Proxmox + Ubunutu + Docker + HA + PFSense

Hi,

I am currently running HA within a docker environment on a dedicated machine, however as I want to use pfSense, i figure i’ll try and consolidate all of my “servers” onto a single machine.

My intension is to run Proxmox and host PSense and Ubuntu Server for everything else including home-assistant.

I would like to know if anyone has a similar environment to the above and what CPU they are using ?

Ideally I would like to use a CPU that is passively cooled such as the Celerons on some mini-itx motherboards, but not sure if they are capable enough.

Thanks

I attempted it, virtualising HA and PFSense on the one box, but ran into issues accessing HA’s interface. I think that’s a mess up by me though.
HA doesn’t require much CPU as it can run happily on a Raspberry Pi. PFSense also requires very little in regards to CPU and could also run on an ARM system, so these two could very happily run on a passively cooled CPU. HA and PFSense are pretty light on RAM too, 2GiB for each one would be fine for most situations, unless you plan running some of the heavier add-ons.
It really depends what your “everything else” is as to what CPU power you will be needing.

I did actaully manage to get this implemented in the end. My set-up is Proxmox hosting an OPNsense and Ubuntu VM. The latter is running my entire HA stack in docker amogst other things. I went for a passivly cooled Jetway JBC420 with a Celeron N3160 which spends most of it’s time loaded <10% (The intention is for this to host much more in the future).

In hinsight, the only different choice I would have made is to get a CPU with support for PCI-passthu (Intel VT-I) so that I don’t need to bridge the WAN interface in Proxmox - Although it’s trivial to set-up, i’m a bit of a purist and would like to remove any potential latency.

2 Likes

@Dilby I find doing actual PCI Passthrough with PFSense is definitely better than virtual NIC’s, and as the nic is then dedicated just to PFSense security is also increased.
I am in process of redoing a few things in my setup right now as for some weird reason I lose access to the HA VM whenever PFSense is up at the moment. Guessing it is something I did wrong.

Sounds like a networking issue, could be a couple of things:

  1. DHCP from PFsense is “changing” the IP of your HA VM
  2. Assume you’re only passing through the WAN interface as pass-thru. The LAN interface needs to remain as a virtual bridge in Proxmox for other VMs to pick it up

In anycase, you should be able to access the Proxmox webUI to open a terminal for the HA VM and check status of IP addresses etc.

In my set-up:
Proxmox is setup as a static IP 192.168.0.10, so can always be accessed even without DHCP.
Opnsense IP is 192.168.0.1 and is dishing out DHCPs starting from 192.168.0.20.
HA VM is set as a static IP : 192.168.0.2 (thus available even if opnsense is not runing).

I’ll have to play.
My setup has PRoxMox at 192.168.0.10, PFSense at 192.168.0.1 (LAN).
I have a quad NIC, I have tried the LAN being virtualised and also as PCI passthrough for two ports of the NIC. HA has a static IP of 192.168.0.11, which is always pingable.
DHCP starts at 192.168.0.30 to 192.168.0.245.
I’ll just have to play a bit until I work out what is going on. :slight_smile:

Is it not the obvious way to install HA in a container on Proxmox?
At least, that’s what I did…
If not, why? (just recently started with Proxmox & HA)

I have done this kind of setup:

I run Proxmox on Protectli i5 6xNIC box with 8Gb RAM.

On Proxmox there are 2 VMs:

  1. OpnSense VM with passthrough WAN NIC, doing all the routing and firewalling for my house.

  2. Debian VM with

  • Home Assistant in venv
  • lots of docker stuff: Portainer, Unifi controller etc

All works beautifully. I should have done it earlier.

If anyone wants to replicate the kind of setup I could share my setup process.

1 Like

I am planning to run HA on Proxmox, would love to have a how to follow.
Can you please share your setup instructions?

Just have a search :wink:

I have seen that, and am planning to follow it. Have ordered an Optiplex 990 from ebay too.
ATM HA is running on a RPi4, all the rest on a PC on Ubuntu. I was running Kodi/Mythtv on it too.
But nobody in my household is watching live TV anymore and I am planning to move everything to a single machine to reduce power consumption/noise.
Reading @abattio he is running almost similar kind of stuff to me with Docker/Unifi/ha etc.
I was always interested in PFSense and wanted to try, May be this is the time…

Great stuff. Any particular reason why you’re running HA in a venv rather than a docker container ?

That is a really good question. But I have no good answer. I guess I wanted to have full unhindered control when I was learning HA, but this does not apply any more…

HA cannot run in Docker as non-root, so I guess I am sticking with venv for now.

I would love to see your setup. I’m thinking of doing something similar so having a proven case to model would be a great head start.

Can you do private messages here? If so, please send it over that way if you prefer.

Thanks!