2020.06.13 – Install EVE-NG as Bare Hardware Server

Posted on by

Importamt information:

Note: This article does not contain all information for different situations. It contains the information for mine use only. I will update this article till I finish all installation.

1.. EVE System Requirements

1.1. EVE-NG requires:

  • Intel CPU VT-x/EPT
  • Ubuntu Xenial Xerus 16.04.X LTS 64bit (suggested with any processors). (Ubuntu 18 and 19 are not supported due it still not have all necessary libs for EVE)

1.2. NOT Officially supported or have issues:

  • VIRTUAL BOX DOESN’T SUPPORT HW ACCELERATION !!! AVOID USING IT !!!! 
  • Hyper-V, Promox and XEN Citrix are not officially supported.
  • Azure cloud is not officially supported, because Azure overwrite kernel for EVE VM, and do not accept custom Kernels for VM Machines.
  • AWS cloud is not officially supported due issues with sub-virtualization. It has issues to run Qemu nodes.

Note: As EVE-NG is installed directly on physical hardware, without a hypervisor, using the provided ISO image, this is referred to as a “bare metal” install and is the most recommended method of installing EVE-NG.

2.. Hardware Requirements and Use for EVE

2.1. Dedicated Server (bare) System Requirements

CPU: Intel Xeon CPU supporting Intel® VT-x with Extended Page Tables (EPT) Operation System: Ubuntu Server 16.04.4 LTS x64

  • CPU: Recommended CPU Intel E5-2650v3 (40 Logical processors) or better supporting Intel® VT-x with Extended Page Tables (EPT) Minimum CPU is any Intel Xeon CPU supporting Intel® VT-x with Extended Page Tables (EPT)
  • RAM: 128 Gb
  • HDD: 2 Tb
  • Space Network: LAN Ethernet

2.2. Hardware I bought to use

-> Monitor LED Sell from eMAG: www.emag.ro

Photo 1

-> Keyboard Kit + Mouse A + K1 Kandaon, Black from eMAG: www.emag.ro

Photo 2

-> DELL Precision T7910 Workstation from Server Config: www.server-config.ro

Photo 3

Content:

Photo 4

Photo 5

3.. Static IP on ONT/Router HG8247U

Note: This is what I have in my house in this moment of creating this page. HG8247U is an old version that I use but on internet I found specification for HG8247H version and seems the same and helped me.

Informations here: https://hg8245h.wordpress.com/2015/12/14/how-to-assign-static-ip-address-on-hg8245h/

Many people prefer to have static internal IP address rather than some random numbers allocated by the DHCP server. Two ways to accomplish that, either assign a static IP directly in your computer network settings or use IP reservation which is the preferred way of doing it.

Testing: I have configured an Manual IP Address for iMac. From iMac I ping all Its from devices I have in house like iPad or BOSE SoundLinks and it is OK.

It si required and I decide to configure Static IP directly into

  • DELL / Ubuntu: 192.160.100.50/24
  • EVE-PRO 192.168.100.51/24

4.. Bare Hardware Server Ubuntu and EVE Installation

4.1. Download and prepare for installation

Note: I use iMac, USB SuperDrive and totally new DVDs..

Download the Ubuntu and EVE-PRO :

  • Download Ubuntu Server 16.04.6 LTS ISO image: ubuntu-16.04.6-server-amd64.iso
  • Download EVE-PRO: EVE-PRO.iso
  • Not mandatory Copy paste from Downloads to Dropbox

Create installation 2 separate DVDs:

  • Insert DVD to USB SuportDrive
  • Find ubuntu-16.04.6-server-amd64.iso, > right click > Burn Disk Image
  • Burn Disk in: Apple SupertDrice > click Burn
  • Wait few minutes to finish and automatically Eject Disk

4.1. Invalid partition table! error

  • PowerOn Dell Precision without Operation System possible to get a message like Invalid partition table!
  • Install Ubuntu Server as in the next step, 4.2. Ubuntu Server Installation
  • PowerOn Dell Precision will using a tutorial: https://www.youtube.com/watch?v=BdLLjohm7_8
    • Press F2
    • Go to Settings > General > Boot Sequence
    • Select UEFI > click Apply > Exit
  • Noe Dell Precision PowerOn normally in Ubuntu

4.2. Ubuntu Server Installation

Note: Internet is reachable from mine Dell Precision. EVE ISO installation requires internet access to get updates and install the latest EVE-PRO version from the EVE-NG repository. DNS must work as well. To check it, do a named ping, for example ping www.google.com.

4.2.1. Ubuntu Server Installation Phase 1

All details step by step is in EVE-PRO Book: https://www.eve-ng.net/index.php/documentation/professional-cookbook/

Sume help here: https://www.itzgeek.com/how-tos/mini-howtos/change-default-network-name-ens33-to-old-eth0-on-ubuntu-16-04.html

4.2.2 EVE Professional Installation Phase 2

All details step by step is in EVE-PRO Book: https://www.eve-ng.net/index.php/documentation/professional-cookbook/

4.2.3 EVE Professional Installation Phase 3

All details step by step is in EVE-PRO Book: https://www.eve-ng.net/index.php/documentation/professional-cookbook/

4.3. EVE Management IP Address setup

All details step by step is in EVE-PRO Book: https://www.eve-ng.net/index.php/documentation/professional-cookbook/

5. Login to the EVE WEB GUI

Note: In MacBook Pro I use Firefox application as it is impossible to use Safari

Login to the EVE management UI: https://192.168.100.51/
Default user access:
User: admin Password: eve

6. EVE-NG Professional Licensing

You can move the having license from existing EVE-PRO (I have one in MacBook Pro > VMware Fusion) to a new installed EVE-PRO.

All details step by step is in EVE-PRO Book: https://www.eve-ng.net/index.php/documentation/professional-cookbook/

This was all about installation!

Installation Note:

!!! Appears a new version EVE-PRO to use to install.

  • Till now you can install EVE-PRO
    • Starting to install Ubuntu 16.04 using a DVD.
    • After this installation it was mandatory to make sure to have active internet connection
    • Internet connectivity helps to install and upgrade EVE-PRO.iso
  • In 26.06.2020, appears a new version of EVE-PRO, 3.1.
    • Now you have to download EVE-Bionic-Pro.iso that contains both Ubuntu 18.04.4 and EVE-Pro 3.1
      • Till 26.06.2020 was impossible to use Ubuntu 18.04.4. Version 16.04 was mandatory to be used
    • Create a DVD
    • And install both, Ubuntu and EVE-PRO, more easier
    • The document with all details about installation and usage of EVE-PRO is updated to version EVE-COOK-BOOK-3.1-2020.pdf.

Note: All Photos are here: https://photos.app.goo.gl/XXvWYB8d2qheu5bj7

2020.05.13 – Install Juniper vMX into ESXi 6.7.0

Posted on by

Software for this installation:

  • MacBook PRO with 16GB hardware of RAM 
  • VMware Fusion 11.5.1
  • VMware vSphere Hypervisor (a.k.a. ESXi 6.7.0 ISO) Installed and configure with 4 CPUs and 8 GB RAM.

Reference tutorial: https://www.juniper.net/documentation/en_US/vmx/topics/topic-map/vmx-installing-on-vmware.html

Tony helped me a lot. He is the one that also publish a lot of useful article in his blog GRASPINGTECH

Maximum Minimum Hardware Requirements for VMware

A. Number of cores

  • Note: Performance mode is the default mode and the minimum value is based on one port.
    • For lite mode: Minimum of 4
      • 1 for VCP
      • 3 for VFP
    • Note: If you want to use lite mode when you are running with more than 3 vCPUs for the VFP, you must explicitly configure lite mode.

B. Memory

  • Note: Performance mode is the default mode.
    • For lite mode: Minimum of 3 GB
      • 1 GB for VCP
      • 2 GB for VFP

C. Storage

  • Local or NAS
  • Each vMX instance requires 44 GB of disk storage
  • Minimum storage requirements:
    • 40 GB for VCP
    • 4 GB for VFP

vMX Package Contents

  • Software image file for VCP: ova/vcp_20.1R1.11.ova
  • Software image file for VFP: ova/vfpc_20.1R1.11.ova

Configuration

Step 1. Download the vMX software package for VMware: vmx-bundle-esxi-20.1R1.11.tar

  • From the vMX page 
  • Uncompress the package in a location accessible in MacBook Pro

Step 2. Launch the VMware ESXi server, esxi00.silvique.ro, and log in to the server with your credentials.

Step 3. If using Dropbox make sure the files needed are totally active

  • Right – click on the ova folder inside vm-esxi/ova
  • Click Smart Sync > Local

Step 4. Setting Up the Network

In VMware ESXi, to set up the different networks for management (br-ext), internal connection of the VMs (br-int), and WAN ports for data:

  • Enter VMware ESXi using Firefox

4.1. Virtual Switch Configuration

  • Click Networking > Virtual Switch > Add Standard virtual switch
  • 1. Configure vSwitch Name: vmnic1
    • MTU 1500
    • Uplink 1: vmnic1
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept
  • 2. Configure vSwitch Name: vmnic2
    • MTU 1500
    • Uplink 1: vmnic2
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept
  • 3. Configure vSwitch Name: Internal.vMX
    • MTU 1500
    • Uplink 1: delete
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept

4.2. Port groups Configuration

  • Click Networking > Port groups > Add Standard port group
  • 1. Configure Name: br-ext.vMX
    • VLAN ID: 0
    • Virtual Switch: vmnic1
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept
  • 2. Configure Name: br-int.vMX
    • VLAN ID: 0
    • Virtual Switch: Internal.vMX
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept
  • 3. Configure Name: p2p1-ge.vMX
    • VLAN ID: 0
    • Virtual Switch: vmnic2
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept
  • 4. Configure Name: p2p2-ge.vMX
    • VLAN ID: 0
    • Virtual Switch: vmnic2
    • Security Accept to all:
      • Promiscuous mode: Accept
      • Mac address changes: Accept
      • Forged transmits: Accept

4.3. Note: I made a discovery opening vMX in SSH using ssh root@172.25.11.3 command

murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@172.25.11.3
Password:
Last login: Fri May 15 00:30:49 2020
--- JUNOS 20.1R1.11 Kernel 64-bit  JNPR-11.0-20200219.fb120e7_buil
root@vMX:~ # cli
root@vMX> show interfaces terse | match ge- 
ge-0/0/0                up    up
ge-0/0/0.16386          up    up  
ge-0/0/1                up    up
ge-0/0/1.16386          up    up  
ge-0/0/2                up    down
ge-0/0/2.16386          up    down
ge-0/0/3                up    down
ge-0/0/3.16386          up    down
ge-0/0/4                up    down
ge-0/0/4.16386          up    down
ge-0/0/5                up    down
ge-0/0/5.16386          up    down
ge-0/0/6                up    down
ge-0/0/6.16386          up    down
ge-0/0/7                up    down
ge-0/0/7.16386          up    down
ge-0/0/8                up    down
ge-0/0/8.16386          up    down
ge-0/0/9                up    down
ge-0/0/9.16386          up    down

Only ge-0/0/0 and ge-0/0/1 are up up. All other networks are up down. You have to create other Port group networks to put more in up up. For example, the total number o network creation in VM is p2p3-ge.vMX to maximum p2p8-ge.vMX

root@vMX> show interfaces terse | match ge-    
ge-0/0/0                up    up
ge-0/0/0.16386          up    up  
ge-0/0/1                up    up
ge-0/0/1.16386          up    up  
ge-0/0/2                up    up
ge-0/0/2.16386          up    up  
ge-0/0/3                up    up
ge-0/0/3.16386          up    up  
ge-0/0/4                up    up
ge-0/0/4.16386          up    up  
ge-0/0/5                up    up
ge-0/0/5.16386          up    up  
ge-0/0/6                up    up
ge-0/0/6.16386          up    up  
ge-0/0/7                up    up
ge-0/0/7.16386          up    up  
ge-0/0/8                up    down
ge-0/0/8.16386          up    down
ge-0/0/9                up    down
ge-0/0/9.16386          up    down

! At the moment I do not know how to make all ge interfaces, including ge-0/0/8 and ge-0/0/9, up up. I will search a solution when I will needed.

Step 5. Deploying the VCP VM

To deploy the VCP VM using .ova files:

  • Enter VMware ESXi using Firefox
  • Click Virtual Machine > Create/ Register VM
  • Select create type: click Deploy a virtual Machine for an OVF to OVA file and Next
  • Select OVF and VMDK files:
    • Name: vMX-vVCP_20.1R1.1
    • File: vcp_20.1R1.11.ova
    • Click Next
  • Select storage: ESXi00.datastore1 and Next
  • Untag Power on automatically end Next
  • Click Finish

Step 6. Deploying the FPC VM

To deploy the FPC VM using .ova files:

  • Enter VMware ESXi using Firefox
  • Click Virtual Machine > Create/ Register VM
  • Select create type: click Deploy a virtual Machine for an OVF to OVA file and Next
  • Select OVF and VMDK files:
    • Name: vMX-vFPC_20.1R1.1
    • File: vfpc_20.1R1.11.ova
    • Click Next
  • Select storage: ESXi00.datastore1 and Next
  • Untag Power on automatically end Next
  • Click Finish

After you have deployed the vVCP and vFPC VMs, you can modify the amount of memory, the number of vCPUs, and the number of WAN (here vmnic2) ports.

Step 7. Settings for the vVCP VM

  • CPU: 1
  • Memory: 1024 MB
  • Network Adapter 1: br-ext.vMX
    • Adapter Type: E1000
  • Network Adapter 2: br-int.vMX
    • Adapter Type: E1000

Step 8. Settings for the vFPC VM

  • CPU: 3
  • Memory: 2048 MB
  • Network Adapter 1: p2p1-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 2: p2p2-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 3: br-ext.vMX
    • Adapter Type: E1000
  • Network Adapter 4: br-int.vMX
    • Adapter Type: E1000

Not mandatory but you can add more networks:

  • Network Adapter 5: p2p3-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 6: p2p4-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 7: p2p5-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 8: p2p6-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 9: p2p7-ge.vMX
    • Adapter Type: VMXNET 3
  • Network Adapter 10: p2p8-ge.vMX
    • Adapter Type: VMXNET 3

Step 9. Launching vMX on VMware

Now you are ready to launching vMX on VMware. The firs basic configuration is the following:

[edit]
root@silvia# show 
## Last changed: 2020-01-17 04:53:09 UTC
version 20.1R1.11;
system {
    host-name vMX;
    root-authentication {
        encrypted-password "your_passord"; ## SECRET-DATA
    }
    login {
        class c1only {
            logical-system C1;
            permissions all;
        }
        class c2only {
            logical-system C2;
            permissions all;
        }
        class c3only {
            logical-system C3;
            permissions all;
        }
        class c4only {
            logical-system C4;
            permissions all;
        }
        class r1only {
            logical-system R1;
            permissions all;
        }
        class r2only {
            logical-system R2;
            permissions all;
        }
        class r3only {
            logical-system R3;
            permissions all;
        }
        class r4only {
            logical-system R4;
            permissions all;
        }
        class r5only {
            logical-system R5;
            permissions all;
        }
        class r6only {
            logical-system R6;
            permissions all;
        }
        class r7only {
            logical-system R7;
            permissions all;
        }
        user class01 {
            uid 2001;
            class c1only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }                           
        }
        user class02 {
            uid 2002;
            class c2only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user class03 {
            uid 2003;
            class c3only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user class04 {
            uid 2004;
            class c4only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos01 {
            uid 2023;
            class r1only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos02 {
            uid 2024;
            class r2only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos03 {
            uid 2223;
            class r3only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos04 {
            uid 2224;
            class r4only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos05 {
            uid 2225;
            class r5only;               
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos06 {
            uid 2226;
            class r6only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
        user junos07 {
            uid 2227;
            class r7only;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }


        user vMX {
            full-name "Silvia Murgescu";
            uid 2000;
            class super-user;
            authentication {
                encrypted-password "your_passord"; ## SECRET-DATA
            }
        }
    }
    services {
        ssh {
            root-login allow;
            protocol-version v2;
        }
    }
    syslog {
        user * {
            any emergency;
        }
        file messages {
            any notice;
            authorization info;
        }
        file interactive-commands {
            interactive-commands any;
        }
    }
    processes {
        dhcp-service {
            traceoptions {
                file dhcp_logfile size 10m;
                level all;
                flag all;
            }
        }
    }
}
logical-systems {
    C1;
    C2;
    C3;
    C4;                                 
    R1;
    R2;
    R3;
    R4;
    R5;
    R6;
    R7;
    Source;
    Receiver;
}
chassis {
    fpc 0 {
        pic 0 {
            tunnel-services {
                bandwidth 10g;
            }
            interface-type ge;
            number-of-ports 8;
        }
        lite-mode;
    }
    network-services enhanced-ip;
}
interfaces {
    ge-0/0/0 {
        vlan-tagging;
    }
    ge-0/0/1 {
        vlan-tagging;
    }
    ge-0/0/2 {
        vlan-tagging;
    }
    ge-0/0/3 {
        vlan-tagging;
    }
    ge-0/0/4 {
        vlan-tagging;
    }
    ge-0/0/5 {
        vlan-tagging;
    }
    ge-0/0/6 {
        vlan-tagging;
    }
    ge-0/0/7 {
        vlan-tagging;
    }
    fxp0 {
        unit 0 {
            description For_SSH_Connection;
            family inet {
                address 172.25.11.3/24;
            }
        }
    }                                   
}

Note: The 172.25.11.1 IP or 172.25.11.2 IP not working to open/run vMX in MacBook Pro Terminal application. I have tried and works if configure IP 172.25.11.3/24.

To copy and paste a config from a text file. Use the CTRL-D or ^D option to exit the terminal mode and return to the firewall prompt. 

[edit]
root@vMX# load replace terminal
-> Copy and Paste here

CTRL-D

[edit] 
root@SRX# commit

NOTE: If interfaces connectivity and communication is needed, into Port Groups include VLAN ID 6095.

Below is an example: two logical-systems with 2 difference interfaces, ge-0/0/1.12 and ge-0/0/5.12 and the ping command for testing works

Click for Photo here: https://photos.app.goo.gl/p8gu1wznpspUi4EU9

2020.05.12 – Problem and solution for Virtual Network in VMware Fusion and ESXi

Posted on by

Info details of the problem

VM with allowed network NAT

[root@esxi00:~] ping yahoo.com
getaddrinfo() for "yahoo.com" failed (-3: Temporary failure in name resolution)

VM with Share with my MAC

WAN -> em0 -> DHCP: 192.168.100.128
LAN -> em1 -> 10.1.1.251
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@192.168.100.128
ssh: connect to host 192.168.100.128 port 22: Host is down
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@192.168.100.128
ssh: connect to host 192.168.100.128 port 22: Operation timed out
[2.4.5-RELEASE][root@pfSense.silvique.ro]/root: ping yahoo.com
PING yahoo.com (98.138.219.232): 56 data bytes
ping: sendto: No route to host
...

Sometime work sometime does not work ….

Step 1. Reading VMware documentation to trying to solve the problem:

From here https://kb.vmware.com/s/article/2009642?lang=en_US I’ve dome this and restart the MacBook PRO :

sudo rm -f "Library/Preferences/VMware Fusion/networking"
sudo rm -f "Library/Preferences/VMware Fusion/locations"
sudo "/Applications/VMware Fusion.app/Contents/Library/vmnet-cli" -c

The problem is still there. Not solve it!

Step 2 . Ideas receive from a fried and apply it => Solved the problem! OK!!

Change network from 10.1..1.251 to 10.1.1.2 and very and test Internet connection

2.0. Make sure pfSense is powered pff

2.1. Inside ESXi terminal

 [root@esxi00:~] esxcfg-route 
VMkernel default gateway is 10.1.1.2


[root@esxi00:~] esxcli network ip dns server list
   DNSServers: 10.1.1.2


[root@esxi00:~] ping google.com
PING google.com (216.58.212.142): 56 data bytes
64 bytes from 216.58.212.142: icmp_seq=0 ttl=128 time=52.287 ms
64 bytes from 216.58.212.142: icmp_seq=1 ttl=128 time=53.458 ms
64 bytes from 216.58.212.142: icmp_seq=2 ttl=128 time=53.811 ms


--- google.com ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 52.287/53.185/53.811 ms


[root@esxi00:~] 

2.2. For internal CentOS VM inside ESXi_00 I change external ip to 10.1.1.50/25 and 10.1.1.2 and it works OK.

2.3. For pfSense in Vmware Fusion I do not modify anything, but ping works ok.

All are connected to Network > Custom > Allow using NAT

2020.05.7 – Problem and solution for increasing the size of a ESXi virtual disk

Posted on by

Problem: Increase the size of a ESXi Virtual Disk

I wasn’t able to find a solution and mad it work!

Thing an other solution:

Step 1. Migrate a Virtual Machine to New Storage in the vSphere Web Client

Procedure on vCenter:

  1. Right-click the virtual machine from ESXI00.datastore.1 and select Migrate
  2. Click Change storage only and click Next
  3. Select the format for the virtual machine’s disks
    1. Same format as source
  4. Select a virtual machine storage policy from the VM Storage Policy drop-down menu: ESXi00.datastore.2
  5. On the Ready to complete page, review the details and click Finish.

Step 2. Remove a Virtual Hard Disk from a Virtual Machine

Now imposible to power on!

The solution is to install a new ESXi and all VM that I’ve lost!

2020.05.6 – Install CentOS 8 Server on VMware ESXi

Posted on by

This page inspire me: https://linuxhint.com/install_centos8_vmware_esxi_server/

Note: This version is without GUI. If needed chose Server with GUI.

The inspiration is very good. I have some differences and I will put here.

Difference:

  • Install into MacBook Pro > VMware Fusion > VMware ESXi
  • Click ESXi web client > Datastore browser > Create directory with name CentOS
  • Different Hard Disk and Network Adapter
  • Host Name: CentOS
  • Tipe and Data: for Romania
  • Username: silvia and mine password
  • Include also Root password

All other are exactly as in the helping blog.

2020.05.5 – Problem and Solution for License when Include ESXi into vSphere

Posted on by

Note: All Photo are here: https://photos.app.goo.gl/4imySjhfS4ggDgQt6

Theoretically:

  • There are 6 license for 6 ESXi and 2 license for vCenter
  • Maximum 3 ESXi can be included into vCenter
    • Introducing into vCenter the ESXi I power on and use in that moment and need vCenter help for configuration

The License show Usage 4 CPUs and Capacity 6 CPUs

Photo 1

VM ESXi esxi00.silvique.ro has Evaluation License

Photo 2

When open Assign License show it is possible because the Usage 4 CPUs and Capacity 6 CPUs

Photo 3

Choose ESXi Licensing. Then the Usage change to 8 CPUs and impossible to click OK

Photo 4

Important information:

The License is based on 6 CPUs capacity NOT on 6 ESXi VM.

If you use ESXi’s with 2 CPUs then you can do this using maximum of 3 ESXi’s meaning a total of 6 CPUs capacity for the license. If you want to use ESXi with 4 CPUs, then a licence accepts only one ESXi with 2 CPUs.

Now it is more clear for me!

Note: All Photo are here: https://photos.app.goo.gl/4imySjhfS4ggDgQt6

2020.05.5 – Problem and Solution with Adding ESXi host in vSphere Client

Posted on by

Note: All photo are here: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

I have a problem with Adding ESXi host into vSphere Client. 

Cannot contact the specified host (esxi00.silvique.ro). The host may not be available on the network, a network configuration problem may exist, or the management services on this host may not be responding.
  • I need to put ESXi into vSpare to install a new VM as I do not find solution of installation into ESXi. But if I insert esxi00 into vSphere using the IP, I can not install VM. So I want to insert esxi00.silvique.ro base on its name to try to install Junos Spare.
    • I thought it is fw problem, so I install it into esxi00 and powered on.

Proto 1: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

Proto 2: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

Proto 3: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

  • What can I do to insert esxi00.silvique.ro into vShere?

Ideas and solution

1. Check to see if you can ping the hostname from the vCenter appliance.

vCenter and ESXi from MacBook

murgescusilvia@Murgescus-MacBook-Pro ~ % ping 10.1.1.101
PING 10.1.1.101 (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.336 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.598 ms
64 bytes from 10.1.1.101: icmp_seq=2 ttl=64 time=0.496 ms
64 bytes from 10.1.1.101: icmp_seq=3 ttl=64 time=0.217 ms
^C
--- 10.1.1.101 ping statistics ---
4 packets transmitted, 4 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.217/0.412/0.598/0.146 ms

murgescusilvia@Murgescus-MacBook-Pro ~ % ping vc01      
PING vc01.silvique.ro (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.403 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.623 ms
64 bytes from 10.1.1.101: icmp_seq=2 ttl=64 time=0.456 ms
^C
--- vc01.silvique.ro ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.403/0.494/0.623/0.094 ms

murgescusilvia@Murgescus-MacBook-Pro ~ % ping vc01.silvique.ro
PING vc01.silvique.ro (10.1.1.101): 56 data bytes
64 bytes from 10.1.1.101: icmp_seq=0 ttl=64 time=0.355 ms
64 bytes from 10.1.1.101: icmp_seq=1 ttl=64 time=0.881 ms
^C
--- vc01.silvique.ro ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.355/0.618/0.881/0.263 ms

murgescusilvia@Murgescus-MacBook-Pro ~ % ping 10.1.1.10       
PING 10.1.1.10 (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.517 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.389 ms
^C
--- 10.1.1.10 ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.389/0.453/0.517/0.064 m
s
murgescusilvia@Murgescus-MacBook-Pro ~ % ping esxi00   
PING esxi00.silvique.ro (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.315 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.513 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=0.325 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.315/0.384/0.513/0.091 ms

murgescusilvia@Murgescus-MacBook-Pro ~ % ping esxi00.silvique.ro
PING esxi00.silvique.ro (10.1.1.10): 56 data bytes
64 bytes from 10.1.1.10: icmp_seq=0 ttl=64 time=0.385 ms
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.709 ms
^C
--- esxi00.silvique.ro ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.385/0.547/0.709/0.162 ms

ESXi00 from vCenter

murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@vc01.silvique.ro
…..

Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=1.01 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.11 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=1.29 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.978 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms
rtt min/avg/max/mdev = 0.978/1.101/1.299/0.124 ms
 
Command> ping esxi00
ping: unknown host esxi00


Command> ping esxi00.silvique.ro
ping: unknown host esxi00.silvique.ro

2. If you cant you can either edit the host file on the vcenter machine

2.1. SSH’d into the vCenter using Terminal

Last login: Tue May  5 07:19:26 on ttys006
murgescusilvia@Murgescus-MacBook-Pro ~ % ssh root@vc01.silvique.ro

Command> ls /etc/
Unknown command: `ls'
Command> cd etc
Unknown command: `cd'

Command> shell
Shell access is granted to root

root@10 [ ~ ]# 

2.2. Navigated to the host files directory

  • cd /
  • cd etc
  • ls (this list everything in the directory)
root@10 [ ~ ]# cd ..
root@10 [ ~ ]# cd /etc

2.3. Used vim to edit the file:

  • vim hosts
root@10 [ /etc ]# vim hosts

2.4. Added the name and the IP that I wanted to be tied together.

  • xxx.xxx.xxx.xxx name.domain name
# Begin /etc/hosts (network card version)


127.0.0.1   localhost.localdomain
127.0.0.1       localhost
10.1.1.101 10.1.1.101 10
10.1.1.10  esxi00.silvique.ro  esxi00
# End /etc/hosts (network card version)

2.5. Exited vi (vi automatically saves the file when you leave unless specified to not save when you leave.)

  • To exit and save type                ESC + : x or ESC + : wq
  • To exit without saving type        Esc + : q!
Esc 
:wq

2.6. Now test it using the Ping command.

  • ping name 
Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.687 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=0.512 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=1.03 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.883 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3002ms
rtt min/avg/max/mdev = 0.512/0.780/1.039/0.199 ms

Command> ping esxi00.silvique.ro
ping: unknown host esxi00.silvique.ro
Command> ping 10.1.1.10
PING 10.1.1.10 (10.1.1.10) 56(84) bytes of data.
64 bytes from 10.1.1.10: icmp_seq=1 ttl=64 time=0.663 ms
64 bytes from 10.1.1.10: icmp_seq=2 ttl=64 time=1.03 ms
64 bytes from 10.1.1.10: icmp_seq=3 ttl=64 time=0.790 ms
64 bytes from 10.1.1.10: icmp_seq=4 ttl=64 time=0.719 ms
^C
--- 10.1.1.10 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 0.663/0.802/1.038/0.145 ms
Command> ping esxi00.silvique.ro
PING esxi00.silvique.ro (10.1.1.10) 56(84) bytes of data.
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=1 ttl=64 time=0.385 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=2 ttl=64 time=0.539 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=3 ttl=64 time=0.668 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2000ms
rtt min/avg/max/mdev = 0.385/0.530/0.668/0.118 ms

Command> ping esxi00
PING esxi00.silvique.ro (10.1.1.10) 56(84) bytes of data.
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=1 ttl=64 time=0.388 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=2 ttl=64 time=0.581 ms
64 bytes from esxi00.silvique.ro (10.1.1.10): icmp_seq=3 ttl=64 time=0.599 ms
^C
--- esxi00.silvique.ro ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1998ms
rtt min/avg/max/mdev = 0.388/0.522/0.599/0.099 ms

Solution photos

Proto 4: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

Proto 5: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

An other idea: Or add the host to the dnsresolver on the pfsense firewall. When using the firewall, the vcenter machine needs to have the IP of the firewall as it’s gateway and dns server. 

It seems I don’t this idea now …

All proto: https://photos.app.goo.gl/hjpy75LpmuJVA8Ed7

2020.05.4 – Problem and solution for ESXi: Failed to create virtual machine vm. The operation is not allowed in the current state

Posted on by

Note: All Photo are here: https://photos.app.goo.gl/ds5k8RNSxJyDq4gG6

I try to install VM into the VMware ESXi.

Before this I have added a new Hard Disk into VMware Fusion end the configure Storage Datastore into VMware ESXi.

Now I want to install a VM and I get an error:

– The vm configuration was rejected. Please see Browser console

Photo 1

– Failed to create virtual machine vm. The operation is not allowed in the current state.

Photo 2

The answer I find on internet including the solution: “check the vmware state.. if it is in maintenance mode means you are not able to create virtual machine… keep the vmware on normal state.”

Photo 3

I solved this problem!!!

Note: All Photo are here: https://photos.app.goo.gl/ds5k8RNSxJyDq4gG6

2020.05.3 – Install Junos Space on VMware Fusion in VMware ESXi

Posted on by

Notes:

Device and Applications:

  • MacBook PRO 15-inch, 16 GB Memory, 2.9 GHz Processor
  • macOS Catalina 10.15.4
  • VMware Fusion 11.5.3
  • VMware ESXi 6.7

Details from reading and learning installation here:

Download Junos Space files

I this moment the last versions:

  • The ova image: space-19.4R1.3.ova
  • The security director: Security-Director-19.4R1.53.img

Overview

You can deploy the Junos Space Virtual Appliance *.ova file on a VMware ESXi server version 5.5, 6.0, or 6.5. Basic I have ESXi 6.7 but into installation step maybe I can modify to 6.0.

After the Junos Space Virtual Appliance is deployed, you can use the VMware vSphere client or Virtual Machine Manager (VMM) to connect to the VMware ESXi server and configure the Junos Space Virtual Appliance.

The minimum hardware requirements for deploying a Junos Space Virtual Appliance are as follows: 

Installing a Junos Space Virtual Appliance on a VMware ESXi Server

Login ESXi, mine name is esxi00. Go to Virtual Machine > Create/Register VM and click Deploy a virtual machine from an OVF or OVA file. Then Next

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Enter a name as jSpace-1-20.1R1.2. I needed an other version to install and I use the name jSpace-2-19.4R1.3. Find in MacBook and chose space-19.4R1.3.ova file. Click Next

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Chose the datastore where jSpace will be installed

  • Note: I have install a new ESXi VM into VMware Fusion with
    • Datastore name: datastre1
    • Capacity: 532 GB
    • Free: 504 GB (as I install CentOS firs)
    • Type: VMFS6

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Please untag the Power on Automatically and you will si way … Click Next

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Verify that all is correctly and click Finish

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Failed to Power On. I mine case some modification have to be done before powering on.

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Down in Recent Tasks you will see and wot to finish to complete. After finished go further.

Go to Virtual Machine > jSpace-1-20.1R1.2. This si default

Virtual Machine > jSpace-2-19.4T1.3

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Click Edit

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

CPU 2, Memory 8 GB meaning 8192 MB, Default Hard Disk is minimal accepted of 500 GB.

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

To be able to finish type 500 GB

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Power on is working now. Go here to get help: https://rtodto.net/how-to-install-junos-space-and-security-director/

You will be asked to enter user and password which are admin and abc123 respectively also for UNIX password.

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Once you entered these, you will be asked to change the password. Choose your new password according to the local instructions. Otherwise you may fail to set a proper password.

[sudo] password for admin: the_configured_password

Press enter and continue

Choose the type of node to be installed [S/F] S
Configuring Eth0:

1) Configure UPv4
2) Configure Both IPv4 and IPv6

R) Redraw Menu

Click 1 and continue

Choice [1-2,R]: 1
Please enter new IPv4 address for interface eth0
172.25.11.109
Please enter new IPv4 subnet mask for interface eth0
255.255.255.0

Enter the default IPv4 gateway as a dotted-decimal IP address:
172.25.11.254

Please type the IPv4 nameservicer address in dotted decimal notation:
8.8.8.8

Configure a separate interface for device management? [y/N] n

Will this Junos Space system be added to an existing cluster? [y/N] n

Web GUI configuration

Configuring IP address for web GUI:

1) Configure IPv4

R) Redraw Menu

Chose [1,R]: 1

Please enter IPv4 Address for web GUI:
172.25.11.100

Do you want to enable NAT service? [y/N] n

Add NTP Server? [y/N] y

Please type the new NTP server: 82.197.221.30

Note: In NTP server you can use also the default IPv4, here meaning 172.25.11.254.

Please enter display name for this node: space2

Enter password for cluster maintenance mode: mine_password
Re-enter password: mine_password

-----

A> Apply settings

-----

Chose [ACQR]: A

Here is an image but all to do list is up

Photo here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

Now you can connect to the box via SSH at its ip 172.25.11.109: 

% ssh admin@172.25.11.109

admin@172.25.11.109's password: the-password

Junos Space Settings Menu
...
7) (Debug) run shell
...

Chose [1-7,AQR]: 7

[sudo] password for admin:
[root@space-000c29cb6706 ~]# ip -4 addr 
1: lo: <LOOPBACK,UP,LOWER_UP> meu 655536 disc no queue state UNKNOWN
  inet 127.0.0.1/8 scope host lo 
2: eth0: <BROUDCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 
  inet 172.25.11.109/24 brd 172.25.11.255 scope global eth0 <---Primary IP 
  inet 172.25.11.100/24 brd 172.25.11.255 scope global secondary eth0:0 <---Secondary GUI IP Address

Now it is time to login to the web UI.

  • Get inside CentOS using the password
  • Open Firefox application
  • Use https://172.25.11.100 to open Junos Space
    • Username: super
    • Password: juniper123
  • Change Temporary Password

Now going to install Security-Director-19.4R1.53.img file.

Security Director

Testing ping in MacBook Pro Terminal

murgescusilvia@Murgescus-MacBook-Pro ~ % ping centos
PING centos.silvique.ro (10.1.1.50): 56 data bytes
64 bytes from 10.1.1.50: icmp_seq=0 ttl=64 time=0.832 ms
64 bytes from 10.1.1.50: icmp_seq=1 ttl=64 time=1.320 ms
64 bytes from 10.1.1.50: icmp_seq=2 ttl=64 time=0.684 ms
c64 bytes from 10.1.1.50: icmp_seq=3 ttl=64 time=0.705 ms
64 bytes from 10.1.1.50: icmp_seq=4 ttl=64 time=0.461 ms
^C
--- centos.silvique.ro ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.461/0.800/1.320/0.286 ms
murgescusilvia@Murgescus-MacBook-Pro ~ %
  • -> Copy the file Security-Director-19.4R1.53.img from MacBook Pro to CentOS using Terminal from MacBook PRO

Not possible to use user name Silvia to update Security-Director-19.4R1.53.img file to CentOS:

murgescusilvia@Murgescus-MacBook-Pro ~ % scp -r /Users/murgescusilvia/Downloads/Security-Director-19.4R1.53.img Silvia@10.1.1.50:~/
Silvia@10.1.1.50's password: 
Permission denied, please try again.
Silvia@10.1.1.50's password: 
Permission denied, please try again.
Silvia@10.1.1.50's password: 
Silvia@10.1.1.50: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
lost connection
murgescusilvia@Murgescus-MacBook-Pro ~ % 

Observation: Maybe it was a mistake using Silvia when I should use silvia.

But is possible to do the same and replace Silvia with root: 

murgescusilvia@Murgescus-MacBook-Pro ~ % scp /Users/murgescusilvia/Downloads/Security-Director-19.4R1.53.img root@10.1.1.50:/
root@10.1.1.50's password: 
Security-Director-19.4R1.53.img                                   37%  523MB  24.5MB/s   00:35 ETA
  • -> Enter in CentOS
  • -> Open Terminal application and use cd .. command many times which goes to the top folder
  • -> From user silvia go to root with command su root
[silvia@CentOS /]$ su root
Password:

[root@CenrOS /]#

-> Copy the Security-Director-19.4R1.53.img file to /home/silvia/Download directory

[root@CenrOS /]# sudo cp Security-Director-19.4R1.53.img /home/silvia/Downloads/Security-Director-19.4R1.53.img

-> Remove file from root

[root@CenrOS /]# sudo rm Security-Director-19.4R1.53.img
[root@CenrOS /]# ls

Ready to use jSpace to deploy the security director.

  • Inside CentOS open Firefox than jSpace using the web IP like https://172.25.11.100
  • Web user is super and the configured password
  • Go to Adminitration -> Applications -> + button meaning Add Application
  • Select Upload via HTTP and upload the Security-Director-19.4R1.53.img
  • Please click on Job ID to new details > OK
  • Once it appears, click install then OK
  • Application Management Job Information: Please logout and log in again after the installation of new application completed successfully. Click on Job ID to new details. > OK
  • It will take a while for the application to be installed. I exit and I will not enter again. Now I take a break to be sure it will be installed after mine break.
  • When it is finished you will see other new applications
    • Application Visibility – new
      • Version 19.4,
      • Release R1,
      • Build 53,
      • Server Group Platform
    • Log Director – new
      • Version 19.4,
      • Release R1,
      • Build 53,
      • Server Group Platform
    • Network Management Platform – exited already
      • Version 19.4,
      • Release R1,
      • Build 3,
      • Server Group Platform
    • NSM Migration
      • Version 19.4,
      • Release R1,
      • Build 53,
      • Server Group Platform
    • Security Director – new
      • Version 19.4,
      • Release R1,
      • Build 53,
      • Server Group Platform
    • Security Director Login and Reporting – new
      • Version 19.4,
      • Release R1,
      • Build 53,
      • Server Group Platform
  • In Administation > Licenses
    • License Type Tryal
    • Sku Mode Trial-license
    • Total License Days 60
    • Remaining Days 60

And here we are! We have installed both space platform and security director. Last but not least I need to recap usernames we have configured so far to avoid any confusion. 

1) admin user: We set this for the Linux shell and default password during the installation is abc123
2) maintenance user: we also set password for this but it is used for special operations. No default password for this. It must be set.
3) super user: this user is used for WEB UI and initial default password is juniper123

All photoare here: https://photos.app.goo.gl/ByoFKzyqe3yLMqHv9

2020.05.2 – Connecting EVE Lab to a physical device

Posted on by

Note: All photo are here: https://photos.app.goo.gl/GVJME61MFbZ6UeRE9

Some help ideas are in EVE professional Cookbook.

A virtual lab that include CentOS is configured in EVE-PRO. The EVE-PRO is configure in VMWare Fusion. VMware Fusion is in MacBook PRO. The idea is to connect virtual CentOS to internet.

Photo: https://photos.app.goo.gl/GVJME61MFbZ6UeRE9

Open VMware Fusion > Click on EVE-PRO virtual machine > Click on Settings…

Create, or select if already created, 3 Network Adapter:

  • Network Adapter > Connect to vSphere network
  • Network Adapter 2 > Connect to vSphere network
  • Network Adapter 3 > Connect to vSphere network

Photo: https://photos.app.goo.gl/GVJME61MFbZ6UeRE9

Into EVE-PRO lab create a new Network type Cloud1 and connect to CentOS. Do not forget to configure the correct IP in CentOS. Details of how I done it are here: 2020.04.30 – CentOS installation into EVE-NG.

The Internet is working now

Photo: https://photos.app.goo.gl/GVJME61MFbZ6UeRE9

I am happy!!!