Bootstrapping FortiGate at initial bootup
This section explains how to add bootstrapping of FortiOS CLI commands and a BYOL license at the time of initial bootup as part of Google Cloud commands.
To bootstrap FortiGate at initial bootup:
- Create a text file that contains FortiGate CLI commands. In this example, let's save the file as config.txt. CRLF must be present. Therefore it is recommended to use a text editor that includes CRLF automatically. In this example, we will use the following CLI commands:
config system global
set timezone 03
This example sets the timezone as GMT-9 Alaska. You can replace these lines with your own set of CLI commands.
- You can download a license file from Customer Service & Support after registering your product code. Save the license file as a .txt file. FortiGate-VM license content resembles the following:
- Upload the config.txt and license files onto the Linux machine were you will run the Google Cloud SDK commands. Place the files in the same directory.
- Run the command as described in Using the Google Cloud SDK to deploy FortiGate-VM, adding the following:
--metadata-from-file "license=<license text file>,user-data=<FortiGate CLI text file>". In this example, it will be --metadata-from-file "license=license.txt,user-data=config.txt".
- After deployment, log into the FortiGate by accessing https://<IP_address> in your browser. The system displays the dashboard instead of a license upload window, since the license is already activated.
To see how bootstrapping went, check if the command was successfully run. Open the CLI console and enter
diag debug cloudinit show.
If the cloud-init was run successfully, the CLI shows
Finish running scriptwith no errors. If you see an error with this
diagnosecommand, resolve it and try again by checking the license and config.txt files. Ensure that the text file contains CRLF.
- Check the timezone by running
config system globaland
The timezone was changed to Alaska as expected, meaning that the bootstrapping CLI command was successful. This assumes that you used the default FortiGate CLI command in step 1. If you modified the command, test it accordingly.