Installing vSRX with KVM

 

You use virt-manager or virt-install to install vSRX VMs. See your host OS documentation for complete details on these packages.

Note

To upgrade an existing vSRX instance, see Migration, Upgrade, and Downgrade in the vSRX Release Notes.

Installing vSRX with virt-manager

You can install and launch vSRX with the KVM virt-manager GUI package.

Ensure that sure you have already installed KVM, qemu, virt-manager, and libvirt on your host OS. You must also configure the required virtual networks and storage pool in the host OS for the vSRX VM. See your host OS documentation for details.

To install vSRX with virt-manager:

  1. Download the vSRX QCOW2 image from the Juniper software download site.
  2. On your host OS, type virt-manager. The Virtual Machine Manager appears. See Figure 1.Note

    You must have admin rights on the host OS to use virt-manager.

    Figure 1: virt-manager
    virt-manager
  3. Click Create a new virtual machine as seen in Figure 2. The New VM wizard appears .
    Figure 2: Create a New Virtual Machine
    Create a New Virtual Machine
  4. Select Import existing disk image, and click Forward.
  5. Browse to the location of the downloaded vSRX QCOW2 image and select the vSRX image.
  6. Select Linux from the OS type list and select Show all OS options from the Version list.
  7. Select Red Hat Enterprise Linux 7 from the expanded Version list and click Forward.
  8. Set the RAM to 4096 MB and set CPUs to 2. Click Forward.
  9. Set the disk image size to 16 GB and click Forward.
  10. Name the vSRX VM, and select Customize this configuration before install to change parameters before you create and launch the VM. Click Finish. The Configuration dialog box appears.
  11. Select Processor and expand the Configuration list.
  12. Select Copy Host CPU Configuration.
  13. Set CPU Feature invtsc to disabled on CPUs that support that feature. Set vmx to require for optimal throughput. You can optionally set aes to require for improved cryptographic throughputNote

    If the CPU feature option is not present in your version of virt-manager, you need start and stop the VM once, and then edit the vSRX VM XML file, typically found in /etc/libvirt/qemu directory on your host OS. Use virsh edit to edit the VM XML file to configure <feature policy='require' name='vmx'/> under the <cpu mode> element. Also add <feature policy='disable' name='invtsc'/> if your host OS supports this CPU flag. Use the virsh capabilities command on your host OS to list the host OS and CPU virtualization capabilities.

    The following example shows the relevant portion of the vSRX XML file on a CentOS host:

  14. Select the disk and expand Advanced Options.
  15. Select IDE from the Disk bus list.
  16. Select the NIC, and select virtio from the Device model field. This first NIC is the fpx0 (management) interface for vSRX.
  17. Click Add Hardware to add more virtual networks, and select virtio from the Device model list.
  18. Click Apply, and click x to close the dialog box.
  19. Click Begin Installation. The VM manager creates and launches the vSRX VM.
Note

The default vSRX VM login ID is root with no password. By default, if a DHCP server is on the network, it assigns an IP address to the vSRX VM.

Installing vSRX with virt-install

The virt-install and virsh tools are CLI alternatives to installing and managing vSRX VMs on a Linux host.

Ensure that sure you have already installed KVM, qemu, virt-install, and libvirt on your host OS. You must also configure the required virtual networks and storage pool in the host OS for the vSRX VM. See your host OS documentation for details.

Note

You must have root access on the host OS to use the virt-install command.

To install vSRX with virt-install:

  1. Download the vSRX QCOW2 image from the Juniper software download site.
  2. On your host OS, use the virt-install command with the mandatory options listed in Table 1.Note

    See the official virt-install documentation for a complete description of available options.

    Table 1: virt-install Options

    Command Option

    Description

    --name name

    Name the vSRX VM.

    --ram megabytes

    Allocate RAM for the VM, in megabytes.

    --cpu cpu-model, cpu-flags

    Enable the vmx feature for optimal throughput. You can also enable aes for improved cryptographic throughput.

    Note: CPU flag support depends on your host OS and CPU.

    Use virsh capabilities to list the virtualization capabilities of your host OS and CPU.

    --vcpus number

    Allocate the number of vCPUs for the vSRX VM.

    --disk path

    Specify disk storage media and size for the VM. Include the following options:

    • size=gigabytes

    • device=disk

    • bus=ide

    • format=qcow2

    --os-type os-type

    --os-variant os-type

    Configure the guest OS type and variant.

    --import

    Create and boot the vSRX VM from an existing image.

    The following example creates a vSRX VM with 4096 MB RAM, 2 vCPUs, and disk storage up to 16 GB:

    hostOS# virt-install --name vSRXVM --ram 4096 --cpu SandyBridge,+vmx,-invtsc --vcpus=2 --arch=x86_64 --disk path=/mnt/vsrx.qcow2,size=16,device=disk,bus=ide,format=qcow2 --os-type linux --os-variant rhel7 --import

The following example shows the relevant portion of the vSRX XML file on a CentOS host:

Note

The default vSRX VM login ID is root with no password. By default, if a DHCP server is on the network, it assigns an IP address to the vSRX VM.