从 PVE 迁移到 incus

2025-01-05

需求

方便开启虚拟机，有一键脚本；
方便桥接网络；
在宿主机可以任意操作；
可以启动容器；

宿主机系统选择

安装比较稳定的 ubuntu 24.04 server

ubuntu server 安装和初始化

关闭 cloud-init 修改网卡配置

1
2
3


sudo vim /etc/cloud/cloud.cfg.d/99-installer.cfg
# 追加一行
network: {config: disabled}

自定义网桥

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24


sudo vim /etc/netplan/50-cloud-init.yaml
network:
  version: 2
  ethernets:
      dhcp4: true
      dhcp6: true
    enp8s0:
      dhcp4: true
      dhcp6: true
  bridges:
    br0:
      addresses:
      - 192.168.2.10/24
      routes:
      - to: default
        via: 192.168.2.1
      nameservers:
        addresses:
        - 192.168.2.1
      dhcp4: true
      dhcp6: true
      interfaces:
      - enp8s0
      - enp9s0

配置 sudo 权限

1
2


echo "jimyag ALL=(ALL) NOPASSWD: NOPASSWD: ALL" |sudo  tee /etc/sudoers.d/jimyag
sudo update-alternatives --config editor

安装 zfs 并且导入存储池

1
2
3


sudo apt install zfsutils-linux tmux
whereis zfs
sudo zpool import -f pool

安装 tailscale

1

curl -fsSL https://tailscale.com/install.sh | sh

安装 docker

1
2


curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh

安装 nginx

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14


sudo apt install curl gnupg2 ca-certificates lsb-release ubuntu-keyring

curl https://nginx.org/keys/nginx_signing.key | gpg --dearmor     | sudo tee /usr/share/keyrings/nginx-archive-keyring.gpg >/dev/null

gpg --dry-run --quiet --no-keyring --import --import-options import-show /usr/share/keyrings/nginx-archive-keyring.gpg

echo "deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \
http://nginx.org/packages/ubuntu `lsb_release -cs` nginx"     | sudo tee /etc/apt/sources.list.d/nginx.list

echo -e "Package: *\nPin: origin nginx.org\nPin: release o=nginx\nPin-Priority: 900\n"     | sudo tee /etc/apt/preferences.d/99nginx

sudo apt update

sudo apt install nginx -y

安装 acme

git clone https://github.com/acmesh-official/acme.sh.git --depth=1
ls
cd acme.sh/
ls
sudo cp ./acme.sh /usr/local/bin/
acme.sh --install -m [email protected]
acme.sh --set-default-ca  --server  letsencrypt
acme.sh --upgrade
echo $?
cd
ls
cd .acme.sh/
ls
vim account.conf
acme.sh --issue --dns dns_cf -d '*.my.example.com'
sudo vim /etc/ssl/openssl.conf
acme.sh --issue --dns dns_cf -d '*.my.example.com'
curl https://acme-v02.api.letsencrypt.org/
curl -v https://acme-v02.api.letsencrypt.org/
curl -v curl https://www.google.com
acme.sh --issue --dns dns_cf -d '*.my.example.com'

安装 incus

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11


sudo apt update
sudo apt install incus qemu-system -y

# 添加用户到 incus
sudo adduser YOUR-USERNAME incus-admin
newgrp incus-admin

# 初始化
incus admin init

# 根据自己的配置选择yes/no

删除 incus 的默认网桥

1
2


sudo ip link delete incusbr0
sudo ip link delete lxcbr0

修改 incus 的网络配置为桥接模式

1
2
3
4
5
6
7
8


incus profile edit default
...
devices:
  br0:
    nictype: bridged
    parent: br0
    type: nic
...

创建虚拟机

1

incus launch images:ubuntu/24.04 test --vm -c limits.cpu=1 -c limits.memory=1GiB

#Pve #Ubuntu #Incus