Hot!Installing FortiGate-VM on Xen

Author
NetworkJack
New Member
  • Total Posts : 1
  • Scores: 2
  • Reward points: 0
  • Joined: 2016/07/13 20:37:21
  • Status: offline
2020/09/01 13:41:41 (permalink)
5 (1)

Installing FortiGate-VM on Xen

If, like me, you use the Xen hypervisor without all the fancy management tools or with Citrix XenServer may be interested in what step are necessary to get Fortigate-VM setup. This is on a Debian Stretch base with Xen 4.8.5.
 
1. download the OpenXen version:
  FGT_VM64_XEN-v6-build1723-FORTINET.out.OpenXen.zip
 
2. unzip the file
  #unzip FGT_VM64_XEN-v6-build1723-FORTINET.out.OpenXen.zip
 
then check the size of what the image is expecting in terms of disk space:
  #qemu-img info -f qcow2 fortios.qcow2
 
image: fortios.qcow2
file format: qcow2
virtual size: 2.0G (2147483648 bytes)
disk size: 60M
cluster_size: 65536
Format specific information:
    compat: 1.1
    lazy refcounts: false
    refcount bits: 16
    corrupt: false
 
3. Make LV for the boot image:
  #lvcreate --name=ahds-fw1-boot --size=2147483648B lbx1vg1
 
4. qemu convert the qcow file and direct to the LV:
  #qemu-img convert -f qcow2 fortios.qcow2 /dev/lbx1vg1/ahds-fw1-boot -p
 
5. make a secondary logs LV:
  #lvcreate --name=ahds-fw1-data1 --size=32GB lbx1vg1
 
6. here is the xen.cfg file should contain:
 (this is for a Fortigate-VM 6.4 VM00 Eval)
 

name="ahds-fw1"

builder = "hvm"
device_model_version = "qemu-xen"

vcpus = '1'
memory = '2048'
pool = 'Pool-CPU2'

xen_platform_pci=1
#pvh=1
hap=1

disk = [
                  'phy:/dev/lbx1vg1/ahds-fw1-boot,xvda,w',
                  'phy:/dev/lbx1vg1/ahds-fw1-data1,xvdb,w',
              ]

# Networking
#
vif = [
                'bridge=xenbr50,vifname=af1-lan,mac=00:16:3e:9b:1c:6d,model=e1000',
                'bridge=xenbr52,vifname=af1-xhub,mac=00:16:3e:c7:36:d2,model=e1000',
                'bridge=xenbr2,vifname=af1-ut,mac=00:16:3e:29:d4:55,model=e1000',
            ]


vfb = [ "type=vnc,vncdisplay=3,vncpasswd=secret,keymap=en-us" ]


# Behaviour
#
on_poweroff = 'destroy'
on_reboot = 'restart'
on_crash = 'restart'

 
make sure you have DHCP server setup on the same VLAN as the first interface will be attached to.
 
Hope someone finds this useful. I'm sure there are some other tweaks. I would like at some point to get SR-IOV configured, but for my purposes, I'm happy with the result.
 
#1

1 Reply Related Threads

    Yurisk
    Silver Member
    • Total Posts : 100
    • Scores: 22
    • Reward points: 0
    • Joined: 2011/12/04 03:30:01
    • Status: offline
    Re: Installing FortiGate-VM on Xen 2020/09/01 21:54:19 (permalink)
    0
    Thanks, saved it to try later.
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5