Firefly Perimeter Installation on KVM
In this post, you will find a quick introduction on how you can install Firefly perimeter on KVM. I always liked CLI way of doing things and KVM is pretty nice on this.Let’s install firefly
Deploy firefly image
#bash /mnt/OS/junos-vsrx-12.1X46-D10.2-domestic.jva FF2 -i 2::host-bridge,default -s virtimages
With one line you can install the image. Below is what these options mean.
FF2: = This is the name of the firefly VM. You will access the device with this name after the installation 2::host-bridge,default = This means create 2 ethernet interfaces and assign to host-bridge and default networks on KVM virtimages: = This is the storage pool you have on your KVM host
After accepting the long license agreement you will have an output like below;
Accept?[y/n]y Extracting ... Checking existence of VM FF2 ... HOST = , storage = virtimages, vm_name = FF2, img = junos-vsrx-12.1X46-D10.2-domestic-1387348130/junos-vsrx-12.1X46-D10.2-domestic.img Checking existence of storage pool virtimages ... virtimages active no Getting storage path ... Storage path: /mnt/volume01 /root/junos-vsrx-12.1X46-D10.2-domestic-1387348130 SHA1(junos-vsrx-12.1X46-D10.2-domestic.img)= 9dd2390cc79b554360ec7c12e7ca63e9b781e783 -rw-r--r-- 1 17105 950 260M Dec 18 07:29 junos-vsrx-12.1X46-D10.2-domestic-1387348130/junos-vsrx-12.1X46-D10.2-domestic.img cp junos-vsrx-12.1X46-D10.2-domestic-1387348130/junos-vsrx-12.1X46-D10.2-domestic.img /mnt/volume01/FF2.img Checking host CPU features ... Creating VM on the host ... Domain FF2 defined from FF2.xml Checking the VM ... - FF2 shut off
As you can see in the output our storage path for virtimages pool is /mnt/volume01.
[root@kvm ~]# ls /mnt/volume01/FF2.img /mnt/volume01/FF2.img
and we can see that firefly image file is stored in there. Let’s start the firewall:
Start Firefly
[root@kvm ~]# virsh
Welcome to virsh, the virtualization interactive terminal.
Type: 'help' for help with commands
'quit' to quit
virsh # start FF2
error: Failed to start domain FF2
error: unsupported configuration: Unable to find security driver for label selinux
If VM doesn’t start and you receive this error like I got, edit the firefly instance
virsh # edit FF2
and remove the following lines from the XML file and save it.
try once again
virsh # start FF2 Domain FF2 started virsh # list Id Name State ---------------------------------------------------- 1 FF2 running
and final touch by logging into console
virsh # console FF2 Connected to domain FF2 Escape character is ^] Amnesiac (ttyd0) login: root --- JUNOS 12.1X46-D10.2 built 2013-12-18 02:43:42 UTC root@%
The rest is the same like any SRX setup. Enjoy fireflying!
Hi, I am facing the below error when i execute the CLI Command to deploy firefly image
error: Failed to define domain from FF2.xml
error: Cannot check QEMU binary /usr/libexec/qemu-kvm: No such file or directory
Your KVM installation doesn’t seem to be complete Deepika. Better to check it first.
Nope does not work. I get a “error: failed to get pool virtimages” error.