How to deploy NSv on Ubuntu-KVM/QEMU hypervisor?

Deploy 654\7.0 soniccore kvm NSv

Server info:

• Ubuntu22.04-desktop
• Kernel: 4.4.0-31-generic
• KVM version: 2.5.0
• IP: 10.103.64.19
• Network:Interface eno1.301: 10.103.64.0

Important: Do not configure the network in desktop mode. Follow these steps to resolve the issue:

1. Stop the network manager:
   $ systemctl stop network-manager
2. Disable the network manager:
   $ systemctl disable network-manager
3. Restart the networking service:
   $ systemctl restart networking

Deploy Nsv(Step-by-Step)

• Access to Virtual Machine Manager
  
• Copy image file( SonicWall_NSv__For_QEMU_VM.img ) into /var/lib/libvirt/images/

1. Select the corresponding image file format( NSv is an existing disk image)
   
2. Choose storage volume ( choose others path volume may rise libvirtError)
   
3. Configure CPU/Memory/Name/Network (default only one network interface attached ), then click finish to create.
   Tips: 1. The default interface corresponds to x0 of the firewall, here we choose a private VLAN 518.
            2. We need to add another network interface as WAN port, that is X1 of the firewall, here we choose the interface 301.
                (Both device mode should choose <virtio>. By default, the first network card is x0, and the second one is x1. )
            3. Create New VM with Display set as VNC otherwise you may not able to use keybord with new vm.
   
   
   
   
4. Open new created VM, on View→Details GUI, can see detail configuration about this VM ( when VM shutdown, can do some new configs on CPU/Memory/Name/Network etc )
   

Deploy NSv using command line (Soniccore)

virt-install is a command line tool for creating new KVM, Xen, or Linux container guests using the "libvirt" hypervisor management library. We will use virt-install from the CLI to do this. If needed you can install the package with the following command to install libvirt:
sudo apt-get install qemu-kvm libvirt-bin virtinst

See the Example section at the following to quickly get started.

Example

1 . Server info:

        Ubuntu22.04-deskto

        IP: 10.103.64.19

2 . Script info:

# install a virtual machine from an existing disk image

# you may need to specify vm name\memory\cpu configurations

# you need to specify where to connect the image via "--disk"

# "/home/disks/soniccorex-image-release-nsv-kvm-R5020-cc.wic.qcow2" is image downloaded from bentley

# you may need to create more network interfaces via "--network"

 

#!/bin/bash

name="chang_cli_test"      # the name of the vm you want to create

disk_path="/home/disks/soniccorex-image-release-nsv-kvm-R5020.wic.qcow2"

 

virt-install \

    --virt-type kvm \

    --name ${name} \

    --pxe \  

    --import \

    --disk ${disk_path} \

    --vcpus 2 \

    --ram 8500 \

    --machine "pc-q35-6.2" \

    --network bridge=brvlan540,model=virtio \

    --network bridge=brvlan301,model=virtio \

    --os-variant rhel9.0 \

    --graphics type=spice \

    --virt-type kvm \

    --arch x86_64 \

    --noautoconsole \

    --watchdog default 

 

virsh edit ${name}                      #edit XML configuration for a domain

virsh destroy ${name}                #shutdown vm

virsh start ${name}                     #start vm

3 . Process screenshot

     a. Run bash file : ./bash_file_name

     b. Execute to the “virsh edit ${name}” command, terminal will display XML edit;

         edit xml file:  add firemware info in <os> tab

<loader readonly="yes" type="pflash">/usr/share/OVMF/OVMF_CODE.sw.fd</loader>

 After edit xml file, continue executing to the "virsh destroy ${name} & virsh start ${name}" command to reboot VM

  c. VM create completed

Other tips:

a. If you need to add VLAN parameters to the virtual network card, you have two ways.

• GUI( Cause it may cause some unknown issue, recommend using exist x0: 518  x1:301)
  open <virtual machine manager>--–<Connection Detailes>, choose <Network Interface>
• Command

1. apt-get install vlan bridge-utils
2.  #eno1 is the network interface on my ubuntu server

        

edit /etc/network/interfaces:

 

            #edit physical interface

            auto eno1

            iface eno1 inet manual

           #add sub-interface, the number is vlan to be added.

          auto eno1.301

          iface eno1.301 inet manual

          vlan-raw-device eno1

          #add bridge

          auto brvlan301

          iface brvlan301 inet static

          bridge_stp off

          bridge_waitport 0

          bridge_fd 0

          bridge_ports eno1.301

         address 10.103.64.19

         netmask 255.255.255.0

         gateway 10.103.64.1

         dns_nameserver 10.190.202.200

         systemctl restart network

b. If unable to locate the img file through Browse, just input the full path including the file name maunully

4. Setup for administrators

a. create user and input password: sudo adduser <user>

b. add user to group so they can remote to desktop: sudo adduser <user> tsusers

c. add user to group so they can work with kvm:  sudo adduser <user> libvirtd

d. add user to sudo so they can add vlans:  sudo adduser <user> sudo

e. create .xsession file for the user:

su - <user>

echo xfce4-session>.xsession

Deploy 7.1 soniccorex kvm NSv

Download the following artifacts

1. JSON file
2. OVMF UEFI firmware CODE file
3. OVMF UEFI firmware VARS file
4. qcow2 image file

Deploying a Release Build

1. Provision /etc/qemu/firmware directory on virt-manager host
     a. Create /etc/qemu/firmware directory on virt-manager host if not present
     b. copy #1 (JSON file) to /etc/qemu/firmware
     c. sudo systemctl reload libvirtd
2. Provision /usr/share/OVMF directory on virt-manager host
     a. Create /usr/share/OVMF directory on virt-manager host if not present
     b. Copy #2 and #3 to /usr/share/OVMF directory
3. Launch virt-manager and create a new virtual machine
   
4. Choose volume (qcow2 image from #4, )
   
5. Choose the operating system you are installing
   Select Red Hat Enterprise Linux 9.0.
   Note: Its not strictly necessary to choose RHEL. All it does is automatically select virto disks and virtion networking. If choosing a different operating system, make sure to use virtio for disks and networking
   
6. Choose Memory and CPU settings 
   
7. Customize Configuration before install (IMPORTANT)
   
8. Customizing the Virtual Machine - Overview Section
   Make sure to select Q35 for chipset and /usr/share/OVMF/OVMF_CODE.sw.fd (SonicWall supplied OVMF CODE image). SonicCoreX will not boot with distro supplied OVMF image and will abort with an error.
   After making selection make sure to click "Apply" button. If you navigate to other sections without clicking apply the changes you made in the overview section get lost
   
9. Add secondardy NIC
   Note: Minimum two NICs are required for SonicCoreX to fully boot through to SonicOS)
   Note: The NIC selected must be virtio
   
10. Add watchdog hardware
    
11. Begin Installation and wait for installation to complate.

7.1 NSv external snapshot create\recover

Create external snapshot

1. Shutdown the VM.
   
2. Click ‘Manage VM snapshots', click icon '+’ on the left bottom.
   
3. Enter name and description of the snapshot, click 'Finish'.
   
4. Wait until the snapshot is complated.
   

Recover snapshot

1. Right click the snapshot 'start', click start snapshot.
   
2. Power on the VM.