Fortinet black logo

VMware Deployment Guide

Home FortiNAC-F 7.2.0 VMware Deployment Guide
7.2.0
7.4.0
7.2.0

Step 5 (Optional): Cloud-init using config drive

Step 5 (Optional): Cloud-init using config drive

This section describes how to bootstrap a FortiNAC VM in VMware vCenter using config drive. This method can be used if deploying VMs on VMware vCenter or standalone ESXi and need to preconfigure the FortiNAC VM so that it boots with a predetermined configuration.

FortiNAC-OS supports version 2 of the config-drive capabilities. Cloud-Init config drive was initially created for OpenStack and other cloud environments and is a capability available on the FortiNAC even when booting within a VMware vCenter or standalone ESX environment. Config drive also allows the administrator to pass day zero configuration scripts to the FortiNAC VM on initial boot.

FortiNAC day zero configuration:

  • port1 IP Address

  • Subnet mask

  • Gateway

If not using this function, proceed to Configure Network Access for port2.

Configure

  1. To pass a config drive to the FortiNAC VM, create the following directory structure:

    config-drive/openstack/latest/

  2. Create the FortiNAC configuration script user_data via text editor. The configuration script for a FortiNAC VM uses FortiNAC-OS CLI syntax.

    Script should contain the following content:

    #<HostName> Day0 Configuration
     
    config system interface
    edit port1
    set ip <port1 IP address>/<mask>                                                                                                   
    set allowaccess https-adminui ssh
    next 
                                                                                                                         end                                                                                                                       
    config system route 
                                                                                                          edit 1 
                                                                                                                       set device port1                                                                                                          
    set gateway <Default Gateway for port1>                                                                                                   
    next                                                                                                                      
    end
     
    Example
    Hostname = FNC
    port1 IP address and mask = 10.12.234.175/22
    Default gateway = 10.12.232.1
    cat config-drive/openstack/latest/user_data
    #FNC Day0 Configuration
     
    config system interface
    edit port1
    set ip 10.12.234.175/22 
                                                                                                      set allowaccess https-adminui ssh
    next                                                                                                                      
    end 
                                                                                                                          config system route                                                                                                       
    edit 1 
                                                                                                                       set device port1 
                                                                                                             set gateway 10.12.232.1                                                                                                   
    next                                                                                                                      
    end

  3. Create the config drive ISO:

    a. Create the config-drive ISO using a utility such as xorriso (other utilities can also be used to create ISOs, such as mkisofs).

    b. Place the ISO on the data store so that it can be used with the FortiNAC VM.

  4. Attach the config-drive ISO as a CDROM device:

    a. Power off the FortiNAC VM.

    b. Edit the VM settings.

    c. Add a new device: CD/DVD drive and make sure to select Connect at power on.

    d. Attach the config-drive ISO that was created earlier.

    e. Complete the changes, then start the FortiNAC VM.

Validate

Open the console to verify that the VM is booting and utilizing the day zero configuration file that was provided.

To verify the results:

  1. Go to the Console.

  2. Login to the CLI.

  3. Review port1 configuration. Type

    get system interface physical

  4. Confirm SSH access to the port1 IP address works.

  5. Power off the VM.

  6. Under the VM settings, set the VM to boot from the main drive.

  7. Start the VM.

Appliance installation is complete. Proceed to the FortiNAC Deployment Guide to continue deployment.

Previous
Next

Step 5 (Optional): Cloud-init using config drive

This section describes how to bootstrap a FortiNAC VM in VMware vCenter using config drive. This method can be used if deploying VMs on VMware vCenter or standalone ESXi and need to preconfigure the FortiNAC VM so that it boots with a predetermined configuration.

FortiNAC-OS supports version 2 of the config-drive capabilities. Cloud-Init config drive was initially created for OpenStack and other cloud environments and is a capability available on the FortiNAC even when booting within a VMware vCenter or standalone ESX environment. Config drive also allows the administrator to pass day zero configuration scripts to the FortiNAC VM on initial boot.

FortiNAC day zero configuration:

  • port1 IP Address

  • Subnet mask

  • Gateway

If not using this function, proceed to Configure Network Access for port2.

Configure

  1. To pass a config drive to the FortiNAC VM, create the following directory structure:

    config-drive/openstack/latest/

  2. Create the FortiNAC configuration script user_data via text editor. The configuration script for a FortiNAC VM uses FortiNAC-OS CLI syntax.

    Script should contain the following content:

    #<HostName> Day0 Configuration
     
    config system interface
    edit port1
    set ip <port1 IP address>/<mask>                                                                                                   
    set allowaccess https-adminui ssh
    next 
                                                                                                                         end                                                                                                                       
    config system route 
                                                                                                          edit 1 
                                                                                                                       set device port1                                                                                                          
    set gateway <Default Gateway for port1>                                                                                                   
    next                                                                                                                      
    end
     
    Example
    Hostname = FNC
    port1 IP address and mask = 10.12.234.175/22
    Default gateway = 10.12.232.1
    cat config-drive/openstack/latest/user_data
    #FNC Day0 Configuration
     
    config system interface
    edit port1
    set ip 10.12.234.175/22 
                                                                                                      set allowaccess https-adminui ssh
    next                                                                                                                      
    end 
                                                                                                                          config system route                                                                                                       
    edit 1 
                                                                                                                       set device port1 
                                                                                                             set gateway 10.12.232.1                                                                                                   
    next                                                                                                                      
    end

  3. Create the config drive ISO:

    a. Create the config-drive ISO using a utility such as xorriso (other utilities can also be used to create ISOs, such as mkisofs).

    b. Place the ISO on the data store so that it can be used with the FortiNAC VM.

  4. Attach the config-drive ISO as a CDROM device:

    a. Power off the FortiNAC VM.

    b. Edit the VM settings.

    c. Add a new device: CD/DVD drive and make sure to select Connect at power on.

    d. Attach the config-drive ISO that was created earlier.

    e. Complete the changes, then start the FortiNAC VM.

Validate

Open the console to verify that the VM is booting and utilizing the day zero configuration file that was provided.

To verify the results:

  1. Go to the Console.

  2. Login to the CLI.

  3. Review port1 configuration. Type

    get system interface physical

  4. Confirm SSH access to the port1 IP address works.

  5. Power off the VM.

  6. Under the VM settings, set the VM to boot from the main drive.

  7. Start the VM.

Appliance installation is complete. Proceed to the FortiNAC Deployment Guide to continue deployment.

Previous
Next