3.2. Script Based x86 Setup

Home Prev	cOS Core Getting Started Guide for KVM	Next

The creation of a virtual machine on an x86 platform can be automated using a script.

An example script is called prepare.sh is listed in the Clavister Knowledge Base at the following link:

https://kb.clavister.com/332440471

The prepare.sh script is written in bash and is not supported by Clavister. It is provided only as a reference script for cOS Core setup under KVM and it can be freely used, modified or redistributed under the GPL open source license. As far as Clavister is aware, the script is suitable for KVM running under most Linux distributions.

The process for creating a virtual machine using the example script can be summarized as follows:

Run the script prepare.sh. This goes through a series of questions to create an XML definition file for initial configuration of the virtual machine. Another key task performed by the script is to map cOS Core's virtual Ethernet interfaces to networking bridges.

The script will optionally create the virtual machine using the definition file it creates but this step could be done later (see below) if the file is to be first checked and possibly edited.
If the virtual machine was not created when running the script, use the virsh define command later to create the virtual machine with the script created XML file as input:
```
$ virsh define <name_of_def_file>.xml
```

Install bridge-utils or Open vSwitch

Either bridge-utils or Open vSwitch must be installed for networking functions. Both cannot be installed at the same time. If the virtual firewall is going to be part of an HA cluster then Open vSwitch must be installed. However, Open vSwitch can also be used for standalone virtual firewalls.

The prepare.sh script will ask which of the two is installed and configure the networking accordingly.

Detailed Steps for Virtual Machine Definition

Once the Linux system has been set up with the required software installed, the series of steps for creating virtual machine for cOS Core are as follows:

Download the cOS Core distribution package file to a local management computer. The package can be found by logging into the relevant MyClavister account on the Clavister website.

Upload the following files to the Linux computer's disk using the Secure Copy (SCP) protocol and make a note of their location.
1. The cOS Core image file for KVM.
2. The script prepare.sh or a modified version of it.
Many SCP clients are available for doing this. For example, the open source puTTY software.

Open a console to access Linux. Note that the script must be run as root and the script will check that this is the case.

Change the working directory to be the location of the uploaded files then run the script prepare.sh using the command:
```
[root@linux]# ./prepare.sh
```
Optionally, the filename of the cOS Core virtual machine image can also be specified in the command line:
```
[root@linux]# ./prepare.sh <vm_image_filename>
```
When it runs, the script will prompt for the following:
1. The Clavister product: The script can be used with all Clavister's security products. Select cOS Core for this question.
2. The firewall name: The name of the virtual machine and also the name of the XML generated by the script. This is the name that will be displayed when using Virtual Machine Manager.
3. Networking: The administrator must tell the script if bridge-utils or Open vSwitch is being used for networking. If the selected networking package is not detected, the script will terminate.
4. The interface mapping: A default mapping of cOS Core virtual Ethernet interfaces to networking bridges will be performed by the script and displayed. The script will ask if this mapping should be changed, allowing the administrator to select an alternative mapping.
5. Creating the virtual firewall: A virtual machine running cOS Core can be created by the script. If the administrator chooses not to do this, it must be done manually using the virsh utility as described later. A reason not to let the script create the virtual machine is if the XML configuration file is to be checked and possibly altered manually.

After the script completes and if the administrator chose not to create the virtual machine, an XML file will have been created which is then used to create it manually. Assume that the name chosen for the firewall is my_vm. The XML configuration file created by the script will be my_vm.xml. The following Linux command will create the virtual machine:
```
[root@linux]# virsh define my_vm.xml
```
The XML file can be examined and edited manually before this step but it is recommended to make changes later.

Changing the Virtual Machine Configuration

The initial configuration parameters of the virtual machine created will be those specified in the configuration XML file created by the script but these can be changed later as required. For example, the amount of RAM memory allocated may need to be increased. Making these changes on an existing virtual machine is described in Chapter 4, Configuring Virtual Machines.