Deploy the VM

The VM image is provided as a gzip file. It should be decompressed to get the qcow2 image to deploy as a VM.

The FTAS VM has Aviz ONES integrated into it and will take some time to initialise after the first boot.

sonic@sonic-39:~$ gunzip -c ftas_ones_vmi_1.1.2.qcow2.gz > ftas_ones_vmi_1.1.2.qcow2
sonic@sonic-39:~$ ls -l
total 8302936
-rw-rw-r-- 1 sonic sonic 4929683456 Feb 21 06:21 ftas_ones_vmi_1.1.2.qcow2
-rw-rw-r-- 1 sonic sonic 3572510886 Feb 21 06:20 ftas_ones_vmi_1.1.2.qcow2.gz
sonic@sonic-39:~$ 

You can connect to the console port of the VM to see the installation logs.

Create the VM using GUI App virt-manager

If your host server has Ubuntu Desktop and virt-manager installed you can use it to deploy the VM. Make sure you can start the Virtual Machine Manager and that it connects successfully to the local hypervisor.

Figure 2: Virt-Manager

Creating a VM with virt-manager is very straightforward, Use the following steps to deploy the FTAS VM

• File -> New Virtual Machine -> Import existing disk image -> Forward

Figure 3: Create new VM from existing disk image

• Browse to the FTAS disk image location and select Ubuntu as the OS name

• Click "Forward" and select vCPU (min 2 cores) and Memory (4GB) for the VM

Figure 4: Set vCPU and memory

• Click "Forward", give your VM a name and check "Customize configuration before install"

• Select "NIC ...", in the "Network source" select the Linux bridge you created on the host machine

Figure 5: Network selection

• Apply the configuration and start the VM

Create the VM using XML configuration

• Create an XML configuration file from the following template

vi ftas.xml

<domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
  <name>FTAS_VM01</name>
  <memory unit='KiB'>4194304</memory>
  <currentMemory unit='KiB'>4194304</currentMemory>
  <vcpu placement='static'>4</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64' machine='pc-i440fx-1.5'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
  </features>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/bin/qemu-system-x86_64</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2' cache='writeback'/>
      <source file='/home/oper/taas_vm/taas_vm_v3.qcow2' />
      <target bus='virtio' dev='vda'/>
    </disk>
    <serial type='pty'>
      <source path='/dev/pts/3'/>
      <target port='0'/>
    </serial>
    <!-- Management interface eth0 -->
    <interface type='network'>
	<model type='e1000' />
        <source network='br0'/>
        <address type='pci' domain='0x0000' bus='0x00' slot='0x00' function='0x0'/>
    </interface>
   <controller type='usb' index='0'/>
    <memballoon model='virtio'>
      <alias name='balloon0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </memballoon>
  </devices>
</domain>

The below lines can be changed to customize the VM installation:

• Line #2 the Name of the VM

• Lines #3 & #4 the amount of System Memory for the VM

• Line #5 the number of vCPU Core for the VM

• Line #25 the Path to the qcow2 VM image file

• Line #35 the name of the Linux bridge on the host machine

• Create a Linux bridge configuration file (bridged-network.xml) for libvirt from the following template

vi bridged-network.xml

<network>
    <name>br0</name>
    <forward mode="bridge" />
    <bridge name="br0" />
</network>

• Line #4 the name of the Linux bridge on the host machine

• Define the Linux bridge for the VM

#Execute the below command to attach the VM to the Linux Bridge 
sonic@sonic-39:~$ virsh net-define bridged-network.xml
sonic@sonic-39:~$ virsh net-start br0
sonic@sonic-39:~$ virsh net-autostart br0
sonic@sonic-39:~$ virsh net-list
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 br0                  active     yes           yes

sonic@sonic-39:~$ 

• Start the VM

virsh create <VM XML configuration file>

#sonic@sonic-39:~$ virsh create ftas.xml 
#Domain FTAS_VM01 created from ftas.xml
#sonic@sonic-39:~$ 

If you see a permission error run the virsh command with sudo may fix the issue

• Check the VM status

sonic@sonic-39:~$ virsh list
 Id    Name                           State
----------------------------------------------------
 8     FTAS_VM01                      running
sonic@sonic-39:~$ 

Configure the IP address on the VM

1. If there is a DHCP server on the management network the VM will obtain its IP configuration from the DHCP server

2. If there is no DHCP server or you want to configure the IP address statically, Follow the below steps

• Enter VM console

sonic@sonic-39:~$ virsh console FTAS_VM01
Connected to domain ftas03
Escape character is ^]

ftasvm login: 

The default username is 'oper' with the default password 'oper@123'

• Check connections and devices

sudo nmcli con show

oper@ftasvm:~$ sudo nmcli con show
NAME                UUID                                  TYPE      DEVICE 
Wired connection 1  782de6d4-3867-3c5e-95fb-061ae39e5fae  ethernet  eth0   
oper@ftasvm:~$ 
# Capture the connection NAME of eth0 device

• Release IP assigned by DHCP

sudo dhclient -v -r

oper@ftasvm:~$ sudo dhclient -v -r
Internet Systems Consortium DHCP Client 4.4.1
Copyright 2004-2018 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/veth1dcacbe/b6:bc:e5:4a:7e:1f
Sending on   LPF/veth1dcacbe/b6:bc:e5:4a:7e:1f
<..>
Sending on   Socket/fallback
oper@ftasvm:~$ 

• Configure static IP for the connection

sudo nmcli con mod "Wired connection 1" ipv4.addresses <ip address>/<prefix>

#Example - sudo nmcli con mod "Wired connection 1" ipv4.addresses 192.168.0.37/24

• Set a default Gateway address

sudo nmcli connection modify "Wired connection 1" ipv4.gateway <GW Address>

#Example - sudo nmcli connection modify "Wired connection 1" ipv4.gateway 192.168.0.1

• Set the IP configuration mode to manual

sudo nmcli con mod "Wired connection 1" ipv4.method manual

• Reapply the configuration to the interface

sudo nmcli device reapply <dev_name>

#Example - sudo nmcli device reapply eth0

• Verify the IP address

#verify the IP address
ip a

oper@ftasvm:~$ ip a
<..>
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:37:3c:5c brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.37/25 brd 192.168.0.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::70a4:9f2e:658c:4d29/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
<..>
oper@ftasvm:~$ 


#Verify IP method
oper@ftasvm:~$ sudo nmcli -f ipv4.method con show "Wired connection 1"
ipv4.method:                            manual
oper@ftasvm:~$ 

Test FTAS VM reachability from outside the VM, if the VM is not reachable please check the access rule at the below location,

Host Machine

sonic@sonic-39:~$ cat /proc/sys/net/bridge/bridge-nf-call-iptables 
1
sonic@sonic-39:~$ 

If the above value is 1 please change it to 0 and the reachability issue should be resolved

Host Machine

sudo echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables 

There are some scaling scripts that require multiple network service servers (NTP, SYSLOG, TACACS+, etc.). In order to simulate this, we can add a secondary IP address to the VM NIC.

To add a secondary IP address, use the command

FTAS VM

sudo nmcli con mod "<con_name>" +ipv4.addresses <ip address>/<prefix>
#Example - sudo nmcli con mod "Wired connection 1" ipv4.addresses 192.168.0.42/24

# Reapply config
sudo nmcli device reapply <dev_name>
#Example - sudo nmcli device reapply eth0

# Show IP address to verify
ip a
# Restart docker containers so their services can listen on new IP addresses

Network services containers

The FTAS VM has docker containers running and the following docker images installed:

• DHCP container image ztp_dhcp(DHCP sevice)

oper@ftasvm:~$ docker images
REPOSITORY                TAG       IMAGE ID       CREATED        SIZE
ztp_dhcp                  v1        9113152b5004   13 days ago    83.3MB
netservices               v1        ce65aef22c87   13 days ago    263MB
avizdock/ones-ui          v1.0.0    19815fc90b7f   2 months ago   518MB
avizdock/ones-collector   v1.0.0    e38c7d56d505   3 months ago   475MB
avizdock/ones-fm          v1.0.0    5e27b78d07de   3 months ago   482MB
avizdock/docker           latest    5b004b299dc0   3 months ago   151MB
avizdock/ones-gateway     latest    44bcea1e8cb2   4 months ago   1.11GB
avizdock/postgres         14        e270a11b9c8a   4 months ago   376MB
avizdock/timescaledb      latest    6fbc720b475a   8 months ago   2.3GB
oper@ftasvm:~$ 

ztp_dhcp(DHCP) services are not run by default as it might conflict with DHCP running in the DC infra.

• Net Services container image netservices:v1 (NTP, SYSLOG, TACACS+ services). This container is run with the "--network=host" option. If you need to change the configurations of the services please find them in the following configuration files.

# NTP configuration file:
/etc/ntp.conf

# SYSLOG Configuration file
/etc/syslog-ng/conf.d/syslog_ng.conf

# Log files location:
/var/log/sonic_logs/<IP address of devices>.log

# TACACS+ configuraration
/etc/tacacs+/tac_plus.conf

Dockers running by default:

oper@ftasvm:~$ docker ps -a
CONTAINER ID   IMAGE                            COMMAND                  CREATED      STATUS          PORTS                                                                                  NAMES
f650c067f77d   netservices:v1                   "/usr/bin/supervisord"   3 days ago   Up 32 seconds                                                                                          net_services
9a2d89bd4866   avizdock/ones-collector:v1.0.0   "java -jar /app/coll…"   3 days ago   Up 30 seconds   8093/tcp                                                                               ones-collector
406a8a7930ca   avizdock/ones-fm:v1.0.0          "java -jar /app/ses-…"   3 days ago   Up 30 seconds   0.0.0.0:8787->8080/tcp, :::8787->8080/tcp                                              ones-fm
2025a817c630   avizdock/ones-ui:v1.0.0          "docker-entrypoint.s…"   3 days ago   Up 31 seconds   0.0.0.0:3002->3002/tcp, :::3002->3002/tcp, 0.0.0.0:8885->8885/tcp, :::8885->8885/tcp   ones-ui
ec6cdc8623d6   avizdock/postgres:14             "docker-entrypoint.s…"   3 days ago   Up 31 seconds   0.0.0.0:2345->5432/tcp, :::2345->5432/tcp                                              ones-fm-db
6bb05a94ed60   avizdock/timescaledb:latest      "/docker-entrypoint.…"   3 days ago   Up 31 seconds   8008/tcp, 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp, 8081/tcp                          ones-collector-db
019421b2fb92   avizdock/docker:latest           "docker-entrypoint.s…"   3 days ago   Up 31 seconds                                                                                          docker
1c77ecd24bf0   avizdock/ones-gateway:latest     "./gnmi-gateway -Tar…"   3 days ago   Up 31 seconds   0.0.0.0:9339->9339/tcp, :::9339->9339/tcp                                              ones-gateway
oper@ftasvm:~$