Cisco VIRL is a learning platform which allows you to run real devices. It is built on an OpenStack architecture that allows rapid deployment of instances of NX-OS, IOSv, IOS-XE ASA and vSRX. I am going to show you the tips on getting it installed into OpenStack.
Thanks to those who want to remain anonymous for the tips, testing and variables.
Here are the steps so that you can inject a configuration file into the vSRX:
 1. Convert ‘thin provision’ image to ‘fat provision image’. This can be done usingthevmware-vdiskmanager as per below:

 /Applications/VMware\ Fusion.app/Contents/Library/vmware-vdiskmanager -r "junos-vsrx-12.1X46-D10.2-domestic-disk.vmdk" -t 0 “junos-vsrx-12.1X46-D10.2-domestic-disk1.vmdk"
2. The image needs to be modified to accept configuration file injection. This must be done BEFORE loading the image into VIRL via the User World Management (Skinned OpenStack) interface.
You can run the command above on your VIRL VM, so copy the image into the VIRL VM and execute there.
sudo kvm -M pc-1.0 -enable-kvm -daemonize -m 2048 -smp 2,sockets=2,cores=1,threads=1 -hda ./junos-vsrx-12.1X46-D10.2-domestic-disk1.vmdk \
-serial telnet::9101,server,nowait -net nic,model=e1000,vlan=1001,macaddr=00:01:00:ff:88:01 -nographic;telnet localhost 9101
login as ‘root’Edit the file /etc/fstab (nano /etc/fstab). The /etc/fstab should look like this (thevtbd1 disk is theconfig disk)

Device Mountpoint FStype Options Dump Pass#
/dev/md0 / cd9660 ro 0 0
proc /proc procfs rw 0 0
#/dev/bo0s1e /config ufs rw 2 2 
/dev/bo0s1b none swap sw 0 0
/dev/vtbd1s1 /config msdosfs rw 0 0

 

* /dev/bo0s1e /config ufs rw 2 2 is the old configuration disk.

* /dev/vtbd1s1 /config msdosfs rw 0 0 This is the FAT configuration disk.

Save the file.
Now we need to remove the SSH key. Remove the file with:
/etc/ssh/*key - 'rm /etc/ssh/*key
Shut the VM down.
3. The VM image is now ready to be loaded into UWM as a vSRX image.

Using the vSRX image in VIRL

You can add the vSRX image to your VIRL server under the ‘admin/images/’ menu by selecting ‘add’ and choosing ‘VSRX’ from the pick list, as per the picture:

 NOTE – If you want to make the vSRX image your default vSRX image, leave the Name/Version field blank. You can put release version information in the ‘release’ field.
If you create a topology with a vSRX node in it, at simulation start time, the system will look for a default vSRX image. If there is no default image, the simulation will not start and you will need to specifically set the VM_image and VM_flavor field values to the vSRX image that you’ve registered.
Configuration text placed in the ‘configuration’ field for the vSRX, will be automatically loaded into the VM at boot time. A correctly formatted JUNOS configuration will be applied assuming that there are no syntax errors! If you want to provision the VM with a basic set of user accounts, the configuration snippet below can be applied:
system {
  root-authentication {
    encrypted-password "$1$zdCNVrJU$xNlhBZZk8WOn8z3vl6LEs/"; ## SECRET-DATA
                      }
       login {
            user juniper {
                full-name juniper;
                uid 2001;
                class super-user;
                         authentication {
                         encrypted-password "$1$uRcJqW9g$ldwpqqgCZW17bw/tBUeFk/"; ## SECRET-DATA
           }
       }
    }
}
NOTE – if you do NOT pass in any configuration, vSRX will not like you and will crash on you!!! Make sure you pass in a minimal config, like the one below.

Your mileage may vary with this. VIRL is fun because there are lots of things happening behind the scenes.

6 thoughts on “Integrating vSRX into VIRL

  1. Pingback: GNS3 vs. VIRL for CCIE Candidates | Network Thoughts

  2. hi there

    i try you mini guid over here and i get this error every time

    SMP: AP CPU #1 Launched!
    Trying to mount root from ufs:/dev/ad0s1a

    Manual root filesystem specification:
    : Mount using filesystem
    eg. ufs:ad0s1a
    ? List valid disk boot devices
    Abort manual input

    Reply

  3. You r second command ,

    sudo kvm -M pc-1.0 -enable-kvm……………….

    returns following error and can’t go any further. Can you please check,
    ——————————————————————
    -nographic can not be used with -daemonize
    Trying 127.0.0.1…
    Trying ::1…
    telnet: Unable to connect to remote host: Connection refused
    ——————————————————————

    Reply

    1. It’s working for me with just some minor modifications:
      I was using qcow2 format as vSRX image. If You have .img then do this to convert (inside Virl VM):
      qemu-img convert -f vmdk -O qcow2 your_vsrx_image.img your_vsrx_image.qcow2

      Then execute:
      sudo kvm -M pc-1.0 -enable-kvm -daemonize -m 2048 -smp 2,sockets=2,cores=1,threads=1 -hda ./your_vsrx_image.qcow2
      I skipped the rest part of presented command.

      Next I imported to Virl using UWM and it’s working like a charm! 🙂

      Respect pandom! 🙂

      Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*