How to create a new VM

This page has been moved to with the rest of the sysadmin documentation.

The goal of this document is to explain how to create a new VM on our proxmox clusters.

To create a new VM, you can use the command line (you can use the qemu tools) or the web interface. The access to the web interface is limited to the IP of the clusters, so to use the web interface you should use SSH forwarding or SSH tunnelling.

Use the following command to bind the remote port to a local one:

ssh -L 8006:localhost:8006 <a host withing the proxmox cluster: platinum, iridium, osmium, krypton>

Now you can browse https://localhost:8006 and that will take you to the web interface.

Choose cluster

We have the following clusters:

If the VM needs to be part of a High Availability group, or need to query the LDAP database without certificates it will need to be in Düsseldorf.

Container or VM?

There are two options for new virtual hosts: container or virtual machine.

Recently, we rather prefer Virtual Machines.

Create the VM

Click on "Create new VM" and go through the wizard. In most cases, the defaults are fine:

The virtual machine can be HA managed by the cluster. That means the cluster will ensure that the VM is always up. We only have one HA group, so if you need HA please include the VM to this group (hag0). You can increase the restart to 10. (For the Non-HA Vienna server, make shure to enable autostart in the VM/container settings if it should be running)

OS Installation

Go to the console where the ISO should always have been booted. Here're some general hints:

Network Settings


Host having a dedicated IPv4 can use the following DNS servers (tennant & geoffroy): and

IPv6-only host use 2001:aa8:ffed:f5f3::137 and 2a00:11c0:d:1::115.

Subnets and Gateways


Remove the install ISO from the Proxmox hardware interface.

Connect via SSH and configure the network in /etc/network/interfaces:

iface ens18 inet6 static
    address 2001:aa8:ffed:f5f3::140/64
    gateway 2001:aa8:ffed:f5f3::1

Install the package qemu-guest-agent if you activated QEMU in the creation process (should not be necessary from Debian bullseye on). But you may have to install python3 manually to make Ansible deployments work.

NAT for IPv6-only hosts

If you set up a IPv6-only host, and the VM depends on contacting IPv4-only services (e.g. Github or Docker Hub), you can give the host a NAT'ed private IPv4 on the Noris and Plutex clusters.

For example, add the following to /etc/network/interfaces:

iface ens18 inet static

The subnet/gateway for VMs at Noris is, for Plutex

The address' last octet should be the same as the public IP's last group. So if you host's IPv6 is 2001:780:215:1::123 (Noris), the NAT'ed IPv4 should be

DNS Settings

In the FSFE's DNS settings, add the new host for the domain zone (usually and the PTRs in the IPv4 and IPv6 zones.


Remember documenting the new machine! Setting up a Docker container or VM is just the technical part but in order to make the FSFE's technical infrastructure clear and maintainable, we need proper communication and documentation.

TechDocs/TechnicalProcesses/CreateNewVM (last edited 2023-01-18 14:05:02 by tobiasd)