# Virtual Machine Management Patterns

## Automated Provisioning
- **Cloud-init deployment** - Fully automated VM provisioning from first boot
- **Post-install scripts** - Standardized configuration for existing VMs
- **SSH key management** - Automated key deployment with emergency backup
- **Security hardening** - Password auth disabled, firewall configured

## VM Provisioning Strategies

### Template-Based Deployment
- **Ubuntu Server templates** optimized for home lab environments
- **Resource allocation** sizing and planning
- **Network configuration** and VLAN assignment (10.10.0.x networks)
- **Storage provisioning** and disk management

### Infrastructure as Code
- **Cloud-init templates** for repeatable VM creation
- **Bash provisioning scripts** for existing infrastructure
- **SSH key integration** with existing homelab key management
- **Docker environment** setup with user permissions

## Lifecycle Management
- **Automated provisioning** with infrastructure as code
- **Configuration management** with standardized scripts
- **Snapshot management** and rollback strategies
- **Scaling policies** for resource optimization

## Monitoring & Maintenance
- **Resource monitoring** (CPU, memory, disk, network)
- **Health checks** and alerting systems
- **Patch management** and update strategies
- **Performance tuning** and optimization

## Backup & Recovery
- **VM-level backups** vs **application-level backups**
- **Disaster recovery** planning and testing
- **High availability** configurations
- **Migration strategies** between hosts

## Implementation Workflows

### New VM Creation (Recommended)
1. **Create VM in Proxmox** with cloud-init support
2. **Apply cloud-init template** (`scripts/vm-management/cloud-init-user-data.yaml`)
3. **Start VM** - fully automated provisioning
4. **Verify setup** via SSH key authentication

### Existing VM Configuration  
1. **Run post-install script** (`scripts/vm-management/vm-post-install.sh <ip> <user>`)
2. **Automated provisioning** handles updates, SSH keys, Docker
3. **Security hardening** applied automatically
4. **Test connectivity** and verify Docker installation

## Security Architecture
- **SSH key-based authentication** only (passwords disabled)
- **Emergency key backup** for failover access  
- **User privilege separation** (sudo required, docker group)
- **Automatic security updates** configured
- **Network isolation** ready (10.10.0.x internal network)

## Related Documentation
- **Implementation**: `scripts/vm-management/README.md` - Complete setup guides
- **SSH Keys**: `patterns/networking/ssh-key-management.md` - Key lifecycle management  
- **Examples**: `examples/networking/ssh-homelab-setup.md` - SSH integration patterns
- **Reference**: `reference/vm-management/troubleshooting.md` - Common issues and solutions