virtualisation:proxmox_ve:vms_cts:vm_best_practices_modern_setup
This is an old revision of the document!
Table of Contents
VM Best Practices in Proxmox VE
Recommended settings for creating new VMs on Proxmox VE 9.x with modern guest operating systems.
Machine & BIOS
| Setting | Value |
|---|---|
| Machine Type | q35 |
| BIOS | OVMF (UEFI) |
q35is the modern chipset model, enabling PCIe devices, Secure Boot and better hardware emulationOVMFreplaces the legacy SeaBIOS- Important: Set the BIOS type before installation — changing it afterwards will make the VM unbootable
- Confirm the auto-created EFI disk when prompted
Disk
| Setting | Value | Notes |
|---|---|---|
| Bus/Device | SCSI | |
| Controller | VirtIO SCSI single | Required for IO Thread support |
| Discard | ✅ enabled | Enables TRIM/UNMAP — allows thin-provisioned storage (ZFS, LVM-thin, Ceph) to actually reclaim free space |
| SSD Emulation | ✅ enabled | Signals to the guest OS that the device behaves like an SSD; especially useful for Windows guests |
| IO Thread | ✅ enabled | Better I/O performance |
| Cache | Default (no cache) | Safe default. Write back gives more performance but risks data loss on power failure |
| Skip Replication | ❌ disabled | Leave off — only relevant for ZFS-based Proxmox replication jobs, meaningless on Ceph |
Async IO (for Ceph/RBD)
| Mode | Description | Recommendation |
|---|---|---|
threads | Legacy thread pool, synchronous syscalls | ❌ Outdated, worst performance |
io_uring | Modern Linux interface, PVE default | ✅ Good for ZFS, NFS, thin-LVM |
native | Linux AIO (posix_aio), O_DIRECT | ✅ Best choice for Ceph/RBD, iSCSI, NVMe |
aio=native requires disk cache to be set to Default (no cache).
This is already the standard for Ceph, so no extra steps needed.
Network
| Setting | Value |
|---|---|
| Model | VirtIO (paravirtualized) |
VirtIO delivers the highest network performance of all available models.
CPU
| CPU Type | Compatibility | Additional Flags |
|---|---|---|
x86-64-v2-AES | Intel ≥ Westmere, AMD ≥ Opteron_G4 (~2010) | +aes |
x86-64-v3 | Intel ≥ Haswell, AMD ≥ EPYC (~2015) | +avx, +avx2, +bmi1, +bmi2, +fma, +xsave |
host | Identical hardware only | All host CPU features |
x86-64-v2-AESis the Proxmox default — safest for mixed clusters with different CPU generationsx86-64-v3is recommended if all hosts support it (most CPUs ≥ 2015 do) — notable gains in compression, cryptography and modern workloads via AVX2hostgives maximum performance but prevents live migration between different CPU models
Recommendation:
- Homogeneous cluster or single node →
x86-64-v3orhost - Mixed cluster with different CPU generations →
x86-64-v2-AES
Memory
| Setting | Value |
|---|---|
| Allow KSM | ✅ enabled (default) |
KSM (Kernel Samepage Merging) allows the host kernel to deduplicate identical memory pages across VMs, saving RAM when running multiple similar guests.
- Safe to leave enabled on self-managed clusters where you control all VMs
- Disable for individual sensitive VMs if needed:
qm set <vmid> –allow-ksm 0 - Only disable globally on hosting environments with untrusted tenant VMs (side-channel risk)
Quick Reference
| Component | Setting |
|---|---|
| Machine | q35 |
| BIOS | OVMF (UEFI) |
| SCSI Controller | VirtIO SCSI single |
| Discard | ✅ |
| SSD Emulation | ✅ |
| IO Thread | ✅ |
| Cache | Default (no cache) |
| Async IO (Ceph) | native |
| Skip Replication | ❌ |
| Network | VirtIO |
| CPU Type | x86-64-v3 (homogeneous) / x86-64-v2-AES (mixed) |
| Allow KSM | ✅ |
See also
virtualisation/proxmox_ve/vms_cts/vm_best_practices_modern_setup.1775948765.txt.gz · Last modified: by thum