Proxmox VE 9.1 Released: What's New and Improved

Proxmox VE 9.1 Released: What’s New and Improved

in Proxmox
by ReadySpace Australia
November 26, 2025
Comments Off on Proxmox VE 9.1 Released: What’s New and Improved
Tags: Data Centers, Open-source software, Proxmox VE 9.1, Server management, Virtual Environment, Virtualization platform

Surprising fact: the new version ships with OCI image support for containers — a change that can cut deployment time by weeks for teams standardizing on container pipelines.

We explain why this release matters for Australian businesses – it brings tighter security, faster container workflows, and clearer network visibility.

Under the hood, this update updates core components — a modern kernel, refreshed packages, and storage improvements — to boost stability and performance.

Key headline features include OCI image support for LXC containers, qcow2-backed vTPM snapshots across common storage, a new vCPU flag for granular nested virtualization, and SDN observability in the web interface.

We invite decision-makers to assess upgrade paths and architecture options — book a Proxmox Discovery Session with our expert team at https://readyspace.academy/proxmox-discovery/ or review enterprise pathways and ISO/upgrade notes on our portal: release details and enterprise options.

Key Takeaways

Immediate availability: This release is out now and practical for production planning.
OCI image support accelerates both full system and lean application containers.
qcow2-based vTPM state enables reliable snapshots on NFS/CIFS and offline LVM.
New vCPU flag improves nested virtualization control across mixed hosts.
SDN upgrades surface EVPN learned IPs/MACs and fabrics in the resource tree.
Enterprise subscriptions and APT/ISO upgrade paths support smooth adoption.

Proxmox VE 9.1 at a glance

We deliver a refined server image that updates core packages, storage engines, and the virtualization stack to improve day-to-day performance.

Technical snapshot: this version is built on Debian 13.2 “Trixie” with a customised Linux kernel 6.17.2-1. Key components include QEMU 10.1.2, LXC 6.0.4, OpenZFS 2.3.4 and Ceph 19.2.3—combining to stabilise storage and VM behaviour.

The release adds GUI improvements for software-defined networking, so bridge and VNet states are clearer and EVPN telemetry is visible in the web UI.

“Incremental updates and targeted bug fixes reduce operational friction and shorten troubleshooting cycles.”

Streamlined upgrades from 9.0 via APT; ISO images support clean bare-metal installs.
OpenZFS and Ceph updates improve snapshotting, replication and fault-domain planning.
Predictable CPU behaviour and backend fixes deliver measurable performance gains.

Next step: plan a staged rollout, capture baselines, and book a Proxmox Discovery Session for a tailored readiness assessment and upgrade plan — see our release notes.

What’s new in proxmox ve 9.1

Operators gain OCI image imports, qcow2-backed vTPM snapshots, and richer web UI telemetry for faster incident response.

OCI images for LXC templates

We now support OCI images as templates for lxc containers. You can pull images from registries or upload them. Use OCI to create either full system containers or lean application containers from existing pipelines.

Note: OCI import for LXC is a tech preview. We recommend testing in non-critical tiers and enforcing image governance and signing before broad rollout.

Safer snapshots with qcow2 vTPM state

vTPM state now resides in qcow2, letting you snapshot VMs with active vTPM across NFS/CIFS and support offline LVM snapshots.

This is especially valuable for windows workloads using BitLocker, Secure Boot, VBS, or Windows Hello—snapshots and rollbacks stay consistent and reliable.

Granular nested virtualization control

A new vCPU flag gives selective control over nested virtualization. Teams can expose only the virtualization extensions needed and avoid revealing the full cpu type.

That improves consistency across mixed hosts and reduces the guest attack surface while keeping predictable behaviour.

SDN observability, fabrics and datacenter actions

The web interface now shows guests on bridges and VNets. EVPN zones report learned IPs and mac addresses, and fabrics appear in the resource tree with routes and neighbors.

Datacenter-wide bulk actions let you start, stop, suspend or migrate many nodes at once—saving time on routine operations.

Under the hood: Debian 13.2 “Trixie”, kernel 6.17.2-1, QEMU 10.1.2, LXC 6.0.4, OpenZFS 2.3.4, Ceph 19.2.3.
Confidential computing: Initial Intel TDX support alongside AMD SEV; validate CPU and guest compatibility before adoption.

“These improvements translate to fewer manual steps, clearer status reporting, and faster troubleshooting for busy teams.”

Next step: map these capabilities to your operations — book a Proxmox Discovery Session to align upgrades with risk, compliance, and performance goals.

Availability, upgrade paths, and enterprise support

This release is available now, with clear paths for clean installs and in-place upgrades from existing clusters.

Download options and seamless APT upgrades

Choose a fresh ISO for greenfield deployments or perform an in-place APT upgrade from proxmox 9.0 to minimise downtime. The APT flow uses standard tooling and requires a reboot after packages finish.

Enterprise repository access and subscriptions

Enterprise subscriptions start from EUR 115 per CPU per year. They grant access to the Enterprise Repository, curated updates, and certified support via the web interface—helpful for governance and faster MTTR.

Operational considerations

SDN status reporting and EVPN telemetry are now visible in the management UI. The new vCPU flag controls nested virtualization parity across mixed hosts.

vTPM state in qcow2 stabilises snapshots on NFS/CIFS and LVM storage for Windows encryption and VBS workflows. Early Intel TDX support is limited—avoid Windows or live migration cases until maturity.

“Enterprise repos and certified support shorten incident cycles and keep production systems predictable.”

Path	When to use	Benefits	Notes
ISO install	New clusters	Clean baseline, full control	Ideal for greenfield server rollouts
APT upgrade	Existing clusters	Minimal downtime, preserve config	Upgrade from proxmox 9.0; reboot required
Enterprise subscription	Production systems	Curated updates, certified support	EUR 115/CPU; web UI access to repo

Need a guided upgrade and enterprise-readiness check? Book a Proxmox Discovery Session: https://readyspace.academy/proxmox-discovery/

Conclusion

Operators will find practical improvements for day-to-day management, from richer networking telemetry to safer VM snapshots.

We see clear value in the new features: OCI support for lxc containers, qcow2-backed vTPM for safer snapshots on shared storage, and a vCPU flag that tightens nested virtualization control.

Networking gains—EVPN learned IPs, mac addresses and fabrics in the resource tree—improve status reporting in the web interface. Component upgrades also lift performance and reduce bugs with targeted fixes.

Plan a measured rollout from proxmox 9.0, review the release notes, and get expert help for upgrade orchestration. Book a Discovery Session or explore our upgrade resources to accelerate your plan.

FAQ

What are the headline improvements in Proxmox VE 9.1?

The release focuses on container and VM security, networking observability, and platform stability. Key additions include OCI image support for LXC containers, vTPM state stored in qcow2 for safer Windows and security-sensitive guests, enhanced SDN visibility in the web interface, and kernel and userland updates based on Debian 13.2.

What does OCI image support for LXC containers mean for our workloads?

OCI image support lets teams deploy both full system containers and lean application containers from OCI-compliant images. That improves portability, simplifies CI/CD pipelines, and expands available base images while keeping resource-efficient LXC containers for microservices and larger system containers for stateful apps.

How does storing vTPM state in qcow2 improve snapshot safety for Windows guests?

Placing vTPM state in the VM disk format ensures TPM data travels with snapshots and backups. This reduces risk of inconsistent security state after restore—critical for Windows VMs and other workloads that rely on TPM-backed keys and measured boot.

What is the new vCPU flag for nested virtualization and why is it useful?

The vCPU flag enables granular control over nested virtualization exposure per VM. We can selectively allow or restrict nested features—helping balance performance, licensing, and security for multi-tenant environments and lab use cases that require nested hypervisors.

What SDN visibility improvements appear in the web interface?

The interface now shows EVPN details, IP/MAC visibility per fabric, and integrates fabrics into the resource tree. These changes accelerate troubleshooting, inventory, and policy validation across software-defined networks from a single management view.

Which core components were updated under the hood?

The platform refresh includes a modern userland and kernel stack—Debian 13.2, an updated Linux kernel, QEMU 10.1.2, LXC 6.0.4, OpenZFS updates, and a maintenance Ceph build. These updates deliver hardware enablement, performance gains, and bug fixes across virtualization and storage stacks.

Is confidential computing supported in this release?

Yes—foundations for confidential computing were expanded. Intel TDX support joins existing AMD SEV capabilities, giving organizations options for isolating workloads at the CPU level and meeting higher regulatory or data-protection requirements.

How do datacenter-wide bulk actions help at scale?

Bulk actions let administrators perform mass changes—such as config updates, power cycles, or migrations—across many nodes or guests. This reduces repetitive tasks, speeds maintenance windows, and lowers risk when rolling out standard changes across clusters.

How can we obtain the new release and upgrade from an earlier version?

The release is available via official repositories and downloadable images. Upgrades from the previous major line are supported via APT with documented steps to minimize downtime. We recommend testing upgrades in staging environments before production rollout.

What benefits come with enterprise repository access and subscriptions?

Subscriptions provide access to the enterprise repository with curated, thoroughly tested updates, security patches, and priority technical support. For mission-critical environments, this offers a more conservative update cadence and guaranteed response for incidents.

What operational considerations should teams plan for with SDN, nested virtualization, and vTPM workflows?

Plan for enhanced status reporting and observability when deploying SDN features. Validate nested virtualization parity across node types and CPUs before enabling at scale. For vTPM workflows, incorporate snapshot and backup procedures that account for qcow2-stored state to ensure restores preserve security credentials.

Are there known bugs or compatibility notes to watch for?

As with any major update, some edge-case bugs and driver or third-party tool incompatibilities may appear. Review the release notes for specific bug fixes and consult the enterprise channels for patches. We advise running pilot upgrades and verifying storage, networking, and Windows guest workflows.