Can you teach me how to download LXC AND KVM ARM and which version to download?

[wartw]

Can you teach me how to download LXC AND KVM ARM and which version to download?
I tried for a long time but couldn't start

[TuxfeatMac]

Maybe following this guide, helps ?

https://forum.proxmox.com/threads/how-to-run-pve-7-on-a-raspberry-pi.95658/

[wartw]

@TuxfeatMac
My problem is that installing KVM and LXC is not installing PVE7 (I have already installed it, but I will not install ARM's LXC or KVM mirror

[TuxfeatMac]

So you are searching for a guide on how to run a LXC Container with Proxmox ? And how to create a Virtual Machine with Proxmox ?

[wartw]

Yes, I need the ARM version of teaching (preferably the complete installation process of KVM

[TuxfeatMac]

LXC images can be downloaded from : https://us.images.linuxcontainers.org/images
I've wrote a littel skript witch grabbs the latest debian arm64 LXC and puts in the right place.
After that you shold be able to create and start a LXC Debian 11 Container

# ! /bin/bash
# Debian 11 / Bullseye Arm 64 - CT
ARCHITEC=arm64
DISTNAME=debian
CODENAME=bullseye
NEWESTBUILD=$(curl https://us.images.linuxcontainers.org/images/$DISTNAME/$CODENAME/$ARCHITEC/default/ | grep '<td>' | tail -n 1 | cut -d '='  -f 5 | cut -d '/' -f 2)
printf "\n DEBIAN 11 \n"
cd /var/lib/vz/template/cache
wget https://us.images.linuxcontainers.org/images/$DISTNAME/$CODENAME/$ARCHITEC/default/$NEWESTBUILD/rootfs.tar.xz -O Debian11$ARCHITEC-std-$NEWESTBUILD.tar.xz
# EOF #

For exaple a KVM Debian 11 images can be optianed from: https://cdimage.debian.org/debian-cd/
Allso a littel script for donloading the ios and putting it in the right place.
create a VM through the gui be sure to re add the cd as scsi device, set the machine type to uefi, adjust the boot oder and use the advanced option host cpu.

# !/bin/bash
# Debian 11 arm64 net iso
cd /var/lib/vz/template/iso
wget https://cdimage.debian.org/debian-cd/current/arm64/iso-cd/debian-11.0.0-arm64-netinst.iso

[ryanc1256]

@TuxfeatMac even using the script you use (above) when starting the LXC container it gets an apparmor error

run_apparmor_parser: 919 Failed to run apparmor_parser on "/var/lib/lxc/133/apparmor/lxc-133_<-var-lib-lxc>": apparmor_parser: Unable to replace "lxc-133_</var/lib/lxc>".  Profile doesn't conform to protocol
apparmor_prepare: 1089 Failed to load generated AppArmor profile
lxc_init: 850 Failed to initialize LSM
__lxc_start: 2007 Failed to initialize container "133"
TASK ERROR: startup for container '133' failed

[kenji21]

@TuxfeatMac even using the script you use (above) when starting the LXC container it gets an apparmor error

run_apparmor_parser: 919 Failed to run apparmor_parser on "/var/lib/lxc/133/apparmor/lxc-133_<-var-lib-lxc>": apparmor_parser: Unable to replace "lxc-133_</var/lib/lxc>".  Profile doesn't conform to protocol
apparmor_prepare: 1089 Failed to load generated AppArmor profile
lxc_init: 850 Failed to initialize LSM
__lxc_start: 2007 Failed to initialize container "133"
TASK ERROR: startup for container '133' failed

facing the same issue, but not on a Pi, but within UTM macOS app, running debian arm 10 (running on m1 macbook air), upgraded to 11, and then installed proxmox-ve on top, downloaded a container template with @TuxfeatMac script
all I found from proxmox forums (x86), is that host is running with an incorrect kernel, maybe I missed some kernel options at startup

[kenji21]

It seems to be an apparmor issue, aa-status from a fresh x86 proxmox show 13 profiles loaded, while :

root@proxmox-arm64:~# aa-status
apparmor module is loaded.
12 profiles are loaded.
12 profiles are in enforce mode.
   /usr/bin/lxc-start
   /usr/bin/man
   /usr/sbin/chronyd
   lsb_release
   lxc-container-default
   lxc-container-default-cgns
   lxc-container-default-with-mounting
   lxc-container-default-with-nesting
   man_filter
   man_groff
   nvidia_modprobe
   nvidia_modprobe//kmod
0 profiles are in complain mode.
2 processes have profiles defined.
2 processes are in enforce mode.
   /usr/sbin/chronyd (614)
   /usr/sbin/chronyd (621)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.

tcpdump profile was missing, and after apt install tcpdump then:

root@proxmox-arm64:~# apt-get install tcpdump
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  tcpdump
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 437 kB of archives.
After this operation, 1,373 kB of additional disk space will be used.
Get:1 http://deb.debian.org/debian bullseye/main arm64 tcpdump arm64 4.99.0-2 [437 kB]
Fetched 437 kB in 0s (1,589 kB/s)
Selecting previously unselected package tcpdump.
(Reading database ... 75263 files and directories currently installed.)
Preparing to unpack .../tcpdump_4.99.0-2_arm64.deb ...
Unpacking tcpdump (4.99.0-2) ...
Setting up tcpdump (4.99.0-2) ...
apparmor_parser: Unable to replace "tcpdump".  Profile doesn't conform to protocol
Processing triggers for man-db (2.9.4-2) ...
root@proxmox-arm64:~#

[kenji21]

Found a "workaround", adding this line (clue found here):

lxc.apparmor.profile: lxc-default-with-nesting

to /etc/pve/lxv/2001.conf make pct start 2001 working 💪

[TuxfeatMac]

@kenji21 thanks for the workaround! Now im able to start lxc containaers on a vanilla debian insalation... however I'm still getting errors in the console. Maybe we can find a permanent fix for that?

[TuxfeatMac]

Using the latest image form,
https://downloads.raspberrypi.org/raspios_arm64/images/raspios_arm64-2021-11-08/2021-10-30-raspios-bullseye-arm64.zip
with the latest autoinstaller from,
https://github.com/TuxfeatMac/pimox7/blob/master/RPiOS64-IA-Install.sh
everyting works fine for me,
https://www.youtube.com/watch?v=LGb7fB1wK4Q