Deploying NSM On-Premises on KVM

This section describes how to create a virtual machine via Virtual Machine Manager. This application can be opened by either running the virt manager command, $ virt-manager, or by opening it through your system.

virt-manager uses libvirt virtualization API, which provides a common interface for managing virtual machines for KVM. It can manage both local and remote virtual machines, allowing users to administer VMs hosted on different physical servers. This guide assumes the VM is being set up on a local server. The process for setting up on remote server is identical to that of setting it up on a local server, the only difference being the QEMU/KVM connection is managing the remote server instead of the local server. If there is a remote connection ready to use, switch to it before proceeding with the guide.

The following files will be provided in a zip format for KVM installation:

• JSON file

• OVMF UEFI firmware CODE file

• OVMF UEFI firmware VARS file

• qcow2 image file

Nested Virtualization is not supported for NSM On-Premises.

Deploying the OVA image of SonicWALL NSM On-PremisesPrem in a KVM environment using image conversion is not supported.

To add a new connection to the remote server

1. To open the virtual machine manager, navigate to File and select Add Connection.

   

2. In the Add Connection window, select QEMU/KVM and enter the Username and Hostname. Check the boxes for Connect to remote host over SSH and Autoconnect.

   

3. Once the connection is established, you should be able to see the virtual machines running (if any) on the remote machine in the virt-manager interface.

   

   virt-manager shows a “QEMU/KVM - Not Connected” banner if it does not find any QEMU/KVM connection.

   

   Ensure the QEMU/KVM connection (local or remote) is working before proceeding.

To deploy a build

1. Provision /etc/qemu/firmware directory on virt-manager host.

   1. Create /etc/qemu/firmware directory on virt-manager host if not present

   2. Copy 10-sonicwall-x86_64-secure-enrolled.json (JSON file) to /etc/qemu/firmware.

   3. Run the command:

      sudo systemctl reload libvirtd

2. Provision /usr/share/OVMF directory on virt-manager host.

   1. Create /usr/share/OVMF directory on virt-manager host if not present.

   2. Copy OVMF_CODE.sw.fd and OVMF_VARS.sw.fd to /usr/share/OVMF directory.

3. Click New VM icon.

   

4. Select Import existing disk image.

   

5. Click Browse to add the image file (qcow2 image).

   

6. Click Browse Local to locate the qcow2 image file in local directory.

   

7. Choose the operating system as Red Hat Enterprise Linux 9.0. Click Forward.

   Its not strictly necessary to choose Red Hat Enterprise Linux 9.0. All it does is automatically select virto disks and virtio networking. If choosing a different operating system, make sure to use virtio for disks and networking

   

8. Set Memory and CPU. Click Forward.

   Memory of 24576 or 24 GiB, and 4 CPU cores are minimum recommended configurations.

   

9. Enter a VM name. Select Customize Configuration before install.

   

10. Click Finish.

11. In the Overview tab.

    • Select Chipset as Q35.

    • Select Firmware as /usr/share/OVMF/OVMF_CODE.sw.fd.

      SonicCoreX will not boot with distro supplied OVMF image and will abort with an error.

    • Click Apply.

    

12. Click Add Hardware.

13. In the Add New Virtual Hardware screen,

    • Select Storage.

    • Select Create a disk image for the virtual machine and assign the required GiB.

      This must be added as the first additional disk before any additional external/EDM disk.

      

    • Select Network to add an additional network card.

      

    • Click Finish.

14. Click Display Space. Select the Type, Listen type, Address from the drop-down and click Apply.

    

15. Click Begin Installation.

    

16. Wait for Installation to complete.

    

17. Wait for NSM CLI prompt.