Well, all the other common ports show as closed, so I think I am OK? 
yep looks good then.
Now for bonus points, go configure Terraform and also create some nice new templates for your major OSās you plan to use 
To give you a helping hand (start) if your going to go down this route (highly suggest then your config as code). Heres the two major providers which are for Proxmox (you only need one of them)
I would suggest using the first one, their actual code is better IMHO. While the second one is linked from the official TF docs, its actually quite poor IMO but does work though.
Only gotya is that there is a bug with novnc and TF which happens with either of these modules but thats been fixed today (yipiee).
Bug is here if your interested:
https://bugzilla.proxmox.com/show_bug.cgi?id=2787
I was waiting for this to be fixed so I can finish my TF stuff hehe.
1 Like
Looks fine 
For VM templates, I suggest you look at virt-customize which is part of Libguestfs. Use the cloud templates and modify them to your use.
Ubuntu 18.04 LTS
https://cloud-images.ubuntu.com/minimal/releases/bionic/release/ubuntu-18.04-minimal-cloudimg-amd64.img
Ubuntu 20.04 LTS
https://cloud-images.ubuntu.com/minimal/releases/focal/release/ubuntu-20.04-minimal-cloudimg-amd64.img
These already have cloud-init configured.
You will need to bake/add at least qemu-guest-agent into each image so that proxmox can properly control and send feedback to proxmox.
1 Like
Whatās the best way to handle handing out IPv6 addresses to the VMās?
I wodulnāt necessary say there is a ābestā way to. First you defently need good IPAM software anyways, its a good habbit to get into. Next you can use DHCPv6/RADVD to give them out which a lot of people do, or you can create your own system to do it.
Way I do it for static IPV6 addresses is by converting the IPv4 address into IPv6 which I then use as the host part followed by how ever many IPās I need on that machine by incrementing/adding number on the end. For me it makes things easier as from the v6 address I already know what the IPv4 equilivent is.
Anyways, most people have their own system, this is just the way I staticly assign v6. Your miliage may vary and it will depend on who you ask.
1 Like
Can you explain this more?
I can but will take a while to explain and iām a bit busy this weekend. Will be in touch soon.
No Problem! Thanks!
Maybe this week?
I didnāt read the whole thread but if youāve got a /64 youāve got enough space to easily just transcode the base10 ipv4 into your range with space at the end. Iām guessing he means converting like so: 192.168.1.1 ā 1921:6800:1001:XXXX . Even with the wasted space with the base10 to base16 conversion you still have 65535 addresses to give out. Just a guess though.
1 Like
Baciailly convert the IPv4 to IPv6.
https://www.vultr.com/resources/ipv4-converter/?ip_address=192.168.27.1
Imagine this IPv4 address is my public address, stick it in the converter and it will give you the IPv6 equilivent. So in this case its c0a8:1b01. Take that then on the end of your /64 (assuming you only got a /64) you then add ::c0a8:1b01:1, ::c0a8:1b01:2 etc.
So example would be:
IPv6 Block assigned by ISP: fde2:8bf2:99fc:9368::/64
IPv4 assigned by ISP for machine: 192.168.27.1
Your machineās first interface then becomes: fde2:8bf2:99fc:9368::c0a8:1b01:1
:: get replaced with zeros.
There are may ways to assign but this is the way ive been doing it for many years now and works well for me.
Sorry for the delay, been really busy at work amonst other things but hope this gives you a small insight. Please note the examples posted above are private range examples but works also on public.
Hopefully you find this helpful or at least give you some additional ideas.
1 Like
( chuckle ) My first thought was to convert to hex but then you said " I already know what the IPv4 equivalent is." No normal human does hex conversions like that in their head.
1 Like
How are you liking TF? I am diving in tonight
Loving it converted most of my stuff now over to it. Still a lot more I can do with it and Iāve only touched the surface. Next mission is to tie Hashicorp Vault to it so can store secrets better. Then Ile prob somehow see if can prep the machines for ansible so save a little work.
Itās well worth taking the time to learn imho.