I saw the news of the release of Proxmox VE 8. It is a big version upgrade and a lot of changes to the system. I have the PVE running in my HomeLab. Today is a great day, Sunday, a Sunny day, I upgrade my installation to Proxmox VE 8.0.3.
Basically, I just follow the instruction from the official Wiki page. It is quite clear and very detailed. My Proxmox VE is 7.4.15 before the upgrade. And it is a non-subscription edition.
Here is a checklist of the very first step.
root@pve:~# pve7to8 = CHECKING VERSION INFORMATION FOR PVE PACKAGES = Checking for package updates.. PASS: all packages up-to-date Checking proxmox-ve package version.. PASS: proxmox-ve package has version >= 7.4-1 Checking running kernel version.. PASS: running kernel '5.15.107-2-pve' is considered suitable for upgrade. = CHECKING CLUSTER HEALTH/SETTINGS = SKIP: standalone node. = CHECKING HYPER-CONVERGED CEPH STATUS = SKIP: no hyper-converged ceph setup detected! = CHECKING CONFIGURED STORAGES = PASS: storage 'local' enabled and active. PASS: storage 'local-lvm' enabled and active. PASS: storage 'nas' enabled and active. INFO: Checking storage content type configuration.. PASS: no storage content problems found PASS: no storage re-uses a directory for multiple content types. = MISCELLANEOUS CHECKS = INFO: Checking common daemon services.. PASS: systemd unit 'pveproxy.service' is in state 'active' PASS: systemd unit 'pvedaemon.service' is in state 'active' PASS: systemd unit 'pvescheduler.service' is in state 'active' PASS: systemd unit 'pvestatd.service' is in state 'active' INFO: Checking for supported & active NTP service.. PASS: Detected active time synchronisation unit 'chrony.service' INFO: Checking for running guests.. PASS: no running guest detected. INFO: Checking if the local node's hostname 'pve' is resolvable.. INFO: Checking if resolved IP is configured on local node.. PASS: Resolved node IP '192.168.100.4' configured and active on single interface. INFO: Check node certificate's RSA key size PASS: Certificate 'pve-root-ca.pem' passed Debian Busters (and newer) security level for TLS connections (4096 >= 2048) PASS: Certificate 'pve-ssl.pem' passed Debian Busters (and newer) security level for TLS connections (2048 >= 2048) INFO: Checking backup retention settings.. PASS: no backup retention problems found. INFO: checking CIFS credential location.. PASS: no CIFS credentials at outdated location found. INFO: Checking permission system changes.. INFO: Checking custom role IDs for clashes with new 'PVE' namespace.. PASS: no custom roles defined, so no clash with 'PVE' role ID namespace enforced in Proxmox VE 8 INFO: Checking if LXCFS is running with FUSE3 library, if already upgraded.. SKIP: not yet upgraded, no need to check the FUSE library version LXCFS uses INFO: Checking node and guest description/note length.. PASS: All node config descriptions fit in the new limit of 64 KiB PASS: All guest config descriptions fit in the new limit of 8 KiB INFO: Checking container configs for deprecated lxc.cgroup entries PASS: No legacy 'lxc.cgroup' keys found. INFO: Checking if the suite for the Debian security repository is correct.. INFO: Checking for existence of NVIDIA vGPU Manager.. PASS: No NVIDIA vGPU Service found. INFO: Checking bootloader configuration... SKIP: not yet upgraded, no need to check the presence of systemd-boot SKIP: NOTE: Expensive checks, like CT cgroupv2 compat, not performed without '--full' parameter = SUMMARY = TOTAL: 29 PASSED: 24 SKIPPED: 5 WARNINGS: 0 FAILURES: 0 root@pve:~#
I made some screenshots and some notes for records.
- Back up all VMs first. All backups should be on the other machine or offline disk.
- Shut down all VMs.
- Add Proxmox VE 8 repositories.
- Did system upgrade
Check the version when completing the upgrade.
root@pve:~# pveversion pve-manager/8.0.3/bbf3993334bfa916 (running kernel: 6.2.16-3-pve) root@pve:~#
The following paragraphs are copied from Proxmox.com.
Further highlights in Proxmox Virtual Environment 8.0
- New Ceph Enterprise repository: Proxmox Virtual Environment fully integrates Ceph Quincy, allowing to run and manage Ceph storage directly from any of the cluster nodes and to easily setup and manage a hyper-converged infrastructure. The Ceph source code is packaged by the Proxmox development team and—after extensive tests—delivered in the stable Enterprise repository. This unifies the delivery of Ceph with other components of Proxmox VE. With version 8.0, all Proxmox customers with an active subscription can now access the stable Ceph Enterprise repository recommended for production environments.
- Authentication realm sync jobs: The synchronization of users and groups for LDAP-based realms (LDAP & Microsoft Active Directory), can now be configured to run automatically at regular intervals. This simplifies management, and removes a source for configuration errors and omissions compared to synchronizing the realm manually.
- Network resources defined for Software-defined Networking (SDN) are now also available as objects in the access control subsystem (ACL) of Proxmox VE. It is possible to grant fine-grained permissions for host network bridges and VNets to specific users and groups.
- Resource mappings: Mappings between resources, such as PCI(e) or USB devices, and nodes in a Proxmox VE cluster, can now be created and managed in the API and the web interface. VM guests can get such an abstract resource assigned, which can be matched with concrete resources on each node. This enables offline migrations for VMs with passed-through devices. The mappings are also represented in the ACL system of Proxmox VE, allowing a user to be granted access to one or more specific devices, without requiring root access. In case a conflicting entry is detected, e.g. due to address changes or overlaps, users are informed on VM start.
- Secure lockout for Two-factor authentication/TOTP: To further improve security, user accounts with too many login attempts – failing the second factor authentication – are locked out. This protects against attacks where the user password is obtained and a brute-force guess is attempted on the second factor. If TFA fails too many times in a row, the user account is locked out for one hour. If TOTP failed too many times in a row, TOTP is disabled for the user account. The user account can be unlocked again with a recovery key, or manually by an administrator.
- Text-based user interface (TUI) for the installer ISO: A text-based user interface has been added and can now be used optionally to gather all required information. This eliminates issues when launching the GTK-based graphical installer that sometimes occur on very new as well as rather old hardware.
- The x86-64-v2-AES model is the new default CPU type for VMs created via the web interface. It provides important extra features over the qemu64/kvm64, and improves performance of many computing operations.