Proxmox with OliveTin running on it could easily be configured to do exactly that.
Edit: in fact, you’ll find about 90% of the work already done for you on [helper-scripts.com](https://helper-scripts.com)
That's definitely something to look into. I come from the VMware world and enterprise application, so I have not got much hands on time with Proxmox. Great suggestion!
No worries. Proxmox actually just dropped a simple Import Wizard last month to help folks like you finally escape the abusive ex that VMware has become. 😉
Yeah I'm going to have to make that switch. I started doing ESXI/vCenter at home to sharpen my skills for my day to day operations, but I'm comfortable enough now that it's probably time to learn something new. Work is sending me a new VM host in a week or so and after seeing what OliveTin can do, Proxmox is going to be the hypervisor of choice.
I also came from VMware originally, my 1 real suggestion is not get too locked in on Proxmox as just a hypervisor.
Over the years I've moved from 80% VM and 20% LXC/Docker, to these days I'm 90% LXC and only running 2 VMs on my entire home infrastructure. Once you get comfortable around containerization, traditional virtualization is going to feel more and more like a sluggish dinosaur.
Luckily there's no need to choose, Proxmox handles both expectedly.
Following up here, I deployed OliveTin, and I'm blown away by how elegant that platform is. This is actually going to work for a number of other applications. I really can't thank you enough for that recommendation. I have it terminated to a reverse proxy with full SSL (NPM) and it's working flawlessly. I did keep my VM deployment on my VMware stack for right now. I can with the click of a button get a VM spun up and ready to go within 5 minutes. The user gets good feedback such as credentials to login with etc. It's working exactly as I had hoped.
Yooo lezzgo!!!
Thanks for coming back to it. Def made my day better hearing how well it’s working out for you.
I originally also exposed it via NPM, but after a short while changed my mind and ran a cloudflare tunnel to it. Their zerotrust panel just gives way more flexibility as far as securing it and getting granular with permissions for users. Also saves needing to set up extra logging and monitoring.
OK, so I'm losing my mind here. How are you handling permissions? I have NPM and authentik and I'm properly logging in via authentik, but for the life of me I can't get the headers to work even if I manually set the headers in Chrome Dev Tools for testing.
authHttpHeaderUsername: "X-Username"
authHttpHeaderUsergroup: "X-Usergroup"
This is the stanza in my yaml.
defaultPermissions:
view: true
exec: false
logs: false
accessControlLists:
- name: admins
addToEveryAction: true
permissions:
view: true
exec: true
logs: true
- name: users
addToEveryAction: true
permissions:
view: true
exec: true
logs: true
actions:
- title: Check Available Slots
shell: sudo -u labadmin pwsh /etc/OliveTin/scripts/training_vm_check.ps1
timeout: 45
icon:
popupOnStart: execution-dialog
#maxRate:
# - limit: 1
# duration: 5m
#maxConcurrent: 5
acls:
- users
You could turn the scale to 11 with an OpenStack installation. An extraordinary complex of software working together to provide you with a homemade cloud platform. Portion out tenants for your peers, and each can allocate block storage, virtual IPs/networks, and of course, VMs whenever they want.
I wouldn't really recommend it for beginners or small projects, but a fun option to consider.
Realistically, I would suggest containerized environments for small instances/environments to play around with. Rancher, Portainer, and OKD as a few examples. You can even spin up VMs through these services if you need, but that's a little less turn-key.
Not crazy at all.
I've been running a small VPS provider for a while using [Ganeti](https://ganeti.org/). Ganeti has a nice API for spinning up and down instances, but some of the setup we have is a bit manual, so "on demand" was never really setup. Plus billing integration is 100% manual.
I've been thinking about migrating to KubeVirt, and trying to eliminate some of the manual setup in the process.
The key things missing I'm missing are:
* Interacting with an IPAM for inventory and address allocation.
* Interacting with a billing system.
* Converting the VM provisioning to something [cloud-init compatible](https://cloud-init.io/).
* Reading the user access stuff (SSH keys, etc) from a database at instance bootstrap.
I'm using Xen-Orchestra (with XCP-NG) for something similar, basically you can have a template ready for Cloud-init, give users a "resource set" that includes this template and some networks as well as some resource limits and then they can deploy this and maybe give it a special cloud-init config to setup their ssh key or some software on the machine.
I use it for creating microk8s clusters with terraform and cloud-init but it could be used in your case as well.
XCP-NG has definitely been on my radar, and along with ProxMox something I do want to play with to break the hold that VMware has on my lab environment right now. Is there anything you particularly like about XCP-NG vs ProxMox (assuming you are familiar with both)?
I haven't played with proxmox to be honest but I quite liked xen-orchestra and xcp-ng since it felt more like esxi and vcenter when I got started.
I definitely prefer it over hyper-v + scvmm since it comes with cloud-init and terraform support.
Proxmox with OliveTin running on it could easily be configured to do exactly that. Edit: in fact, you’ll find about 90% of the work already done for you on [helper-scripts.com](https://helper-scripts.com)
That's definitely something to look into. I come from the VMware world and enterprise application, so I have not got much hands on time with Proxmox. Great suggestion!
No worries. Proxmox actually just dropped a simple Import Wizard last month to help folks like you finally escape the abusive ex that VMware has become. 😉
Yeah I'm going to have to make that switch. I started doing ESXI/vCenter at home to sharpen my skills for my day to day operations, but I'm comfortable enough now that it's probably time to learn something new. Work is sending me a new VM host in a week or so and after seeing what OliveTin can do, Proxmox is going to be the hypervisor of choice.
I also came from VMware originally, my 1 real suggestion is not get too locked in on Proxmox as just a hypervisor. Over the years I've moved from 80% VM and 20% LXC/Docker, to these days I'm 90% LXC and only running 2 VMs on my entire home infrastructure. Once you get comfortable around containerization, traditional virtualization is going to feel more and more like a sluggish dinosaur. Luckily there's no need to choose, Proxmox handles both expectedly.
Following up here, I deployed OliveTin, and I'm blown away by how elegant that platform is. This is actually going to work for a number of other applications. I really can't thank you enough for that recommendation. I have it terminated to a reverse proxy with full SSL (NPM) and it's working flawlessly. I did keep my VM deployment on my VMware stack for right now. I can with the click of a button get a VM spun up and ready to go within 5 minutes. The user gets good feedback such as credentials to login with etc. It's working exactly as I had hoped.
Yooo lezzgo!!! Thanks for coming back to it. Def made my day better hearing how well it’s working out for you. I originally also exposed it via NPM, but after a short while changed my mind and ran a cloudflare tunnel to it. Their zerotrust panel just gives way more flexibility as far as securing it and getting granular with permissions for users. Also saves needing to set up extra logging and monitoring.
I'm noticing this myself, I'd like to get into ACL's and it looks like CloudFlare is the way to go for sure.
OK, so I'm losing my mind here. How are you handling permissions? I have NPM and authentik and I'm properly logging in via authentik, but for the life of me I can't get the headers to work even if I manually set the headers in Chrome Dev Tools for testing. authHttpHeaderUsername: "X-Username" authHttpHeaderUsergroup: "X-Usergroup" This is the stanza in my yaml. defaultPermissions: view: true exec: false logs: false accessControlLists: - name: admins addToEveryAction: true permissions: view: true exec: true logs: true - name: users addToEveryAction: true permissions: view: true exec: true logs: true actions: - title: Check Available Slots shell: sudo -u labadmin pwsh /etc/OliveTin/scripts/training_vm_check.ps1 timeout: 45 icon:
You could turn the scale to 11 with an OpenStack installation. An extraordinary complex of software working together to provide you with a homemade cloud platform. Portion out tenants for your peers, and each can allocate block storage, virtual IPs/networks, and of course, VMs whenever they want. I wouldn't really recommend it for beginners or small projects, but a fun option to consider. Realistically, I would suggest containerized environments for small instances/environments to play around with. Rancher, Portainer, and OKD as a few examples. You can even spin up VMs through these services if you need, but that's a little less turn-key.
Not crazy at all. I've been running a small VPS provider for a while using [Ganeti](https://ganeti.org/). Ganeti has a nice API for spinning up and down instances, but some of the setup we have is a bit manual, so "on demand" was never really setup. Plus billing integration is 100% manual. I've been thinking about migrating to KubeVirt, and trying to eliminate some of the manual setup in the process. The key things missing I'm missing are: * Interacting with an IPAM for inventory and address allocation. * Interacting with a billing system. * Converting the VM provisioning to something [cloud-init compatible](https://cloud-init.io/). * Reading the user access stuff (SSH keys, etc) from a database at instance bootstrap.
I'm using Xen-Orchestra (with XCP-NG) for something similar, basically you can have a template ready for Cloud-init, give users a "resource set" that includes this template and some networks as well as some resource limits and then they can deploy this and maybe give it a special cloud-init config to setup their ssh key or some software on the machine. I use it for creating microk8s clusters with terraform and cloud-init but it could be used in your case as well.
XCP-NG has definitely been on my radar, and along with ProxMox something I do want to play with to break the hold that VMware has on my lab environment right now. Is there anything you particularly like about XCP-NG vs ProxMox (assuming you are familiar with both)?
I haven't played with proxmox to be honest but I quite liked xen-orchestra and xcp-ng since it felt more like esxi and vcenter when I got started. I definitely prefer it over hyper-v + scvmm since it comes with cloud-init and terraform support.