Proxmox Upgrade From 8 To 9
Initial Requirements
In order to upgrade from Proxmox 8 to 9, we need to ensure that a few minimal requirements are met to ensure that both the upgrade goes well and that guests do not experience incompatibilities afterwards.
First, ensure that all members of the cluster are on the latest version of Proxmox 8 and Debian 12. This can be done by executing apt update and then apt dist-upgrade. If CEPH is installed, it must also be on the latest version of 19.2. If CEPH is running 18, upgrade it beforehand. The upgrade will take at least 5GB storage on the root installation drive for each node, but it's preferable to have at least 10GB free.
Start by executing the bundled pve8to9 command and checking its output. "Warnings" are details that may lead to incompatibilities or inconsistencies upon rebooting the host or that may disrupt service of hosts during the upgrade. The most important thing is to move running VMs off of the node being upgraded via either manual migration or HA, or to power them off if they're not critical.
QEMU version change
Due to Proxmox 9 sunsetting QEMU versions below 6, the first thing you should do is go to each VM's hardware options, check the Machine, and ensure that it's set to the latest version of QEMU, presently 10.1. After setting this, reboot each affected machine and ensure that the network interface and all drives are online. This is known to be a problem point.
'screen' command
It's strongly, strongly advised that you run apt install screen before we continue. Screen is a terminal multiplexer that we will use to prevent potential failure due to dropped sessions if a network outage occurs.
pve8to9 checklist
Run pve8to9 from the command console. This will alert you to any potential breaking changes you need to watch for, such as quorum being insufficient for an upgrade or a change to the bootloader that must be accommodated before reboot after an otherwise successful upgrade. This is straightforward and you can broadly copy and paste the commands it tells you to execute.
Update repositories
Debian and Proxmox repositories
Debian 13 uses a new package format called deb822. We start by adding the Proxmox repository as a deb822.
cat > /etc/apt/sources.list.d/proxmox.sources << EOF Types: deb URIs: http://download.proxmox.com/debian/pve Suites: trixie Components: pve-no-subscription Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg EOF
If using an enterprise repository, use the following:
cat > /etc/apt/sources.list.d/proxmox-enterprise.sources << EOF Types: deb URIs: https://enterprise.proxmox.com/debian/pve Suites: trixie Components: pve-enterprise Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg EOF
Then let's ensure that we have the Debian repositories updated to 13, codenamed Trixie:
sed -i 's/bookworm/trixie/g' /etc/apt/sources.list
Manually check using nano or vim the various files in /etc/apt/sources.list. Any third party repositories such as zabbix should either be disabled by prefacing their lines with # or be updated to the trixie equivalent if possible. If a Debian 13 package exists for the third-party repository, simply change bookworm to trixie. Also, at this stage, remove any references to Proxmox outside of our new proxmox.sources file.
CEPH repositories
For CEPH repositories we follow the same procedure. Remove any references to CEPH in existing files in /etc/apt/sources.list and sources.list.d. Then add the deb822:
cat > /etc/apt/sources.list.d/ceph.sources << EOF Types: deb URIs: http://download.proxmox.com/debian/ceph-squid Suites: trixie Components: no-subscription Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg EOF
For enterprise, use the following:
cat > /etc/apt/sources.list.d/ceph.sources << EOF Types: deb URIs: https://enterprise.proxmox.com/debian/ceph-squid Suites: trixie Components: enterprise Signed-By: /usr/share/keyrings/proxmox-archive-keyring.gpg EOF
Update the repositories by running:
apt update apt policy
After running apt policy, a page will appear showing the various sources for enabled repositories. Ensure that none say "bookworm".
Upgrade
NEVER perform a Proxmox upgrade from the web UI console. Connect via SSH. Start a screen session:
screen -S proxmoxupgrade
At this point we can start the update.
# NEVER use apt upgrade. apt full-upgrade and apt dist-upgrade are synonyms, but all official Proxmox guides suggest dist-upgrade. apt dist-upgrade
At various points during the upgrade, you will be prompted to replace existing config files with new ones from package maintainers. Here are some guidelines on which ones to allow to be replaced and which ones to keep:
/etc/issue - N (do not replace)
/etc/lvm/lvm.conf - Y (replace)
/etc/ssh/sshd_config - N
/etc/default/grub - You will only be asked this if there's been a meaningful change to the grub configuration. It's recommended you view the difference between the two. If the only difference is the addition of some bash scripting, accept the new file. If any lines differ in boot execution, consider carefully.
/etc/chrony/chrony.conf - Only prompted if custom configurations have been made. /etc/chrony/chrony.conf.d has been deprecated and any config lines in files under this directory must be moved to /etc/chrony/chrony.conf. It's unlikely that this has occurred and you will likely not be prompted.
After Upgrade
Always reboot a node after an upgrade to ensure that it's running the latest Linux kernel and all packages have been reloaded.
Be aware that Proxmox 9 deprecates "HA groups" in favor of "HA rules" - this is an automatic conversion - this is triggered after all cluster members are on 9 or above.
You may now run apt modernize-sources which will convert any old repository configurations to the deb822 format.
It's advised to run systemctl disable --now systemd-journald-audit.socket to prevent overly long kernel audit messages during the upgrade
If booting from lvm in UEFI mode we have to run [ -d /sys/firmware/efi ] && apt install grub-efi-amd64
Some systems' lvm thin pools may report an error, run lvconvert --repair pve/data to resolve.