virtualisation:proxmox_ve:vms_cts:vm_best_practices_modern_setup
Table of Contents
VM Best Practices in Proxmox VE
Recommended settings for creating new VMs on Proxmox VE 9.x with modern guest operating systems.
Machine & BIOS
| Setting | Value |
|---|---|
| Machine Type | q35 |
| BIOS | OVMF (UEFI) |
q35is the modern chipset model, enabling PCIe devices, Secure Boot and better hardware emulationOVMFreplaces the legacy SeaBIOS- Important: Set the BIOS type before installation — changing it afterwards will make the VM unbootable
- Confirm the auto-created EFI disk when prompted
Disk
| Setting | Value | Notes |
|---|---|---|
| Bus/Device | SCSI | |
| Controller | VirtIO SCSI single | Required for IO Thread support |
| Discard | ✅ enabled | Enables TRIM/UNMAP — allows thin-provisioned storage (ZFS, LVM-thin, Ceph) to actually reclaim free space |
| SSD Emulation | ✅ enabled | Signals to the guest OS that the device behaves like an SSD; especially useful for Windows guests |
| IO Thread | ✅ enabled | Better I/O performance |
| Cache | Default (no cache) | Safe default. Write back gives more performance but risks data loss on power failure |
| Skip Replication | ❌ disabled | Leave off — only relevant for ZFS-based Proxmox replication jobs, meaningless on Ceph |
Async IO (for Ceph/RBD)
| Mode | Description | Recommendation |
|---|---|---|
threads | Legacy thread pool, synchronous syscalls | ❌ Outdated, worst performance |
io_uring | Modern Linux interface, PVE default | ✅ Good for ZFS, NFS, thin-LVM |
native | Linux AIO (posix_aio), O_DIRECT | ✅ Best choice for Ceph/RBD, iSCSI, NVMe |
aio=native requires disk cache to be set to Default (no cache).
This is already the standard for Ceph, so no extra steps needed.
Network
| Setting | Value |
|---|---|
| Model | VirtIO (paravirtualized) |
VirtIO delivers the highest network performance of all available models.
CPU
| CPU Type | Compatibility | Additional Flags |
|---|---|---|
x86-64-v2-AES | Intel ≥ Westmere, AMD ≥ Opteron_G4 (~2010) | +aes |
x86-64-v3 | Intel ≥ Haswell, AMD ≥ EPYC (~2015) | +avx, +avx2, +bmi1, +bmi2, +fma, +xsave |
host | Identical hardware only | All host CPU features |
x86-64-v2-AESis the Proxmox default — safest for mixed clusters with different CPU generationsx86-64-v3is recommended if all hosts support it (most CPUs ≥ 2015 do) — notable gains in compression, cryptography and modern workloads via AVX2hostgives maximum performance but prevents live migration between different CPU models
Recommendation:
- Homogeneous cluster or single node →
x86-64-v3orhost - Mixed cluster with different CPU generations →
x86-64-v2-AES
Memory
| Setting | Value |
|---|---|
| Allow KSM | ✅ enabled (default) |
KSM (Kernel Samepage Merging) allows the host kernel to deduplicate identical memory pages across VMs, saving RAM when running multiple similar guests.
- Safe to leave enabled on self-managed clusters where you control all VMs
- Disable for individual sensitive VMs if needed:
qm set <vmid> –allow-ksm 0 - Only disable globally on hosting environments with untrusted tenant VMs (side-channel risk)
Quick Reference
| Component | Setting |
|---|---|
| Machine | q35 |
| BIOS | OVMF (UEFI) |
| SCSI Controller | VirtIO SCSI single |
| Discard | ✅ |
| SSD Emulation | ✅ |
| IO Thread | ✅ |
| Cache | Default (no cache) |
| Async IO (Ceph) | native |
| Skip Replication | ❌ |
| Network | VirtIO |
| CPU Type | x86-64-v3 (homogeneous) / x86-64-v2-AES (mixed) |
| Allow KSM | ✅ |
See also
virtualisation/proxmox_ve/vms_cts/vm_best_practices_modern_setup.txt · Last modified: by thum