Step 5 (Optional): Cloud-init using config drive
This section describes how to bootstrap a FortiNAC VM in VMware vCenter using config drive. This method can be used if deploying VMs on VMware vCenter or standalone ESXi and need to preconfigure the FortiNAC VM so that it boots with a predetermined configuration.
FortiNAC-OS supports version 2 of the config-drive capabilities. Cloud-Init config drive was initially created for OpenStack and other cloud environments and is a capability available on the FortiNAC even when booting within a VMware vCenter or standalone ESX environment. Config drive also allows the administrator to pass day zero configuration scripts to the FortiNAC VM on initial boot.
FortiNAC day zero configuration:
-
port1 IP Address
-
Subnet mask
-
Gateway
If not using this function, proceed to Configure Network Access for port2.
Configure
-
To pass a config drive to the FortiNAC VM, create the following directory structure:
config-drive/openstack/latest/
-
Create the FortiNAC configuration script user_data via text editor. The configuration script for a FortiNAC VM uses FortiNAC-OS CLI syntax.
Script should contain the following content:
#<HostName> Day0 Configuration
config system interface
edit port1
set ip <port1 IP address>/<mask>
set allowaccess https-adminui ssh
next
end
config system route
edit 1
set device port1
set gateway <Default Gateway for port1>
next
end
Example
Hostname = FNC
port1 IP address and mask = 10.12.234.175/22
Default gateway = 10.12.232.1
cat config-drive/openstack/latest/user_data
#FNC Day0 Configuration
config system interface
edit port1
set ip 10.12.234.175/22
set allowaccess https-adminui ssh
next
end
config system route
edit 1
set device port1
set gateway 10.12.232.1
next
end
-
Create the config drive ISO:
a. Create the config-drive ISO using a utility such as xorriso (other utilities can also be used to create ISOs, such as mkisofs).
b. Place the ISO on the data store so that it can be used with the FortiNAC VM.
-
Attach the config-drive ISO as a CDROM device:
a. Power off the FortiNAC VM.
b. Edit the VM settings.
c. Add a new device: CD/DVD drive and make sure to select Connect at power on.
d. Attach the config-drive ISO that was created earlier.
e. Complete the changes, then start the FortiNAC VM.
Validate
Open the console to verify that the VM is booting and utilizing the day zero configuration file that was provided.
To verify the results:
-
Go to the Console.
-
Login to the CLI.
-
Review port1 configuration. Type
get system interface physical
-
Confirm SSH access to the port1 IP address works.
-
Power off the VM.
-
Under the VM settings, set the VM to boot from the main drive.
-
Start the VM.
Appliance installation is complete. Proceed to the FortiNAC Deployment Guide to continue deployment.