Home

Proxmox VE Reference Guide

Enterprise virtualization platform

Proxmox VE Architecture

Proxmox VE is built on Debian Linux and integrates multiple open-source technologies into a unified virtualization platform. The architecture is designed for simplicity, performance, and scalability from single-server deployments to large clusters.

System Architecture

Proxmox VE Component Stack

Web Management Interface (Port 8006) HTML5 GUI, VNC/SPICE Console, Mobile-friendly REST API (JSON) Authentication, CLI tools, Automation, Third-party integrations Cluster Services • Corosync (Cluster Engine) • pmxcfs (Config Filesystem) • HA Manager • Fencing/Watchdog Management Services • pvedaemon (API server) • pveproxy (Web proxy) • pvestatd (Monitoring) • pvescheduler (Tasks) QEMU/KVM Full virtualization Hardware emulation Windows, Linux, *BSD qm commands LXC Container virtualization OS-level isolation Linux only pct commands Storage Backends Local: ZFS, LVM, Directory Network: NFS, iSCSI, GlusterFS Distributed: Ceph RBD/CephFS Cloud: Azure, AWS S3 Debian Linux Kernel (Modified for Proxmox)

Storage Architecture

Storage Stack & Options

KVM Virtual Machines LXC Containers Storage Backend Types ZFS • Snapshots • Compression • Replication • Data integrity Best choice LVM • Thin provision • Snapshots • Simple setup • Wide support Traditional Directory • File-based • No special setup • Easy backup • qcow2 format Quick start Ceph • Distributed • Redundant • Scalable • Self-healing Enterprise Network Storage NFS Network File System Easy to setup Shared storage iSCSI Block-level SAN compatible High performance GlusterFS Distributed FS Scalable Redundant CephFS Ceph filesystem POSIX compliant Shared data

Core Components

1. Web Interface (pveproxy)

The Proxmox web GUI is a single-page application that provides complete management capabilities through a browser. Accessible at https://hostname:8006.

2. REST API (pvedaemon)

Everything in Proxmox can be controlled via the REST API, enabling automation and integration.

3. Cluster Stack (Corosync + pmxcfs)

Proxmox uses Corosync for cluster membership and pmxcfs for replicated configuration storage.

4. QEMU/KVM Integration

Proxmox uses QEMU with KVM acceleration for virtual machines, providing near-native performance.

5. LXC Integration

Linux Containers provide lightweight virtualization with minimal overhead.

Networking Architecture

Component Function Use Case
Linux Bridge Layer 2 network switch Standard VM/CT networking
Open vSwitch (OVS) Advanced virtual switch SDN, VXLAN, complex networking
Bonds NIC aggregation Redundancy, bandwidth aggregation
VLANs Network segmentation Isolate traffic, multi-tenancy
Firewall Packet filtering Security, per-VM rules

Security Model

Multi-Layer Security

  • Web Interface: HTTPS only, certificate authentication, role-based access control (RBAC)
  • API Access: Token-based authentication, permission system, audit logging
  • VM Isolation: Hardware-assisted virtualization, separate kernel, full isolation
  • Container Security: AppArmor profiles, seccomp filters, unprivileged containers
  • Network Security: Per-VM firewalls, security groups, VLAN isolation
  • Storage: Encrypted volumes (LUKS), access controls, quota enforcement

Backup Architecture

Integrated Backup Solution

Proxmox Backup Server (PBS) provides enterprise-grade backup capabilities with deduplication and encryption.

  • Snapshot-based: Consistent backups of running VMs/containers
  • Compression: LZ4, ZSTD algorithms for efficient storage
  • Deduplication: Block-level dedup saves storage space
  • Encryption: End-to-end encryption for sensitive data
  • Scheduling: Automated backup jobs with flexible timing
  • Verification: Automatic backup verification
  • Retention: Configurable retention policies

Understanding Proxmox VE's architecture helps in planning deployments, optimizing performance, and troubleshooting issues. The modular design allows you to choose components that fit your specific requirements.

Virtualization Platforms