Post

Proxmox 101: User Management Basic

Posted
By Febryandana 4 min read

Proxmox Pools

Pool is as group for resources like virtual machines, containers, and datastores. Pools is separated from each other and can have different role and permission to simplify user management. Resources can be in the multiple pool if needed.

Pool is a good way to dividing resources for multiple projects or have different objective.

Create New Pool

  1. From Datacenter menu, Click Permission drop down menu
  2. Then, select Pools submenu
  3. From Pools submenu, click Create to create new pool

Add Virtual Machine To New Pool

  1. From left menu, select pool name
  2. Then select Members submenu and click Add
  3. There will be two options: Add Virtual Machine or Add Storage. Select Add Virtual Machine
  4. Check all virtual machine and/or lxc container we want to add into new pool and click Add

Add Storage To New Pool

  1. From left menu, select pool name
  2. Then select Members submenu and click Add
  3. There will be two options: Add Virtual Machine or Add Storage. Select Add Storage
  4. Check all storage pool we want to add into new pool and click Add

We can change View menu on the left bar to Pool View to have better understanding what pool we are on.

Proxmox Group

Group is a set of designated user in Proxmox VE. Each group can have different role and permission but can also have same user.

Group is a good way to divide many user with different role or objectives.

Create Group

  1. From Datacenter, open Permission drop down menu
  2. Select Group, then click Create

In Groups menu, we can only edit group name and remove group. For adding new member or changing role, we have different menu.

Proxmox User

Proxmox can have multiple users created from many type of authentication. In this guide, we will only cover user management from Proxmox VE server authentication which is the standard and easiest to use because it is built in Proxmox VE.

Create User

  1. From Datacenter, open Permission drop down menu

  2. Select Users, then click Add

  3. Fill in user information and click Add. We can also add user to group (or multiple groups) here.

Manage User

From Users menu, we can edit user, remove them, change their group, reset their password, and showing their granted permission

Proxmox Roles

Proxmox role is a set of privileges for resources inside Proxmox VE server. This privileges can be administrator, allowed to create/delete/edit virtual machine and containers, privileges to manage users, and many more.

Create Role

  1. From Datacenter menu, open Permission drop down menu

  2. Select Roles submenu. Proxmox VE already have many default roles that we can use

  3. If we want to create a new role, click Create and fill in role information

  4. Select one of the role and click Edit if we need to change their privileges

Proxmox Permission

In this menu, we can set permission for each user, group, and pool. Each of them can have different permission and different roles.

Permission for Group

  1. From permission menu, click Add and select Group Permission

  2. Give information about where this permission will applied, for which group, and what role do this permission have. Then click Add

When we login as user-two that is part of groupB, we can only access resources in pool2:

Permission for User

What differ group and user permission is just for who these permission applied. Group permission automatically apply the same permission to all it’s member while user permission only applied in that user only.

For example, here we created a User Permission for admin-pve as Administrator. When we use admin-pve account, they will have access to everything just like root account:

The different is that user cannot use Proxmox host shell because admin-pve is user created from Proxmox VE server authentication and doesn’t have access into host machine just like root. This is applied to all user created by Proxmox VE server authentication.

Pool Permission

We can also set permission directly inside pool. By default, pool will inherit permission created from Datacenter menu, but they can also add other permission just for that pool. Role created in pool will also appear in the Datacenter Permission menu

For example, here we have new user guest-one that can access pool1 with PVEVMUser role:

If we login as guest-one, we can see that we can only access resources in pool1:

Final Words

Proxmox User Management features is a bit tricky not super powerfull. But it is enough for everyday use in a small deployment. In the next article, we will cover a study case about using Proxmox VE server on school IT lab. Stay tuned.

References

Guides, Proxmox
cloud proxmox server virtualization
This post is licensed under CC BY 4.0 by the author.

Comments powered by Disqus.