VIRL

VIRL update 0.9.17

I was a bit slow on this one. I have been very busy of late. VIRL have updated with a feature release. 0.9.17 is an in place upgrade. There is a lot of focus on stability. There is also a version update to NX-OS, IOSv, IOSXRv and CSR1000v. An in place upgraded is recommended.

Big Features

I have outlined the big features to me. If you want to see the full update of features check this link out.

Multipoint connector replaced by “Unmanaged Switch” – This is great. This allows a simplified view of a switch opposed to using a Multipoint connector. At the moment there is no L2IOS (Which is coming) so this is mostly cosmetic. Importing old topologies into an updated platforms will result in a topology needs to be updated and this occurs when prompted on topology load.

LXC Jumphosts – Jumping on the container bandwagon, VIRL provides LXC jump hosts for basic ssh gateway functions. This allows simplified management aggregation point and can be spun up inside the FLAT network or a private simulation network.

Updated Visualisation engine – The 3D modelling engine is pretty cool. Allows very quick topologies to be generated. If you’re keeping a live VIRL replication of your production or customer environments you can quickly spin up some neat documentation on topologies, routing domains and connectivity models.

Awesome update. A little painful to perform (due mostly to noisy Linux servers on the day) but quite easy if you follow the steps. Well done Joel and team VIRL!.

Integrating vSRX into VIRL

Cisco VIRL is a learning platform which allows you to run real devices. It is built on an OpenStack architecture that allows rapid deployment of instances of NX-OS, IOSv, IOS-XE ASA and vSRX. I am going to show you the tips on getting it installed into OpenStack.
Thanks to those who want to remain anonymous for the tips, testing and variables.
Here are the steps so that you can inject a configuration file into the vSRX:
 1. Convert ‘thin provision’ image to ‘fat provision image’. This can be done usingthevmware-vdiskmanager as per below:

 /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -r "junos-vsrx-12.1X46-D10.2-domestic-disk.vmdk" -t 0 “junos-vsrx-12.1X46-D10.2-domestic-disk1.vmdk"
2. The image needs to be modified to accept configuration file injection. This must be done BEFORE loading the image into VIRL via the User World Management (Skinned OpenStack) interface.
You can run the command above on your VIRL VM, so copy the image into the VIRL VM and execute there.
sudo kvm -M pc-1.0 -enable-kvm -daemonize -m 2048 -smp 2,sockets=2,cores=1,threads=1 -hda ./junos-vsrx-12.1X46-D10.2-domestic-disk1.vmdk \
-serial telnet::9101,server,nowait -net nic,model=e1000,vlan=1001,macaddr=00:01:00:ff:88:01 -nographic;telnet localhost 9101
login as ‘root’Edit the file /etc/fstab (nano /etc/fstab). The /etc/fstab should look like this (thevtbd1 disk is theconfig disk)

Device Mountpoint FStype Options Dump Pass#
/dev/md0 / cd9660 ro 0 0
proc /proc procfs rw 0 0
#/dev/bo0s1e /config ufs rw 2 2 
/dev/bo0s1b none swap sw 0 0
/dev/vtbd1s1 /config msdosfs rw 0 0

 

* /dev/bo0s1e /config ufs rw 2 2 is the old configuration disk.

* /dev/vtbd1s1 /config msdosfs rw 0 0 This is the FAT configuration disk.

Save the file.
Now we need to remove the SSH key. Remove the file with:
/etc/ssh/*key - 'rm /etc/ssh/*key
Shut the VM down.
3. The VM image is now ready to be loaded into UWM as a vSRX image.

Using the vSRX image in VIRL

You can add the vSRX image to your VIRL server under the ‘admin/images/’ menu by selecting ‘add’ and choosing ‘VSRX’ from the pick list, as per the picture:

 NOTE – If you want to make the vSRX image your default vSRX image, leave the Name/Version field blank. You can put release version information in the ‘release’ field.
If you create a topology with a vSRX node in it, at simulation start time, the system will look for a default vSRX image. If there is no default image, the simulation will not start and you will need to specifically set the VM_image and VM_flavor field values to the vSRX image that you’ve registered.
Configuration text placed in the ‘configuration’ field for the vSRX, will be automatically loaded into the VM at boot time. A correctly formatted JUNOS configuration will be applied assuming that there are no syntax errors! If you want to provision the VM with a basic set of user accounts, the configuration snippet below can be applied:
system {
  root-authentication {
    encrypted-password "$1$zdCNVrJU$xNlhBZZk8WOn8z3vl6LEs/"; ## SECRET-DATA
                      }
       login {
            user juniper {
                full-name juniper;
                uid 2001;
                class super-user;
                         authentication {
                         encrypted-password "$1$uRcJqW9g$ldwpqqgCZW17bw/tBUeFk/"; ## SECRET-DATA
           }
       }
    }
}
NOTE – if you do NOT pass in any configuration, vSRX will not like you and will crash on you!!! Make sure you pass in a minimal config, like the one below.

Your mileage may vary with this. VIRL is fun because there are lots of things happening behind the scenes.