PVE一键优化脚本

https://github.com/ivanhao/pvetools

PVE 7.X 换源

# 注释企业源
rm -rf /etc/apt/sources.list.d/pve-install-repo.list

echo "#deb https://enterprise.proxmox.com/debian/pve Bullseye pve-enterprise" > /etc/apt/sources.list.d/pve-enterprise.list

# PVE 软件源更换
wget https://mirrors.ustc.edu.cn/proxmox/debian/proxmox-release-bullseye.gpg -O /etc/apt/trusted.gpg.d/proxmox-release-bullseye.gpg

echo "deb https://mirrors.ustc.edu.cn/proxmox/debian/pve bullseye pve-no-subscription" > /etc/apt/sources.list.d/pve-no-subscription.list

echo "deb https://mirrors.ustc.edu.cn/proxmox/debian/ceph-pacific bullseye main" > /etc/apt/sources.list.d/ceph.list

sed -i.bak "s#http://download.proxmox.com/debian#https://mirrors.ustc.edu.cn/proxmox/debian#g" /usr/share/perl5/PVE/CLI/pveceph.pm

sed -i.bak "s#ftp.debian.org/debian#mirrors.aliyun.com/debian#g" /etc/apt/sources.list

echo "deb http://download.proxmox.com/debian/pve bullseye pve-no-subscription" >>  /etc/apt/sources.list

nano /etc/apt/sources.list
# 中科大源
deb https://mirrors.ustc.edu.cn/debian/ bullseye main non-free contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bullseye main non-free contrib
deb https://mirrors.ustc.edu.cn/debian-security/ bullseye-security main
deb-src https://mirrors.ustc.edu.cn/debian-security/ bullseye-security main
deb https://mirrors.ustc.edu.cn/debian/ bullseye-updates main non-free contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bullseye-updates main non-free contrib
deb https://mirrors.ustc.edu.cn/debian/ bullseye-backports main non-free contrib
deb-src https://mirrors.ustc.edu.cn/debian/ bullseye-backports main non-free contrib

ctrl+x,y,回车保存退出

# LXC更换国内源

cp /usr/share/perl5/PVE/APLInfo.pm /usr/share/perl5/PVE/APLInfo.pm_back

sed -i 's|http://download.proxmox.com|https://mirrors.tuna.tsinghua.edu.cn/proxmox|g' /usr/share/perl5/PVE/APLInfo.pm

systemctl restart pvedaemon.service

# 更新测试一下
apt update
# 更新升级
apt update && apt dist-upgrade
# 内核地址
http://download.proxmox.com/debian/pve/dists/bullseye/pvetest/binary-amd64/pve-kernel-6.2.9-1-pve_6.2.9-1_amd64.deb
# 更新内核
apt install pve-kernel-6.2.9-1-pve
# 更新cpu微码
apt install iucode-tool
# 微码地址
https://mirrors.tuna.tsinghua.edu.cn/deepin/pool/non-free/i/intel-microcode/
dpkg -i xx.deb

修改 CT (LXC 容器) 源

# 备份 APLInfo.pm 文件
cp /usr/share/perl5/PVE/APLInfo.pm /usr/share/perl5/PVE/APLInfo.pm_back

# 使用清华源替换官方源
sed -i 's|http://download.proxmox.com|https://mirrors.tuna.tsinghua.edu.cn/proxmox|g' /usr/share/perl5/PVE/APLInfo.pm

# 重启 PVE 服务
systemctl restart pveproxy.service

删除订阅弹窗

# 修改 JS 源码
sed -Ezi.bak "s/(Ext.Msg.show\(\{\s+title: gettext\('No valid sub)/void\(\{ \/\/\1/g" /usr/share/javascript/proxmox-widget-toolkit/proxmoxlib.js

# 重启 PVE 服务
systemctl restart pveproxy

PVE 插件安装

#CPU主板等温度
apt install lm-sensors -y
sensors-detect --auto

#设备信息
apt install glances
#开启web服务
glances -w
#修复WEB服务
wget https://github.com/nicolargo/glances/archive/refs/tags/v3.2.7.tar.gz
tar -xzf v3.2.7.tar.gz
sudo cp -r glances-3.2.7/glances/outputs/static/public/ /usr/lib/python3/dist-packages/glances/outputs/static/

docker run -d --restart="always" -p 61208-61209:61208-61209 -e GLANCES_OPT="-w" -v /var/run/docker.sock:/var/run/docker.sock:ro --pid host --net=host --name glances nicolargo/glances:latest

#硬盘温度
apt install hddtemp -y
#查看硬盘温度
hddtemp /dev/sd?
#因为我们后面需要放到 Web 界面显示,所以需要改这个软件 Web 端的权限:
chmod +s /usr/sbin/hddtemp
#在Glances中显示硬盘温度
systemctl enable hddtemp
systemctl status hddtemp
#开启功能
/etc/default/hddtemp
编辑该文件并将 RUN_DAEMON 更改为 true
然后修复sudo systemctl restart hddtemp

#硬盘smart
apt-get install smartmontools
smartctl -s on -a /dev/sda
smartctl -A /dev/sda

#Docker安装
apt install docker.io -y
systemctl enable docker

#MQTT
apt-get install -y mosquitto-clients
#MQTT定时配置
*/3 * * * * mosquitto_pub -h ip -u 用户名-P 密码 -t wky/temp -m `sensors | grep -E 'temp1' | cut -c16-19`

编辑后端服务文件

vim /usr/share/perl5/PVE/API2/Nodes.pm
#搜索 pveversion 位置,加入下面 3 行代码:
PVE::pvecfg::version_text();
$res->{cpusensors} = `lscpu | grep MHz`;# 添加此行以获取 CPU 频率
$res->{cpu_temperatures} = `sensors`;  # 添加此行以获取 CPU 与主板温度
$res->{hdd_temperatures} = `hddtemp /dev/sd?`;  # 添加此行以获取硬盘温度

编辑前端 JS 文件

vim /usr/share/pve-manager/js/pvemanagerlib.js
#搜索到 widget.pveNodeStatus 位置,修改 height: 300,每多一个硬盘,那么这个数据得增加 20,大家这里可以一个个尝试,我暂定修改为:460
#继续搜索 pveversion ,添加 2 个 item,根据自己上面显示的 CPU 核心数自行修改,我的是 8 核心,改成如下:
{
    itemId: 'MHz',
    colspan: 2,
    printBar: false,
    title: gettext('CPU频率'),
    textField: 'cpusensors',
    renderer:function(value){
        const f0 = value.match(/CPU MHz.*?([\d]+)/)[1];
        const f1 = value.match(/CPU min MHz.*?([\d]+)/)[1];
        const f2 = value.match(/CPU max MHz.*?([\d]+)/)[1];
        return `CPU实时: ${f0} MHz | 最小: ${f1} MHz | 最大: ${f2} MHz `
    }
},
{
    itemId: 'cpu_temperatures',
    colspan: 2,
    printBar: false,
    title: gettext('CPU温度'),
    textField: 'cpu_temperatures',
    renderer:function(value){
        const cpu = value.match(/Package id 0.*?\+([\d\.]+)Â/)[1];
        const c0 = value.match(/Core 0.*?\+([\d\.]+)Â/)[1];
        const c1 = value.match(/Core 1.*?\+([\d\.]+)Â/)[1];
        const c2 = value.match(/Core 2.*?\+([\d\.]+)Â/)[1];
        const c3 = value.match(/Core 3.*?\+([\d\.]+)Â/)[1];
        return `CPU:${cpu} °C (核心 0: ${c0} °C , 核心 1: ${c1} °C , 核心 2: ${c2} °C , 核心 3: ${c3} °C)`
    }
},
{
    itemId: 'hdd_temperatures',
    colspan: 2,
    printBar: false,
    title: gettext('硬盘温度'),
    textField: 'hdd_temperatures',
    renderer: function(value) {
        value = value.replaceAll('Â', '',);
        return value.replaceAll('\n', '<br>');
    }
}

重启面板服务

systemctl restart pveproxy

定时任务

/var/spool/cron/crontabs/root
crontab -e
CTRL+O 保存 CTRL+X 退出
重启
/etc/rc.d/cron restart

PCIE设备名称更新

update-pciids
pve无网络
rm /usr/share/misc/pci.ids 
wget -P /usr/share/misc/ http://pci-ids.ucw.cz/v2.2/pci.ids

开启 IOMMU 直通

#黑苹果
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream,multifunction nofb textonly nomodeset video=efifb:off"
#混杂
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt pcie_acs_override=downstream video=efifb:off"
#正常
GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on"
#更新生效
update-grub
reboot

添加 VFIO 模块

echo "vfio" >> /etc/modules
echo "vfio_iommu_type1" >> /etc/modules
echo "vfio_pci" >> /etc/modules
echo "vfio_virqfd" >> /etc/modules
update-initramfs -u -k all
reboot

硬盘的直通

ls /dev/disk/by-id
qm set 107 -sata1 /dev/disk/by-id/ata-TOSHIBA_MG06ACA10TE_6970A01YFKQE

在Proxmox VE中实现网卡名和MAC地址绑定

touch /etc/systemd/network/10-persistent-net.link

[Match]
MACAddress=30:5a:3a:06:ec:6d

[Link]
Name=enp9s0

/etc/init.d/udev force-reload

修改启动配置
/etc/network/interfaces

iface enp9s0 inet manual

auto vmbr0
iface vmbr0 inet static
    address 10.10.10.254/24
    gateway 10.10.10.253
    bridge-ports enp9s0
    bridge-stp off
    bridge-fd 0

多个网卡绑定
11-persistent-net.link

virtIO镜像

https://github.com/virtio-win/virtio-win-pkg-scripts

安装iperf

apt-get install iperf3 -y
#启动服务端
iperf3 -s

无法关闭虚拟机

rm /var/lock/qemu-server/lock-102.conf #102是你的虚拟机编号
qm stop 102

openwrt

#下载
https://blog.wxhbts.pro/usr/uploads/2023/04/1350062531.zip
chmod 777 ./img2kvm
./img2kvm istoreos-21.02.3-2023040712-x86-64-squashfs-combined.img.gz 107

用mkcert工具自签基于内网IP的证书

https://github.com/FiloSottile/mkcert
mkcert.exe -install 192.168.1.1
打开PVE后台,按如下步骤上传证书,选择从文件上传证书,将xxxxx.key.pem文件上传到第一个私钥栏,将xxxxx.pem文件上传到凭证链栏
#获取根证书
mkcert -CAROOT

PVE嵌套虚拟化

cat /sys/module/kvm_intel/parameters/nested
N 未开启 Y 开启
modprobe -r kvm_intel
modprobe kvm_intel nested=1
#重启生效
echo "options kvm_intel nested=1" >> /etc/modprobe.d/modprobe.conf
#群辉配置
vi /etc/pve/nodes/pve/qemu-server/100.conf 
#添加
args: -cpu 'kvm64,enforce,+kvm_pv_eoi,+vmx,+kvm_pv_unhalt,+lahf_lm,+sep'

AMD显卡直通

GRUB_CMDLINE_LINUX_DEFAULT="quiet intel_iommu=on iommu=pt"
update-grub
防止虚拟机崩溃影响宿主机的参数:
echo "options vfio_iommu_type1 allow_unsafe_interrupts=1" > /etc/modprobe.d/iommu_unsafe_interrupts.conf
echo "options kvm ignore_msrs=1 report_ignored_msrs=0" > /etc/modprobe.d/kvm.conf
屏蔽显卡驱动:
echo "blacklist radeon" >> /etc/modprobe.d/pve-blacklist.conf
echo "blacklist amdgpu" >> /etc/modprobe.d/pve-blacklist.conf
echo "blacklist nouveau" >> /etc/modprobe.d/pve-blacklist.conf
echo "blacklist nvidia" >> /etc/modprobe.d/pve-blacklist.conf
echo "blacklist nvidiafb" >> /etc/modprobe.d/pve-blacklist.conf
安装编译vendor-reset驱动需要的依赖(在网卡部分安装过则可以跳过)

apt install pve-headers-$(uname -r)
apt install git dkms build-essential

下载vender-reset驱动并编译
git clone https://github.com/gnif/vendor-reset.git
cd vendor-reset
dkms install .

#将驱动添加到modules管理中
echo "vendor-reset" >> /etc/modules
update-initramfs -u

#重启后运行
dmesg | grep vendor
#如果有输出,则表示安装成功
[    8.851280] vendor_reset_hook: installed
#关闭日志功能
systemctl mask systemd-journald
systemctl restart systemd-journald.service
#系统自带日志
vim /etc/rsyslog.conf
service syslog restart

磁盘清理

du -ah --max-depth=1
find . -type f -size +100M -print0 | xargs -0 du -h
sudo lsof |grep delete
结束进程

SSD硬盘缓存加速

apt install fio

顺序读
fio ./test -direct=1 -rw=read -iodepth=1 -ioengine=psync -bs=4M -size=2G -numjobs=1 -runtime=10 -group_reporting -name=name

顺序写
fio ./test -direct=1 -rw=write -iodepth=1 -ioengine=psync -bs=4M -size=2G -numjobs=1 -runtime=10 -group_reporting -name=name

apt install bcache-tools
机械
make-bcache -B /dev/sdd
固态
make-bcache -C /dev/sdg

echo 0 > /sys/fs/bcache/f21736ce-5e86-4c61-88b8-569a43b38b76/congested_read_threshold_us

echo 0 > /sys/fs/bcache/f21736ce-5e86-4c61-88b8-569a43b38b76/congested_write_threshold_us

echo f21736ce-5e86-4c61-88b8-569a43b38b76 > /sys/block/bcache0/bcache/attach

echo writeback > /sys/block/bcache0/bcache/cache_mode

echo 0 > /sys/block/bcache0/bcache/sequential_cutoff

mkfs.ext4 /dev/bcache0

mount /dev/bcache0 /mnt/pve/HDD3T/

mount /dev/bcache1 /mnt/pve/HDD4T/

umount /mnt/pve/apple

查看信息
ls /sys/fs/bcache/
bcache-super-show -f /dev/sdr

删除
echo 1 >/sys/fs/bcache/<UUID>/unregister

echo 1 >/sys/block/bcache2/bcache/stop

wipefs -a /dev/sdc

查看UUID挂载磁盘
lsblk -lf

/etc/fstab

UUID=18d5fb9b-e480-4bde-83a0-191abc475158 /mnt/pve/HDD2T/ ext4 nofail,x-systemd.device-timeout=15s 0 0
UUID=bbc03a76-9bd0-41f4-81de-1a3aa77339dc /mnt/pve/HDD3T/ ext4 nofail,x-systemd.device-timeout=15s 0 0
UUID=ac4461cb-9af7-4658-9c8c-56fb4e55255e /mnt/pve/HDD4T/ ext4 nofail,x-systemd.device-timeout=15s 0 0

Last modification:September 3, 2023
如果觉得我的文章对你有用,请随意赞赏