Fortinet black logo

Handbook

Home FortiTester 3.9.0 Handbook

Deployment examples

3.9.0
4.2.0
4.1.0
4.0.0
3.9.1
3.9.0
2.3.0
Copy Link
Copy Doc ID 1eee771d-afba-11ea-8b7d-00505692583a:463756
Download PDF

Deployment examples

The FortiTester VM can be deployed and configured using the VMware vSphere Hypervisor™ (ESX/ESXi) and VMware vSphere Client™ or the Linux KVM virtualization solution.

Creating the virtual machine

VMware vSphere

Once you have downloaded the zip file and extracted the package contents to a folder on your management computer, you can deploy the OVF package to your VMware environment.

Prior to deploying the FortiTester VM, ensure that the following are configured and functioning properly:

  • VMware vSphere Hypervisor™ (ESX/ESXi) software must be installed on a server and updated to the latest patch release prior to installing FortiTester VM. Go to http://www.vmware.com/products/vspherehypervisor/index.html for installation details.
  • VMware vSphere Client™ must be installed on the computer that you will be using for managing the FortiTester VM.
Deploy the OVF file
To deploy the OVF file template:
  1. Launch the VMware vSphere client, enter the IP address or host name of your server, enter your user name and password, then click Login. The vSphere client home page opens.
  2. Select File > Deploy OVF Template to launch the OVF Template wizard. The OVF Template Source page opens.
  3. Click Browse, locate the OVF file on your computer (fts-vm-64-hw7.ovf), then click Next to continue. The OVF Template Details page opens.
  4. Verify the OVF template details. This page details the product name, download size, size on disk, and description. Click Next to continue. The OVF Template End User License Agreement page opens.
  5. Read the end user license agreement, then click Accept then Next to continue. The OVF Template Name and Location page opens.
  6. Enter a name for this OVF template. The name can contain up to 80 characters and it must be unique within the inventory folder. Click Next to continue. The OVF Template Disk Format page opens.
  7. Select one of the following:
    • Thick Provision Lazy Zeroed: Allocates the disk space statically (no other volumes can take the space), but does not write zeros to the blocks until the first write takes place to that block during runtime (which includes a full disk format).
    • Thick Provision Eager Zeroed: Allocates the disk space statically (no other volumes can take the space), and writes zeros to all the blocks.
    • Thin Provision: Allocates the disk space only when a write occurs to a block, but the total volume size is reported by the Virtual Machine File System (VMFS) to the OS. Other volumes can take the remaining space. This allows you to float space between your servers, and expand your storage when your size monitoring indicates there is a problem. Note that once a Thin Provisioned block is allocated, it remains in the volume regardless of if you have deleted data, etc.
  8. Click Next to continue. The OVF Template Network Mapping page opens.
  9. Map the networks used in this OVF template to networks in your inventory. You must set the destination network for this entry to access the device console. Click Next to continue. The OVF Template Ready to Complete page opens.
  10. Review the template configuration. Ensure that Power on after deployment is not enabled. You might need to configure the FortiTester VM hardware settings prior to powering on the VM.
  11. Click Finish to deploy the OVF template. You will receive a Deployment Completed Successfully dialog box once the FortiTester VM OVF template wizard has finished.
Configure hardware settings

Before powering on your FortiTester VM you must configure the virtual memory, virtual CPU, and virtual disk.

To configure the VM:
  1. In the vSphere Client, right-click on the FortiTester VM in the left pane and select Edit Settings to open the Virtual Machine Properties window.
  2. Select Memory from the Hardware list, then adjust the Memory Size to 8G.
  3. Select CPUs from the Hardware list, then adjust the number of CPUs to 1.
  4. Adjust the number of cores to 4.
  5. FortiTester has 5 NICs.Assign the E1000 NIC for MGMT and the VMXNET3 NICs for DPDK. Make sure the four DPDK ports are assigned to the same switch or vSWITCH.
  6. Select Hard disk 2, the log disk, from the Hardware list, and configure it as required. Hard disk 1 should not be edited.
  7. Click OK to apply your changes.

The DPDK interface can also support 82599 with PCI-PASSTHROUGH.
Power on the virtual machine

You can now proceed to power on your FortiTester VM.

  • Select the FortiTesterVM in the left pane and click Power on the virtual machine in the Getting Started tab.
  • Select the VM in the left pane, then click Power On in the toolbar.
  • Right-click the VM in the left pane, then select Power > Power On from the right-click menu.

Linux KVM

Once you have downloaded the zip file and extracted the package contents to a folder on your management computer, you can deploy the kvm package to your KVM environment.

Prior to deploying the FortiTester VM, ensure that the KVM platform is configured and functioning properly. The installation instructions presume that you are familiar with the management software of the platform.

To create the virtual machine:
  1. Launch Virtual Machine Manager (virt-manager) on your KVM host server.
  2. Click Create a new virtual machine.
  3. Enter a name for the virtual machine.
  4. Select Import existing disk image.
  5. Click Forward.
  6. Click Browse, then locate and select boot.qcow2 in your local disk.
  7. Click Forward.
  8. Change the "Memory (RAM)" setting to 8192 MB and the "CPUs" setting to 4.
  9. Click Forward.
  10. Make sure the "Customize configuration before install" box is checked.
  11. Click Finish.
To customize configurations:
  1. From the customization screen, select Processor, located on the left. If Processor is not available from the menu, select CPUs.
  1. Select or click Copy host CPU configuration.
  2. Open the Topology menu and manually set CPU topology to include 1 Socket and 4 Cores.
  3. Click Apply.
  4. Select IDE Disk 1from the menu on the left.
  5. Open the Advanced options menu.
  6. Change the "Storage format" to qcow2, change the "Cache mode" to writeback, and change "Disk bus" to VIRTIO/SCSI.
  7. Click Apply.
  8. Click Add Hardware, located on the bottom left.
  9. Select Storage from the menu on the left.
  10. Choose "Select managed or other existing storage", then find and select data.qcow2.
  11. Change the "Storage format" to qcow2, change the "Cache mode" to writeback, and change the "Device type" to SCSI/VIRTIO.
  12. Click Finish.
  13. Select your NIC, or your virtual network interface from the menu on the left.
  14. Change the "Device model" to e1000.
  15. Configure the source mode and source device according to your environment specifications.
  16. Click Add Hardware and select Network.
  17. Change the "Device model" to virtio.
  18. Click Finish, then click Apply.
  19. Click Begin Installation.
To customize advanced settings:

This section is not needed for most users.

  • To support Multi Queue virtio:
    1. From the host terminal, enter the command: virsh edit <instance-name>.
    2. Find the block for your NIC, and add the following inside the <interface>

    <driver name='vhost' queues='8'/>

    <driver name='vhost' queues='4'/>

  • To enable PCI passthrough:
    1. Add the command intel_iommu=on to the boot command of the host, then reboot.
    2. In the host terminal, use the command modprobe pci_stub to import the PCI stub driver.
    3. Use the command lspci -n to find out the vendor and device ID of the NIC.
    4. Detach the PCI device from the host
      1. Use virsh nodedev-list | grep pci, to get the PCI device info.

      It will appear in a format similar to: pci_8086_****, where * is the code for each device.

      1. Detach the device with the command virsh nodedev-detach pci_8086_****.
      2. Use the command echo "<vendor id>:<device id> " > /sys/bus/pci/drivers/pci-stub/new_id.
      3. Use the command echo "<PCI ID>" > /sys/bus/pci/devices/<PCI ID>/driver/unbind.
      4. Use the command echo "<PCI ID>" > /sys/bus/pci/drivers/pci-stub/bind.
    5. Using virt-manager, click Add Hardware, select PCI Host Device, find your NIC, then click Finish.
  • To enable SR-IOV:
    1. Add the command intel_iommu=on to the boot command of the host, then reboot.
    2. Use the command modprobe -r ixgbe.
    3. Use the command modprobe ixgbe max_vfs=4, where 4 can be replaced by a number appropriate for your network card.
    4. Use the command lspci to check the SR-IOV function.
    5. Using the virt-manager, click Add Hardware, select PCI Host Device, find your NIC, then click Finish.
To power on the virtual machine:

You can now proceed to power on your FortiTester VM.

  • Select the FortiTester VM and click Power on the virtual machine.

Getting started with the virtual machine

  1. Enter admin when asked for a FortiTester login. The default password is blank.

The interface will display Welcome ! if you have successfully logged in.

  1. See Connecting to FortiTester for instructions on how to access the GUI, as well as other procedures for getting started with FortiTester.
Upload the license file
  1. Select the System tab from the GUI.
  2. Click Upload, under License Status.
  1. Choose your license file, then click on the upload icon.
  2. Click Close.

Previous
Next

Deployment examples

The FortiTester VM can be deployed and configured using the VMware vSphere Hypervisor™ (ESX/ESXi) and VMware vSphere Client™ or the Linux KVM virtualization solution.

Creating the virtual machine

VMware vSphere

Once you have downloaded the zip file and extracted the package contents to a folder on your management computer, you can deploy the OVF package to your VMware environment.

Prior to deploying the FortiTester VM, ensure that the following are configured and functioning properly:

  • VMware vSphere Hypervisor™ (ESX/ESXi) software must be installed on a server and updated to the latest patch release prior to installing FortiTester VM. Go to http://www.vmware.com/products/vspherehypervisor/index.html for installation details.
  • VMware vSphere Client™ must be installed on the computer that you will be using for managing the FortiTester VM.
Deploy the OVF file
To deploy the OVF file template:
  1. Launch the VMware vSphere client, enter the IP address or host name of your server, enter your user name and password, then click Login. The vSphere client home page opens.
  2. Select File > Deploy OVF Template to launch the OVF Template wizard. The OVF Template Source page opens.
  3. Click Browse, locate the OVF file on your computer (fts-vm-64-hw7.ovf), then click Next to continue. The OVF Template Details page opens.
  4. Verify the OVF template details. This page details the product name, download size, size on disk, and description. Click Next to continue. The OVF Template End User License Agreement page opens.
  5. Read the end user license agreement, then click Accept then Next to continue. The OVF Template Name and Location page opens.
  6. Enter a name for this OVF template. The name can contain up to 80 characters and it must be unique within the inventory folder. Click Next to continue. The OVF Template Disk Format page opens.
  7. Select one of the following:
    • Thick Provision Lazy Zeroed: Allocates the disk space statically (no other volumes can take the space), but does not write zeros to the blocks until the first write takes place to that block during runtime (which includes a full disk format).
    • Thick Provision Eager Zeroed: Allocates the disk space statically (no other volumes can take the space), and writes zeros to all the blocks.
    • Thin Provision: Allocates the disk space only when a write occurs to a block, but the total volume size is reported by the Virtual Machine File System (VMFS) to the OS. Other volumes can take the remaining space. This allows you to float space between your servers, and expand your storage when your size monitoring indicates there is a problem. Note that once a Thin Provisioned block is allocated, it remains in the volume regardless of if you have deleted data, etc.
  8. Click Next to continue. The OVF Template Network Mapping page opens.
  9. Map the networks used in this OVF template to networks in your inventory. You must set the destination network for this entry to access the device console. Click Next to continue. The OVF Template Ready to Complete page opens.
  10. Review the template configuration. Ensure that Power on after deployment is not enabled. You might need to configure the FortiTester VM hardware settings prior to powering on the VM.
  11. Click Finish to deploy the OVF template. You will receive a Deployment Completed Successfully dialog box once the FortiTester VM OVF template wizard has finished.
Configure hardware settings

Before powering on your FortiTester VM you must configure the virtual memory, virtual CPU, and virtual disk.

To configure the VM:
  1. In the vSphere Client, right-click on the FortiTester VM in the left pane and select Edit Settings to open the Virtual Machine Properties window.
  2. Select Memory from the Hardware list, then adjust the Memory Size to 8G.
  3. Select CPUs from the Hardware list, then adjust the number of CPUs to 1.
  4. Adjust the number of cores to 4.
  5. FortiTester has 5 NICs.Assign the E1000 NIC for MGMT and the VMXNET3 NICs for DPDK. Make sure the four DPDK ports are assigned to the same switch or vSWITCH.
  6. Select Hard disk 2, the log disk, from the Hardware list, and configure it as required. Hard disk 1 should not be edited.
  7. Click OK to apply your changes.

The DPDK interface can also support 82599 with PCI-PASSTHROUGH.
Power on the virtual machine

You can now proceed to power on your FortiTester VM.

  • Select the FortiTesterVM in the left pane and click Power on the virtual machine in the Getting Started tab.
  • Select the VM in the left pane, then click Power On in the toolbar.
  • Right-click the VM in the left pane, then select Power > Power On from the right-click menu.

Linux KVM

Once you have downloaded the zip file and extracted the package contents to a folder on your management computer, you can deploy the kvm package to your KVM environment.

Prior to deploying the FortiTester VM, ensure that the KVM platform is configured and functioning properly. The installation instructions presume that you are familiar with the management software of the platform.

To create the virtual machine:
  1. Launch Virtual Machine Manager (virt-manager) on your KVM host server.
  2. Click Create a new virtual machine.
  3. Enter a name for the virtual machine.
  4. Select Import existing disk image.
  5. Click Forward.
  6. Click Browse, then locate and select boot.qcow2 in your local disk.
  7. Click Forward.
  8. Change the "Memory (RAM)" setting to 8192 MB and the "CPUs" setting to 4.
  9. Click Forward.
  10. Make sure the "Customize configuration before install" box is checked.
  11. Click Finish.
To customize configurations:
  1. From the customization screen, select Processor, located on the left. If Processor is not available from the menu, select CPUs.
  1. Select or click Copy host CPU configuration.
  2. Open the Topology menu and manually set CPU topology to include 1 Socket and 4 Cores.
  3. Click Apply.
  4. Select IDE Disk 1from the menu on the left.
  5. Open the Advanced options menu.
  6. Change the "Storage format" to qcow2, change the "Cache mode" to writeback, and change "Disk bus" to VIRTIO/SCSI.
  7. Click Apply.
  8. Click Add Hardware, located on the bottom left.
  9. Select Storage from the menu on the left.
  10. Choose "Select managed or other existing storage", then find and select data.qcow2.
  11. Change the "Storage format" to qcow2, change the "Cache mode" to writeback, and change the "Device type" to SCSI/VIRTIO.
  12. Click Finish.
  13. Select your NIC, or your virtual network interface from the menu on the left.
  14. Change the "Device model" to e1000.
  15. Configure the source mode and source device according to your environment specifications.
  16. Click Add Hardware and select Network.
  17. Change the "Device model" to virtio.
  18. Click Finish, then click Apply.
  19. Click Begin Installation.
To customize advanced settings:

This section is not needed for most users.

  • To support Multi Queue virtio:
    1. From the host terminal, enter the command: virsh edit <instance-name>.
    2. Find the block for your NIC, and add the following inside the <interface>

    <driver name='vhost' queues='8'/>

    <driver name='vhost' queues='4'/>

  • To enable PCI passthrough:
    1. Add the command intel_iommu=on to the boot command of the host, then reboot.
    2. In the host terminal, use the command modprobe pci_stub to import the PCI stub driver.
    3. Use the command lspci -n to find out the vendor and device ID of the NIC.
    4. Detach the PCI device from the host
      1. Use virsh nodedev-list | grep pci, to get the PCI device info.

      It will appear in a format similar to: pci_8086_****, where * is the code for each device.

      1. Detach the device with the command virsh nodedev-detach pci_8086_****.
      2. Use the command echo "<vendor id>:<device id> " > /sys/bus/pci/drivers/pci-stub/new_id.
      3. Use the command echo "<PCI ID>" > /sys/bus/pci/devices/<PCI ID>/driver/unbind.
      4. Use the command echo "<PCI ID>" > /sys/bus/pci/drivers/pci-stub/bind.
    5. Using virt-manager, click Add Hardware, select PCI Host Device, find your NIC, then click Finish.
  • To enable SR-IOV:
    1. Add the command intel_iommu=on to the boot command of the host, then reboot.
    2. Use the command modprobe -r ixgbe.
    3. Use the command modprobe ixgbe max_vfs=4, where 4 can be replaced by a number appropriate for your network card.
    4. Use the command lspci to check the SR-IOV function.
    5. Using the virt-manager, click Add Hardware, select PCI Host Device, find your NIC, then click Finish.
To power on the virtual machine:

You can now proceed to power on your FortiTester VM.

  • Select the FortiTester VM and click Power on the virtual machine.

Getting started with the virtual machine

  1. Enter admin when asked for a FortiTester login. The default password is blank.

The interface will display Welcome ! if you have successfully logged in.

  1. See Connecting to FortiTester for instructions on how to access the GUI, as well as other procedures for getting started with FortiTester.
Upload the license file
  1. Select the System tab from the GUI.
  2. Click Upload, under License Status.
  1. Choose your license file, then click on the upload icon.
  2. Click Close.

Previous
Next