github/ProxLB
1
1
Fork 0
mirror of https://github.com/gyptazy/ProxLB.git synced 2026-04-06 04:41:58 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #70 from gyptazy/docs/adjust-docs-section-user-adding

Browse Source 
docs: Improve the documentation.
This commit is contained in:
Florian
2024-08-31 14:19:04 +02:00
committed by GitHub
parent 7ddb7ca205 5c96fc49eb
commit 31572830e7
4 changed files with 29 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.changelogs/1.0.3/docs_fix_default_config_add_dedicated_user_howto.yml Normal file
View File

@@ -0,0 +1,4 @@
fixed:
- Fix bug in the `proxlb.conf` in the vm_balancing section.
added:
- Add doc how to add dedicated user for authentication. (by @Dulux-Oz)

13
README.md
View File

@@ -169,6 +169,19 @@ daemon: 1
config_version: 3
```
#### Notes
* If running ProxLB on more than one Proxmox node you can set `api_host` to a comma-separated list of each node's IP address or hostname. (Example: `api_host: node01.gyptazy.ch,node02.gyptazy.ch,node03.gyptazy.ch`)
* The `verify_ssl` parameter can switch between the mode to verificate trusted remote certificates. Keep in mind, that even local ones are **not** trusted by default and need to be imported to the truststore.
* Even when using only the `vm_balancing` mode, ensure to have the other sections listed in your config:
```
[storage_balancing]
enable: 0
[update_service]
enable: 0
[api]
enable: 0
```
### Parameters
The following options and parameters are currently supported:

11
docs/02_Configuration.md
View File

@@ -29,6 +29,17 @@ Afterwards, restart the service (if running in daemon mode) to activate this reb
### Authentication
ProxLB also supports different accounts in ProxLB. Therefore, you can simply create a new user and group and add the required roles permissions.
### Creating Dedicated User for Balanciung
It is recommended to not use the `root@pam` user for balancing. Therefore, creating a new user might be suitable and is very easy to create.
A new user can be created by the gui, api and cli. The required roles are stated in the next chapter, but you can also use the following lines
to create a user on the cli with the required roles to balance VMs & CTs.
```
pveum role add ProxLBAdmin --privs Datastore.Audit,Sys.Audit,VM.Audit,VM.Migrate
pveum user add proxlb_admin@pve --password <password>
pveum acl modify / --roles ProxLBAdmin --users proxlb_admin@pve
```
### Required Roles
When using ProxLB with a dedicated account, you might also keep the assigned roles low. Therefore, you need to ensure that the newly created user is at least assigned to the following roles:
* Datastore.Audit (Required for storage evaluation)

2
proxlb.conf
View File

@@ -3,7 +3,7 @@ api_host: hypervisor01.gyptazy.ch
api_user: root@pam
api_pass: FooBar
verify_ssl: 1
[balancing]
[vm_balancing]
enable: 1
method: memory
mode: used