for version 5.x) system as | |
6 | well as all necessary {pmg} packages. | |
7 | ||
8 | The installer just asks you a few questions, then partitions the local | |
9 | disk(s), installs all required packages, and configures the system | |
10 | including a basic network setup. You can get a fully functional system | |
11 | within a few minutes. This is the preferred and recommended | |
12 | installation method. | |
13 | ||
14 | Alternatively, {pmg} can be installed on top of an existing Debian | |
15 | system. This option is only recommended for advanced users since | |
16 | it requires more detailed knowledge about {pmg} and Debian. | |
17 | ||
18 | Using the {pmg} Installation CD-ROM | |
19 | ----------------------------------- | |
20 | ||
b2d388d4 DM |
21 | You can download the ISO from http://www.proxmox.com. It includes the |
22 | following: | |
03c03402 DM |
23 | |
24 | * Complete operating system (Debian Linux, 64-bit) | |
25 | ||
b2d388d4 DM |
26 | * The {pmg} installer, which partitions the hard drive(s) with ext4, |
27 | ext3, xfs or ZFS and installs the operating system. | |
03c03402 DM |
28 | |
29 | * Linux kernel | |
30 | ||
31 | * Postfix MTA, ClamAV, Spamassassin and the {pmg} toolset | |
32 | ||
33 | * Web based management interface for using the toolset | |
34 | ||
b2d388d4 DM |
35 | Please burn the downloaded ISO image to a CD or create a |
36 | xref:create_bootable_usb[bootable USB stick]. | |
37 | ||
38 | Then insert the installation CD-ROM on the physical host where you want | |
39 | to install {pmg} and boot from that drive. Immediately afterwards you | |
40 | can choose the following menu options: | |
03c03402 DM |
41 | |
42 | image::images/installer/pmg-grub-menu.png[] | |
43 | ||
44 | Install {pmg}:: | |
45 | ||
46 | Start normal installation. | |
47 | ||
48 | Install {pmg} (Debug mode):: | |
49 | ||
50 | Start installation in debug mode. It opens a shell console at several | |
51 | installation steps, so that you can debug things if something goes | |
52 | wrong. Please press `CTRL-D` to exit those debug consoles and continue | |
53 | installation. This option is mostly for developers and not meant for | |
54 | general use. | |
55 | ||
56 | Rescue Boot:: | |
57 | ||
58 | This option allows you to boot an existing installation. It searches | |
59 | all attached hard disks and, if it finds an existing installation, | |
60 | boots directly into that disk using the existing Linux kernel. This | |
61 | can be useful if there are problems with the boot block (grub), or the | |
62 | BIOS is unable to read the boot block from the disk. | |
63 | ||
64 | Test Memory:: | |
65 | ||
66 | Runs `memtest86+`. This is useful to check if your memory is | |
67 | functional and error free. | |
68 | ||
dc69da07 | 69 | You normally select *Install {pmg}* to start the installation. |
03c03402 | 70 | |
dc69da07 | 71 | image::images/installer/pmg-select-target-disk.png[] |
03c03402 | 72 | |
dc69da07 DM |
73 | First step ist to read our EULA (End User License Agreement). After |
74 | that you get prompted to select the target hard disk(s). | |
03c03402 DM |
75 | |
76 | NOTE: By default, the complete server is used and all existing data is | |
77 | removed. | |
78 | ||
03c03402 DM |
79 | The `Options` button lets you select the target file system, which |
80 | defaults to `ext4`. The installer uses LVM if you select `ext3`, | |
81 | `ext4` or `xfs` as file system, and offers additional option to | |
82 | restrict LVM space (see <<advanced_lvm_options,below>>) | |
83 | ||
84 | If you have more than one disk, you can also use ZFS as file system. | |
85 | ZFS supports several software RAID levels, so this is specially useful | |
86 | if you do not have a hardware RAID controller. The `Options` button | |
87 | lets you select the ZFS RAID level, and you can choose disks there. | |
88 | ||
dc69da07 DM |
89 | image::images/installer/pmg-select-location.png[] |
90 | ||
91 | The next page just ask for basic configuration options like your | |
92 | location, the time zone and keyboard layout. The location is used to | |
93 | select a download server near you to speedup updates. The installer is | |
94 | usually able to auto detect those setting, so you only need to change | |
95 | them in rare situations when auto detection fails, or when you want to | |
96 | use some special keyboard layout not commonly used in your country. | |
97 | ||
98 | image::images/installer/pmg-set-password.png[] | |
99 | ||
100 | You then need to specify an email address and the superuser (root) | |
101 | password. The password must have at least 5 characters, but we highly | |
102 | recommend to use stronger passwords - here are some guidelines: | |
103 | ||
104 | - Use a minimum password length of 12 to 14 characters. | |
105 | ||
106 | - Include lowercase and uppercase alphabetic characters, numbers and symbols. | |
107 | ||
108 | - Avoid character repetition, keyboard patterns, dictionary words, letter or number sequences, usernames, relative or pet names, romantic links (current or past) and biographical information (e.g., ID numbers, ancestors' names or dates). | |
109 | ||
110 | It is sometimes necessary to send notification to the system | |
111 | administrator, for example: | |
112 | ||
113 | - Information about available package updates. | |
114 | ||
115 | - Error messages from periodic CRON jobs. | |
116 | ||
117 | All those notification mails will be sent to the specified email | |
118 | address. | |
119 | ||
120 | image::images/installer/pmg-setup-network.png[] | |
03c03402 DM |
121 | |
122 | The last step is the network configuration. Please note that you can | |
123 | use either IPv4 or IPv6 here, but not both. If you want to configure a | |
124 | dual stack node, you can easily do that after installation. | |
125 | ||
126 | If you press `Next` now, installation starts to format disks, and | |
dc69da07 DM |
127 | copies packages to the target. |
128 | ||
129 | image::images/installer/pmg-installation.png[] | |
130 | ||
131 | Copying packages usually takes a few minutes. Please wait until that | |
132 | is finished, then reboot the server. | |
03c03402 DM |
133 | |
134 | Further configuration is done via the Proxmox web interface. Just | |
135 | point your browser to the IP address given during installation | |
136 | (https://youripaddress:8006). | |
137 | ||
b5b01ac3 DM |
138 | image::images/screenshot/pmg-gui-login-window.png[] |
139 | ||
b2d388d4 DM |
140 | . Login and upload subscription key. |
141 | + | |
03c03402 DM |
142 | NOTE: Default login is "root" and the root password is |
143 | defined during the installation process. | |
144 | ||
b2d388d4 DM |
145 | . Check the IP configuration and hostname. |
146 | ||
147 | . Check and save the Time Zone. | |
148 | ||
149 | . Check your xref:firewall_settings[Firewall settings]. | |
150 | ||
151 | . Configure {pmg} to forward the incoming SMTP traffic to your Mail | |
152 | server ('Configuration/Mail Proxy/Default Relay') - 'Default | |
153 | Relay' is your e-mail server. | |
154 | ||
155 | . Configure your e-mail server to send all outgoing messages through | |
303ee757 | 156 | your {pmg} ('Smart Host', port 26 by default). |
b2d388d4 DM |
157 | |
158 | For detailed deployment scenarios see chapter | |
159 | xref:chapter_deployment[Planning for Deployment]. | |
160 | ||
161 | If the installation succeeds you have to route all your incoming and | |
162 | outgoing e-mail traffic to the Mail Gateway. For incoming traffic you | |
163 | have to configure your firewall and/or DNS settings. For outgoing | |
164 | traffic you need to change the existing e-mail server configuration. | |
165 | ||
03c03402 DM |
166 | |
167 | [[advanced_lvm_options]] | |
168 | Advanced LVM Configuration Options | |
169 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
170 | ||
171 | The installer creates a Volume Group (VG) called `pmg`, and additional | |
172 | Logical Volumes (LVs) called `root` and `swap`. The size of | |
173 | those volumes can be controlled with: | |
174 | ||
175 | `hdsize`:: | |
176 | ||
177 | Defines the total HD size to be used. This way you can save free | |
178 | space on the HD for further partitioning (i.e. for an additional PV | |
179 | and VG on the same hard disk that can be used for LVM storage). | |
180 | ||
181 | `swapsize`:: | |
182 | ||
183 | Defines the size of the `swap` volume. The default is the size of the | |
184 | installed memory, minimum 4 GB and maximum 8 GB. The resulting value cannot | |
185 | be greater than `hdsize/8`. | |
186 | ||
03c03402 DM |
187 | `minfree`:: |
188 | ||
2729e8b8 | 189 | Defines the amount of free space left in LVM volume group `pmg`. |
03c03402 DM |
190 | With more than 128GB storage available the default is 16GB, else `hdsize/8` |
191 | will be used. | |
192 | + | |
193 | NOTE: LVM requires free space in the VG for snapshot creation (not | |
194 | required for lvmthin snapshots). | |
195 | ||
196 | ||
197 | ZFS Performance Tips | |
198 | ~~~~~~~~~~~~~~~~~~~~ | |
199 | ||
200 | ZFS uses a lot of memory, so it is best to add additional RAM if you | |
201 | want to use ZFS. A good calculation is 4GB plus 1GB RAM for each TB | |
202 | RAW disk space. | |
203 | ||
204 | ZFS also provides the feature to use a fast SSD drive as write cache. The | |
205 | write cache is called the ZFS Intent Log (ZIL). You can add that after | |
206 | installation using the following command: | |
207 | ||
208 | zpool add <pool-name> log </dev/path_to_fast_ssd> | |
209 | ||
210 | ||
3372775f DM |
211 | include::pmg-usbstick.adoc[] |
212 | ||
213 | ||
03c03402 DM |
214 | Install {pmg} on Debian |
215 | ----------------------- | |
216 | ||
217 | {pmg} ships as a set of Debian packages, so you can install it | |
218 | on top of a normal Debian installation. After configuring the | |
219 | repositories, you need to run: | |
220 | ||
221 | [source,bash] | |
222 | ---- | |
223 | apt-get update | |
224 | apt-get install proxmox-mailgateway | |
225 | ---- | |
226 | ||
227 | Installing on top of an existing Debian installation looks easy, but | |
228 | it presumes that you have correctly installed the base system, and you | |
229 | know how you want to configure and use the local storage. Network | |
230 | configuration is also completely up to you. | |
231 | ||
232 | NOTE: In general, this is not trivial, especially when you use LVM or | |
233 | ZFS. | |
e3eaa56a DM |
234 | |
235 | ||
236 | [[pmg_package_repositories]] | |
237 | Package Repositories | |
238 | -------------------- | |
239 | ||
240 | All {debian} based systems use | |
241 | http://en.wikipedia.org/wiki/Advanced_Packaging_Tool[APT] as package | |
242 | management tool. The list of repositories is defined in | |
243 | `/etc/apt/sources.list` and `.list` files found inside | |
244 | `/etc/apt/sources.d/`. Updates can be installed directly using | |
245 | `apt-get`, or via the GUI. | |
246 | ||
247 | Apt `sources.list` files list one package repository per line, with | |
248 | the most preferred source listed first. Empty lines are ignored, and a | |
249 | `#` character anywhere on a line marks the remainder of that line as a | |
250 | comment. The information available from the configured sources is | |
251 | acquired by `apt-get update`. | |
252 | ||
253 | .File `/etc/apt/sources.list` | |
254 | ---- | |
255 | deb http://ftp.debian.org/debian stretch main contrib | |
256 | ||
aedc8192 SI |
257 | deb http://ftp.debian.org/debian stretch-updates main contrib |
258 | ||
e3eaa56a DM |
259 | # security updates |
260 | deb http://security.debian.org stretch/updates main contrib | |
261 | ---- | |
262 | ||
263 | In addition, {pmg} provides three different package repositories. | |
264 | ||
265 | ||
266 | {pmg} Enterprise Repository | |
267 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
268 | ||
269 | This is the default, stable and recommended repository, available for | |
270 | all {pmg} subscription users. It contains the most stable packages, | |
271 | and is suitable for production use. The `pmg-enterprise` repository is | |
272 | enabled by default: | |
273 | ||
274 | .File `/etc/apt/sources.list.d/pmg-enterprise.list` | |
275 | ---- | |
276 | deb https://enterprise.proxmox.com/debian/pmg stretch pmg-enterprise | |
277 | ---- | |
278 | ||
279 | As soon as updates are available, the `root@pam` user is notified via | |
280 | email about the available new packages. On the GUI, the change-log of | |
281 | each package can be viewed (if available), showing all details of the | |
282 | update. So you will never miss important security fixes. | |
283 | ||
284 | Please note that and you need a valid subscription key to access this | |
285 | repository. We offer different support levels, and you can find further | |
d2ae160b | 286 | details at {pricing-url}. |
e3eaa56a DM |
287 | |
288 | NOTE: You can disable this repository by commenting out the above line | |
289 | using a `#` (at the start of the line). This prevents error messages | |
290 | if you do not have a subscription key. Please configure the | |
291 | `pmg-no-subscription` repository in that case. | |
292 | ||
293 | ||
294 | {pmg} No-Subscription Repository | |
295 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | |
296 | ||
297 | As the name suggests, you do not need a subscription key to access | |
298 | this repository. It can be used for testing and non-production | |
299 | use. Its not recommended to run on production servers, as these | |
300 | packages are not always heavily tested and validated. | |
301 | ||
302 | We recommend to configure this repository in `/etc/apt/sources.list`. | |
303 | ||
304 | .File `/etc/apt/sources.list` | |
305 | ---- | |
306 | deb http://ftp.debian.org/debian stretch main contrib | |
307 | ||
308 | # PMG pmg-no-subscription repository provided by proxmox.com, | |
309 | # NOT recommended for production use | |
310 | deb http://download.proxmox.com/debian/pmg stretch pmg-no-subscription | |
311 | ||
312 | # security updates | |
313 | deb http://security.debian.org stretch/updates main contrib | |
314 | ---- | |
315 | ||
316 | ||
317 | {pmg} Test Repository | |
318 | ~~~~~~~~~~~~~~~~~~~~~ | |
319 | ||
320 | Finally, there is a repository called `pmgtest`. This one contains the | |
321 | latest packages and is heavily used by developers to test new | |
322 | features. As usual, you can configure this using | |
323 | `/etc/apt/sources.list` by adding the following line: | |
324 | ||
325 | .sources.list entry for `pmgtest` | |
326 | ---- | |
327 | deb http://download.proxmox.com/debian/pmg stretch pmgtest | |
328 | ---- | |
329 | ||
330 | WARNING: the `pmgtest` repository should (as the name implies) only be used | |
331 | for testing new features or bug fixes. | |
332 | ||
333 | ||
334 | SecureApt | |
335 | ~~~~~~~~~ | |
336 | ||
337 | We use GnuPG to sign the `Release` files inside those repositories, | |
338 | and APT uses that signatures to verify that all packages are from a | |
339 | trusted source. | |
340 | ||
341 | The key used for verification is already installed if you install from | |
342 | our installation CD. If you install by other means, you can manually | |
343 | download the key with: | |
344 | ||
345 | # wget http://download.proxmox.com/debian/proxmox-ve-release-5.x.gpg -O /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg | |
346 | ||
347 | Please verify the checksum afterwards: | |
348 | ||
349 | ---- | |
350 | # sha512sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg | |
351 | ffb95f0f4be68d2e753c8875ea2f8465864a58431d5361e88789568673551501ae574283a4e0492f17d79dc67edfb173a56a6304dea39e01f249ebdabc9f074a /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg | |
352 | ---- | |
353 | ||
354 | or | |
355 | ||
356 | ---- | |
357 | # md5sum /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg | |
358 | 511d36d0f1350c01c42a3dc9f3c27939 /etc/apt/trusted.gpg.d/proxmox-ve-release-5.x.gpg | |
359 | ---- | |
360 | ||
361 |