Guides
ProductDeveloperPartnerPersonal
Guides

Deploy VAs in KVM

πŸ‘

Two virtual appliances (VAs) are required for each Umbrella site. It is critical that these VAs are not cloned or copied in any way. Each VA must be set up and configured manually.

Table of Contents

Prerequisites

  • Full Admin user role. For more information, see Manage Accounts.
  • For information about the requirements for deploying Umbrella VAs, see Prerequisites.
  • A Linux system with qemu-utils package installed for creating the qcow2 files
  • Only VAs running 2.6 or above can be deployed in KVM
  • VA deployment is supported only on KVM on supported Red Hat Linux and Ubuntu Linux versions

(Optional) Configure Authentication for the Virtual Appliances

Procedure

  1. Create the qcow2 files for KVM.
  2. Launch the virtual appliance in KVM.

1. Create the qcow2 files for KVM

Download the software package for the Umbrella Virtual Appliance.

When you download the software package for the VA and if you did not configure API key credentials for your AD Connectors and VAs, Umbrella displays a warning message. We recommend that you configure API keys for your AD Connectors and Umbrella VAs. For more information, see Configure Authentication for Virtual Appliances.

a. Navigate to Deployments > Configuration > Sites and Active Directory and click Download.

1093

b. Click Download forΒ VA VMWare ESXi.

574

Umbrella generates and downloads a .tar file unique to your deployment.
This tar fileβ€―includes:β€―β€―

  • anβ€―.ova templateβ€―containing theβ€―virtual hard disks that need to be deployed onβ€―KVMβ€―β€―
  • aβ€―signatureβ€―fileβ€―β€―
  • a Cisco public certificate to validate the signatureβ€―β€―
  • a readmeβ€―fileβ€―β€―

c. Extract the contents of the tar file using the command tar –xvfβ€―.β€―
To verifyβ€―the integrity of the downloaded file,β€―validate the signature by following the instructions provided in the readme file.β€―When successful, you see a message sayingβ€―β€œVerifiedβ€―OK."β€―

d. Extract the downloaded.ova file to retrieve the vmdk files.

e. Use the qemu-img convert commands to convert each of the vmdk files to the qcow2 format.
qemu-img convert -f vmdk -O qcow2 forwarder-va.vmdk forwarder-va.qcow2
qemu-img convert -f vmdk -O qcow2 dynamic.vmdk dynamic.qcow2

f. Copy both the qcow2 files on your Linux system running KVM.
Note: Deploying the VA results in a modification of the source qcow2 files. Thus, you must copy the qcow2 files each time you deploy a new VA.

2. Launch the Virtual Appliance on KVM

a. Open the Virtual Machine Manager on your Linux system running KVM and click Create a new virtual machine.

624

b. In the first step of the wizard, choose Import existing disk image.

476

c. Provide the existing storage path to your forwarder-va.qcow2 and set the OS type to Linux and click Forward.

d. Set the memory and CPU settings to at least 1 CPU and 1 GB RAM and click Forward.

480

e. In the last step of the wizard, select Customize configuration before install and then click Finish.

623

f. Select Add Hardware.

624

g. Select Storage, add or create custom storage, add the dynamic disk, and then click Finish.
You should then see two disks.

624

h. Click Begin installation to create the VA.

624

i. If your network supports DHCP, the VA will get auto-configured with a DHCP IP address and will register to Umbrella using this IP. You can configure the VA on KVM through two mechanisms:

  • Press Ctrl+B on the VA console and entering the Configuration mode.
    Or
  • Initiate an SSH connection to the DHCP IPβ€”this IP can be retrieved from the Umbrella dashboardβ€”and enter Configuration mode.

You can now configure the VA. For information about configuring VAs, see Configure Virtual Appliances.


Deploy VAs in Google Cloud Platform < Deploy VAs in KVM > Deploy VAs in Nutanix