Fortinet Document Library

Version:


Table of Contents

FortiWeb-VM on OpenStack

  • Select version:
  • 6.1
6.1.1
Download PDF
Copy Link

Deploying FortiWeb-VM on OpenStack

The examples shown in this procedure create a FortiWeb-VM instance with the following properties:

  • A direct connection to the public network
  • A 30GB log disk (an OpenStack volume)
  • 2 vCPUs with 2GB RAM and a 2GB root disk (specified by the OpenStack flavor)
  • Fully licensed
  1. To set up your OpenStack environment, create an openrc.sh (OpenStack rc) file that specifies the admin credentials and admin endpoint.
  2. For example, the OpenStack rc file admin-openrc.sh has the following:

  3. Using the shell you use to run OpenStack commands, source the OpenStack rc file. For example:
  4. $ source admin-openrc.sh

  5. Log in to the OpenStack dashboard, under Compute, navigate to the list of images, and then click Create Image.

  6. Complete the image settings.

    For Image Source, select Image File. Use the Image File options to navigate to and select the boot.qcow2 file you extracted from the FortiWeb-VM KVM software package. For Format, select QCOW2-QEMU Emulator.


  7. Click Create Image, and then use the dashboard to verify that OpenStack added the image.

  8. Alternatively, use the CLI command nova image-list to verify the image.


  9. In the OpenStack dashboard, navigate to the Network options and click Create Network.
  10. In the network creation wizard, complete the network and subnet settings.



  11. In the wizard, complete the subnet details. You can use a pool to assign the network's IP address range.

  12. Click Create, and then use the dashboard to verify that OpenStack added the network.



    Alternatively, use the CLI command nova network-list to verify the image.

  13. To create the volume FortiWeb-VM uses for its log disk, in the OpenStack dashboard, under Compute, navigate to the Volumes options and click Create Volume.
  14. Complete the volume settings.

  15. Click Create Volume, and then use the dashboard to verify that OpenStack added the volume.



    Alternatively, use the CLI command nova volume-list to verify the volume.

  16. To specify the size of the instance, in the OpenStack dashboard, under System, navigate to the Flavors options and click Create Flavor.
  17. Complete the flavor settings.

  18. Click Create Flavor, and then use the dashboard to verify that OpenStack added the flavor.

  19. Confirm the location of the initial FortiWeb configuration file you created earlier and the FortiWeb-VM license file.
  20. See Preparing to deploy on OpenStack.

    This example uploads the license as part of the boot process. Alternatively, you can omit the license file and upload it later. See Uploading the license.

  21. Use the following command to boot the instance:
  22. nova boot --config-drive true --image <image_name> --flavor <flavor_name> --user-data <config_file> --file license=<fweb_license> --nic net-id=<network_id> --block-device-mapping vdb=<volume_id> <instance_name>

    where:

    --config-drive true enables OpenStack to write metadata to a special configuration drive that it attaches to the instance when it boots

    <image_name> is the name of the FortiWeb-VM KVM image you uploaded earlier

    <flavor_name> is the OpenStack flavor you configured earlier that specifies the size of the instance

    <config_file> is the name and path of the initial configuration file you created earlier. It is the booting CLI configuration that FortiWeb uses. You can use this file for some public initialization configuration that scales the deployment.

    <fweb_license> is the name and path of the FortiWeb license file

    <network_id> is the ID of public network you created earlier for the instance to use

    <volume_id> is the ID of the volume you created earlier to use as the FortiWeb log disk

    <instance_name> is the name for the instance

    For example (the image and the instance are both named cloud-init-test):

    nova boot --config-drive true --image cloud-init-test --flavor 325f4fec-700e-489f-a340-62a705cc6e30 --user-data /home/openstack/lmy/user_data --file license=/home/openstack/lmy/lic/FVVM080000059890.lic --nic net-id=1146eb20-8828-45d3-a8a2-622276d344e4 --block-device-mapping vdb=a4e7fe15-2d20-4090-adae-c85136fd87cf cloud-init-test

  23. OpenStack returns a table that allows you to confirm the instance configuration.

  24. Use the CLI command nova list to display the status of the instance and the IP address it was assigned.


  25. Use Telnet or SSH to connect to the instance to confirm the initial configuration and that the license file has been uploaded to the FortiWeb.

  26. Continue with the appliance configuration using the CLI or access the web UI using the assigned IP address (example, using https://10.200.71.175). For complete configuration information, see the FortiWeb Administration Guide.

Deploying FortiWeb-VM on OpenStack

The examples shown in this procedure create a FortiWeb-VM instance with the following properties:

  • A direct connection to the public network
  • A 30GB log disk (an OpenStack volume)
  • 2 vCPUs with 2GB RAM and a 2GB root disk (specified by the OpenStack flavor)
  • Fully licensed
  1. To set up your OpenStack environment, create an openrc.sh (OpenStack rc) file that specifies the admin credentials and admin endpoint.
  2. For example, the OpenStack rc file admin-openrc.sh has the following:

  3. Using the shell you use to run OpenStack commands, source the OpenStack rc file. For example:
  4. $ source admin-openrc.sh

  5. Log in to the OpenStack dashboard, under Compute, navigate to the list of images, and then click Create Image.

  6. Complete the image settings.

    For Image Source, select Image File. Use the Image File options to navigate to and select the boot.qcow2 file you extracted from the FortiWeb-VM KVM software package. For Format, select QCOW2-QEMU Emulator.


  7. Click Create Image, and then use the dashboard to verify that OpenStack added the image.

  8. Alternatively, use the CLI command nova image-list to verify the image.


  9. In the OpenStack dashboard, navigate to the Network options and click Create Network.
  10. In the network creation wizard, complete the network and subnet settings.



  11. In the wizard, complete the subnet details. You can use a pool to assign the network's IP address range.

  12. Click Create, and then use the dashboard to verify that OpenStack added the network.



    Alternatively, use the CLI command nova network-list to verify the image.

  13. To create the volume FortiWeb-VM uses for its log disk, in the OpenStack dashboard, under Compute, navigate to the Volumes options and click Create Volume.
  14. Complete the volume settings.

  15. Click Create Volume, and then use the dashboard to verify that OpenStack added the volume.



    Alternatively, use the CLI command nova volume-list to verify the volume.

  16. To specify the size of the instance, in the OpenStack dashboard, under System, navigate to the Flavors options and click Create Flavor.
  17. Complete the flavor settings.

  18. Click Create Flavor, and then use the dashboard to verify that OpenStack added the flavor.

  19. Confirm the location of the initial FortiWeb configuration file you created earlier and the FortiWeb-VM license file.
  20. See Preparing to deploy on OpenStack.

    This example uploads the license as part of the boot process. Alternatively, you can omit the license file and upload it later. See Uploading the license.

  21. Use the following command to boot the instance:
  22. nova boot --config-drive true --image <image_name> --flavor <flavor_name> --user-data <config_file> --file license=<fweb_license> --nic net-id=<network_id> --block-device-mapping vdb=<volume_id> <instance_name>

    where:

    --config-drive true enables OpenStack to write metadata to a special configuration drive that it attaches to the instance when it boots

    <image_name> is the name of the FortiWeb-VM KVM image you uploaded earlier

    <flavor_name> is the OpenStack flavor you configured earlier that specifies the size of the instance

    <config_file> is the name and path of the initial configuration file you created earlier. It is the booting CLI configuration that FortiWeb uses. You can use this file for some public initialization configuration that scales the deployment.

    <fweb_license> is the name and path of the FortiWeb license file

    <network_id> is the ID of public network you created earlier for the instance to use

    <volume_id> is the ID of the volume you created earlier to use as the FortiWeb log disk

    <instance_name> is the name for the instance

    For example (the image and the instance are both named cloud-init-test):

    nova boot --config-drive true --image cloud-init-test --flavor 325f4fec-700e-489f-a340-62a705cc6e30 --user-data /home/openstack/lmy/user_data --file license=/home/openstack/lmy/lic/FVVM080000059890.lic --nic net-id=1146eb20-8828-45d3-a8a2-622276d344e4 --block-device-mapping vdb=a4e7fe15-2d20-4090-adae-c85136fd87cf cloud-init-test

  23. OpenStack returns a table that allows you to confirm the instance configuration.

  24. Use the CLI command nova list to display the status of the instance and the IP address it was assigned.


  25. Use Telnet or SSH to connect to the instance to confirm the initial configuration and that the license file has been uploaded to the FortiWeb.

  26. Continue with the appliance configuration using the CLI or access the web UI using the assigned IP address (example, using https://10.200.71.175). For complete configuration information, see the FortiWeb Administration Guide.