Poor Man’s Proxmox Cluster

Mike Green
Nov 16, 2013 · 8 min read
Image for post
Image for post
CC BY IVANX

# for Routing
auto vmbr1
iface vmbr1 inet static
address 192.168.15.20/23
bridge_ports dummy0
bridge_stp off
bridge_fd 0
ifdown vmbr1 && ifup vmbr1

apt-get install tinc -y
mkdir -p /etc/tinc/vpn/hosts
cat > /etc/tinc/vpn/tinc.conf <<EOF
Name = server1
AddressFamily = ipv4
Device = /dev/net/tun
Mode = switch
ConnectTo =
EOF
cat > /etc/tinc/vpn/hosts/server1 <<EOF
Address = 123.4.5.6
Port = 655
Compression = 0
EOF
tincd -n vpn -K4096
cat > /etc/tinc/vpn/tinc-up <<EOF
#!/bin/bash
# Attach the 'vpn' interface to vmbr1
/sbin/ifconfig vpn up
/sbin/brctl addif vmbr1 vpn
# Set a multicast route over vmbr1
/sbin/route add -net 224.0.0.0 netmask 240.0.0.0 dev vmbr1
# To allow VMs on a private IP to access the Internet (via vmbr0):
/sbin/iptables -t nat -A POSTROUTING -o vmbr0 -j MASQUERADE
# To allow IP forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
# To limit the chance of Corosync Totem re-transmission issues:
echo 0 > /sys/devices/virtual/net/vmbr1/bridge/multicast_snooping
EOF
cat > /etc/tinc/vpn/tinc-down <<EOF
#!/bin/bash
/sbin/route del -net 224.0.0.0 netmask 240.0.0.0 dev vmbr1
/sbin/brctl delif vmbr1 vpn
/sbin/ifconfig vpn down
echo 0 > /proc/sys/net/ipv4/ip_forward
EOF
chmod +x /etc/tinc/vpn/tinc-up
chmod +x /etc/tinc/vpn/tinc-down
echo "vpn" >> /etc/tinc/nets.boot
service tinc restart
ping -c3 192.168.15.32
cat > /etc/host.conf <<EOF
order hosts, bind
multi on
EOF

# Original:
#123.4.5.6 server1.myprovider.com server1
# Ours:
192.168.15.20 server1.myprovider.com server1
pvecm create <arbitrary-name>
~# pvecm status

Node name: server1
Node ID: 1

Node addresses: 192.168.15.20
cat >> /etc/hosts <<EOF
192.168.15.21 server2.myprovider.com server2
EOF
cat >> /etc/hosts <<EOF
192.168.15.20 server1.myprovider.com server1
EOF
pvecm add server1
pvecm nodes
iptables -A FORWARD -p tcp -i vmbr0 -d 192.168.14.1 — dport 25 -m state — state NEW,ESTABLISHED,RELATED -j ACCEPTiptables -t nat -A PREROUTING -i vmbr0 -p tcp — dport 25 -j DNAT — to-destination 192.168.14.1:25

Myatu’s

Myatu’s Tech Blog, from the site that has been wasting bits…

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch

Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore

Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store