The VM image is provided as a gzip file. It should be decompressed to get the qcow2 image to deploy as a VM.

The FTAS VM has Aviz ONES integrated into it and will take some time to initialise after the first boot.

sonic@sonic-39:~$ gunzip -c ftas_ones_vmi_1.1.2.qcow2.gz > ftas_ones_vmi_1.1.2.qcow2
sonic@sonic-39:~$ ls -l
total 8302936
-rw-rw-r-- 1 sonic sonic 4929683456 Feb 21 06:21 ftas_ones_vmi_1.1.2.qcow2
-rw-rw-r-- 1 sonic sonic 3572510886 Feb 21 06:20 ftas_ones_vmi_1.1.2.qcow2.gz
sonic@sonic-39:~$ 

You can connect to the console port of the VM to see the installation logs.

Create the VM using GUI App virt-manager

If your host server has Ubuntu Desktop and virt-manager installed you can use it to deploy the VM. Make sure you can start the Virtual Machine Manager and that it connects successfully to the local hypervisor.

Creating a VM with virt-manager is very straightforward, Use the following steps to deploy the FTAS VM

• File -> New Virtual Machine -> Import existing disk image -> Forward

• Browse to the FTAS disk image location and select Ubuntu as the OS name

• Click "Forward" and select vCPU (min 2 cores) and Memory (4GB) for the VM

• Click "Forward", give your VM a name and check "Customize configuration before install"

• Select "NIC ...", in the "Network source" select the Linux bridge you created on the host machine

• Apply the configuration and start the VM

Create the VM using XML configuration

• Create an XML configuration file from the following template

<domain type='kvm' xmlns:qemu='http://libvirt.org/schemas/domain/qemu/1.0'>
  <name>FTAS_VM01</name>
  <memory unit='KiB'>4194304</memory>
  <currentMemory unit='KiB'>4194304</currentMemory>
  <vcpu placement='static'>4</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64' machine='pc-i440fx-1.5'>hvm</type>
    <boot dev='hd'/>
  </os>
  <features>
    <acpi/>
    <apic/>
  </features>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <emulator>/usr/bin/qemu-system-x86_64</emulator>
    <disk type='file' device='disk'>
      <driver name='qemu' type='qcow2' cache='writeback'/>
      <source file='/home/oper/taas_vm/taas_vm_v3.qcow2' />
      <target bus='virtio' dev='vda'/>
    </disk>
    <serial type='pty'>
      <source path='/dev/pts/3'/>
      <target port='0'/>
    </serial>
    <!-- Management interface eth0 -->
    <interface type='network'>
	<model type='e1000' />
        <source network='br0'/>
        <address type='pci' domain='0x0000' bus='0x00' slot='0x00' function='0x0'/>
    </interface>
   <controller type='usb' index='0'/>
    <memballoon model='virtio'>
      <alias name='balloon0'/>
      <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
    </memballoon>
  </devices>
</domain>

The below lines can be changed to customize the VM installation:

• Line #2 the Name of the VM

• Lines #3 & #4 the amount of System Memory for the VM

• Line #5 the number of vCPU Core for the VM

• Line #25 the Path to the qcow2 VM image file

• Line #35 the name of the Linux bridge on the host machine

• Create a Linux bridge configuration file (bridged-network.xml) for libvirt from the following template

<network>
    <name>br0</name>
    <forward mode="bridge" />
    <bridge name="br0" />
</network>

• Line #4 the name of the Linux bridge on the host machine

• Define the Linux bridge for the VM

#Execute the below command to attach the VM to the Linux Bridge 
sonic@sonic-39:~$ virsh net-define bridged-network.xml
sonic@sonic-39:~$ virsh net-start br0
sonic@sonic-39:~$ virsh net-autostart br0
sonic@sonic-39:~$ virsh net-list
 Name                 State      Autostart     Persistent
----------------------------------------------------------
 br0                  active     yes           yes

sonic@sonic-39:~$ 

• Start the VM

virsh create <VM XML configuration file>

#sonic@sonic-39:~$ virsh create ftas.xml 
#Domain FTAS_VM01 created from ftas.xml
#sonic@sonic-39:~$ 

If you see a permission error run the virsh command with sudo may fix the issue

• Check the VM status

sonic@sonic-39:~$ virsh list
 Id    Name                           State
----------------------------------------------------
 8     FTAS_VM01                      running
sonic@sonic-39:~$ 

Configure the IP address on the VM

1. If there is a DHCP server on the management network the VM will obtain its IP configuration from the DHCP server

2. If there is no DHCP server or you want to configure the IP address statically, Follow the below steps

• Enter VM console

sonic@sonic-39:~$ virsh console FTAS_VM01
Connected to domain ftas03
Escape character is ^]

ftasvm login: 

• Check connections and devices

sudo nmcli con show

oper@ftasvm:~$ sudo nmcli con show
NAME                UUID                                  TYPE      DEVICE 
Wired connection 1  782de6d4-3867-3c5e-95fb-061ae39e5fae  ethernet  eth0   
oper@ftasvm:~$ 
# Capture the connection NAME of eth0 device

• Release IP assigned by DHCP

sudo dhclient -v -r

oper@ftasvm:~$ sudo dhclient -v -r
Internet Systems Consortium DHCP Client 4.4.1
Copyright 2004-2018 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/veth1dcacbe/b6:bc:e5:4a:7e:1f
Sending on   LPF/veth1dcacbe/b6:bc:e5:4a:7e:1f
<..>
Sending on   Socket/fallback
oper@ftasvm:~$ 

• Configure static IP for the connection

sudo nmcli con mod "Wired connection 1" ipv4.addresses <ip address>/<prefix>

#Example - sudo nmcli con mod "Wired connection 1" ipv4.addresses 192.168.0.37/24

• Set a default Gateway address

sudo nmcli connection modify "Wired connection 1" ipv4.gateway <GW Address>

#Example - sudo nmcli connection modify "Wired connection 1" ipv4.gateway 192.168.0.1

• Set the IP configuration mode to manual

sudo nmcli con mod "Wired connection 1" ipv4.method manual

• Reapply the configuration to the interface

sudo nmcli device reapply <dev_name>

#Example - sudo nmcli device reapply eth0

• Verify the IP address

#verify the IP address
ip a

oper@ftasvm:~$ ip a
<..>
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 52:54:00:37:3c:5c brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.37/25 brd 192.168.0.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::70a4:9f2e:658c:4d29/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
<..>
oper@ftasvm:~$ 


#Verify IP method
oper@ftasvm:~$ sudo nmcli -f ipv4.method con show "Wired connection 1"
ipv4.method:                            manual
oper@ftasvm:~$ 

Test FTAS VM reachability from outside the VM, if the VM is not reachable please check the access rule at the below location,

sonic@sonic-39:~$ cat /proc/sys/net/bridge/bridge-nf-call-iptables 
1
sonic@sonic-39:~$ 

If the above value is 1 please change it to 0 and the reachability issue should be resolved

sudo echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables 

There are some scaling scripts that require multiple network service servers (NTP, SYSLOG, TACACS+, etc.). In order to simulate this, we can add a secondary IP address to the VM NIC.

To add a secondary IP address, use the command

sudo nmcli con mod "<con_name>" +ipv4.addresses <ip address>/<prefix>
#Example - sudo nmcli con mod "Wired connection 1" ipv4.addresses 192.168.0.42/24

# Reapply config
sudo nmcli device reapply <dev_name>
#Example - sudo nmcli device reapply eth0

# Show IP address to verify
ip a
# Restart docker containers so their services can listen on new IP addresses

Network services containers

The FTAS VM has docker containers running and the following docker images installed:

• DHCP container image ztp_dhcp(DHCP sevice)

oper@ftasvm:~$ docker images
REPOSITORY    TAG       IMAGE ID       CREATED        SIZE
ztp_dhcp      v1        599313a03bfb   41 hours ago   83.3MB
netservices   v1        8a9c98506637   41 hours ago   259MB
oper@ftasvm:~$ d

• Net Services container image netservices:v1 (NTP, SYSLOG, TACACS+ services). This container is run with the "--network=host" option. If you need to change the configurations of the services please find them in the following configuration files.

# NTP configuration file:
/etc/ntp.conf

# SYSLOG Configuration file
/etc/syslog-ng/conf.d/syslog_ng.conf

# Log files location:
/var/log/sonic_logs/<IP address of devices>.log

# TACACS+ configuraration
/etc/tacacs+/tac_plus.conf

Dockers running by default:

oper@ftasvm:~$ docker ps -a
CONTAINER ID   IMAGE            COMMAND                  CREATED        STATUS        PORTS     NAMES
8add12060a57   netservices:v1   "/usr/bin/supervisord"   41 hours ago   Up 41 hours             net_services
oper@ftasvm:~$ 

Hardware

• CPU: x86_64 8 cores or more with Virtualization enabled

• Memory: 8GB or more system memory

• Disk Space: 256GB or more available disk space

• Network Interface: 1 GbE NIC

Operating System

• Ubuntu 20.04 or later (64-bit)

Hypervisor Software

KVM (Kernel-based Virtual Machine) is the leading open-source virtualisation technology for Linux. It installs natively on all Linux distributions and turns underlying physical servers into hypervisors so that they can host multiple, isolated virtual machines (VMs).

We will be using KVM to serve as the hypervisor for the FTAS VM because KVM being a type-1 hypervisor, it outperforms all type-2 hypervisors, ensuring near-metal performance.

Please refer to the following steps to install it on the host machine

• Ensure that the latest Ubuntu packages are installed

• Install KVM packages

• Check if KVM acceleration is ready

• Add user to libvirt group

Verify if the libvirt user group is available using the below command

If the libvirt group is not available, it can be created using the below command

Then add the current user to the group

• Set user and group for qemu. Update the qemu config with your user and libvirt group

• Restart the libvirtd service

Check the status of the libvirtd service

• If your server has a GUI desktop installed, you may want to install virt-manager. The virt-manager application is a desktop Graphical user interface for managing virtual machines through libvirt

Network Configuration

It is recommended that the virtual NIC on the VM should be bridged with the physical NIC on the host machine.

In this sample configuration eno1 is the physical NIC of the host machine, which is typically used for SSH(Management).

Apply the above configuration

Users can log in to the FTAS VM using one of the following methods

• Console login

• SSH login

After logging in user will be dropped into the 'Bash shell'

with the following pre-defined folders and files

• qjob.py - Script to schedule execution jobs.

• testbeds - Directory to create and maintain testbed parameter files.

• jobs - Directory containing the JSON file that holds the job queue. qjob.py script controls and edits this JSON file. Please don't edit the JSON file manually.

• testsuites - Directory to maintain testsuite yaml files.

• reports - Directory to store HTML reports of completed jobs.

• configs - Directory to store test configs

• jobs.py - Script to manipulate queue jobs. It is imported by the qjob.py utility.

• logs - Maintains execution logs file of all jobs. Users can clean up the files in the logs and reports folder to regain disk space when needed.