dokucama

This is an old revision of the document!

---

STEP BY STEP VIRSH INSTALL FOR VMX:
Based on instructions from: https://codingpackets.com/blog/juniper-vmx-vagrant-libvirt-box-install

# Download all images to /data/firmware/
cd /root/vmx-test
vagrant destroy -f
rm -rf /var/lib/libvirt/images/*
rm -rf ~/vagrant/

mkdir -p ~/vagrant/boxes/juniper/vmx
cd ~/vagrant/boxes/juniper/vmx
cp /data/firmware/vmx-bundle-18.2R1.9.tgz .
tar -xvf vmx-bundle-18.2R1.9.tgz

mv vmx-18.2R1.9 vmx
cp vmx/images/junos-vmx-x86-64-17.1R1.8.qcow2 vcp-hda.qcow2
cp vmx/images/vmxhdd.img vcp-hdb.qcow2
cp vmx/images/metadata-usb-re.img  vcp-hdc.img
cp vmx/images/vFPC-20170216.img  vfp-hda.img
virsh net-destroy vmx-int
virsh net-undefine vmx-int

cat > vmx-int.xml
<network>
  <name>vmx-int</name>
  <bridge name='vmx-int' stp='on' delay='0'/>
  <mac address='52:54:00:0c:9f:5c'/>
</network>

virsh net-define vmx-int.xml
virsh net-start vmx-int
virsh net-autostart vmx-int

• Check these 2 links to add adaptive service interfaces si- (for basic-nat44) or for adding vMS-MPC (napt):
  • https://gbe0.com/networking/juniper/vmx/enable-si-interface
  • https://gbe0.com/networking/juniper/vmx/virtual-ms-mpc

cd ~/vagrant/boxes/juniper/vmx
# VCP
virt-install \
    --name vmx-vcp \
    --memory 1024 \
    --vcpus=1 \
    --import \
    --disk path=vcp-hda.qcow2,size=16,bus=ide,format=qcow2 \
    --disk path=vcp-hdb.qcow2,size=1,bus=ide,format=qcow2 \
    --disk path=vcp-hdc.img,size=1,bus=ide,format=raw \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vmx-int,model=virtio \
    --graphics none

cd ~/vagrant/boxes/juniper/vmx         
# VFP
virt-install \
    --name vmx-vfp \
    --memory 4096 \
    --vcpus=8 \
    --import \
    --disk path=vfp-hda.img,size=16,bus=ide,format=raw \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vmx-int,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --network=network:vagrant-libvirt,model=virtio \
    --graphics none

#VCP
root
edit
cli
delete chassis auto-image-upgrade
set system services ssh root-login allow
set system root-authentication plain-text-password   # Juniper
set chassis fpc 0 lite-mode
del interfaces fxp0
set interfaces fxp0 unit 0 family inet dhcp
commit and-quit

request chassis fpc slot 0 restart
restart chassis-control
show chassis fpc 0

show interfaces terse | match fxp0.0  <<< ENABLE DHCP
192.168.121.179
CTRL+Shift+]

ssh root@192.168.121.179
set system login user vagrant uid 2000
set system login user vagrant class super-user
set system login user vagrant authentication encrypted-password "$6$lUoxFIpU$ZiC3/b2UNpGvasntcvkNV4WVDJXBeZ.VqE6yPezbaGOos17vM9BhlTH.LBJb9DZE8fCoBtH0RWNhrbaYpZqxJ/"
set system login user vagrant authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system root-authentication encrypted-password "$1$nq.N1UsY$JxA/ESAj3KuXseXE597gg0"
set system root-authentication ssh-rsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key"
set system host-name vmx
set system services ssh root-login allow
set system services netconf ssh
commit and-quit

ssh vagrant@192.168.121.179 -i ~/.vagrant.d/insecure_private_key
show chassis fpc
request system power-off

# VFP ( credentials: root root )
sed -i  's/PermitRootLogin no/PermitRootLogin yes/' /etc/ssh/sshd_config
sed -i  's/#PasswordAuthentication yes/PasswordAuthentication yes/' /etc/ssh/sshd_config
sed -i  's/#PubkeyAuthentication yes/PubkeyAuthentication yes/' /etc/ssh/sshd_config
service sshd restart

ip addr | grep 192.168.121
CTRL+Shift+]

ssh root@192.168.121.233
sed -i  's/root:x:0:0:root:\/root:\/bin\/sh/root:x:0:0:root:\/etc\/root:\/bin\/sh/' /etc/passwd
mkdir -p /etc/root/.ssh
echo "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" >> /etc/root/.ssh/authorized_keys

# VFP
crontab -e
# Add this line
* * * * * /bin/service sshd restart

# VFP
ssh root@192.168.121.233 -i ~/.vagrant.d/insecure_private_key
# VFP
/sbin/shutdown -h now

vagrant box remove juniper/vmx-vcp
vagrant box remove juniper/vmx-vfp
cd ~/vagrant/boxes/juniper/vmx      

curl -O https://raw.githubusercontent.com/vagrant-libvirt/vagrant-libvirt/master/tools/create_box.sh
chmod 755 create_box.sh

echo '{"provider":"libvirt","format":"qcow2","virtual_size":28}' > metadata.json
bash create_box.sh vcp-hda.qcow2

cat << EOF > vcp.json
{
  "name": "juniper/vmx-vcp",
  "description": "Juniper vMX-VCP",
  "versions": [
    {
      "version": "17.1R1.8",
      "providers": [
        {
          "name": "libvirt",
          "url": "file:///root/vagrant/boxes/juniper/vmx/vcp-hda.box"
        }
      ]
    }
  ]
}
EOF

vagrant box add vcp.json
vagrant box list

rm -rf /opt/vagrant/storage
sudo mkdir /opt/vagrant/storage
sudo chmod 0775 /opt/vagrant/storage/
sudo chown root:libvirt /opt/vagrant/storage/

mv vcp-hdb.qcow2 /opt/vagrant/storage/vmx-vcp-hdb-17.1R1.8-base.qcow2
mv vcp-hdc.img /opt/vagrant/storage/vmx-vcp-hdc-17.1R1.8-base.img
ll /opt/vagrant/storage/

echo '{"provider":"libvirt","format":"qcow2","virtual_size":3}' > metadata.json
qemu-img convert -f raw -O qcow2 vfp-hda.img vfp-hda.qcow2
bash create_box.sh vfp-hda.qcow2

cat << EOF > vfp.json
{
  "name": "juniper/vmx-vfp",
  "description": "Juniper vMX-VFP",
  "versions": [
    {
      "version": "17.1R1.8",
      "providers": [
        {
          "name": "libvirt",
          "url": "file:///root/vagrant/boxes/juniper/vmx/vfp-hda.box"
        }
      ]
    }
  ]
} 
EOF

vagrant box add vfp.json
vagrant box list

rm -rf ~/vmx-test
mkdir ~/vmx-test && cd ~/vmx-test

cat > Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :

def get_mac(oui="28:b7:ad")
  "Generate a MAC address"
  nic = (1..3).map{"%0.2x"%rand(256)}.join(":")
  return "#{oui}:#{nic}"
end

cwd = Dir.pwd.split("/").last
username = ENV['USER']
domain_prefix = "#{username}_#{cwd}"

Vagrant.configure("2") do |config|

  config.vm.define "vmx-vcp-01" do |node|
    guest_name = "vmx-vcp-01"
    node.vm.box = "juniper/vmx-vcp"
    node.vm.box_version = "17.1R1.8"
    node.vm.guest = :tinycore
    node.vm.synced_folder ".", "/vagrant", id: "vagrant-root", disabled: true

    node.ssh.insert_key = false

    node.vm.provider :libvirt do |domain|
      domain.default_prefix = "#{domain_prefix}"
      domain.cpus = 1
      domain.memory = 1024
      domain.disk_bus = "ide"
      domain.nic_adapter_count = 1
      domain.storage :file, :path => "#{username}-#{guest_name}-vmx-vcp-hdb-17.1R1.8-base.qcow2", :size => "196870144", :type => "qcow2", :bus => "ide", :device => "hdb", :allow_existing => true
      domain.storage :file, :path => "#{username}-#{guest_name}-vmx-vcp-hdc-17.1R1.8-base.img", :size => "16777216", :type => "raw", :bus => "ide", :device => "hdc", :allow_existing => true
    end
    add_volumes = [
      "virsh vol-create-as default #{username}-#{guest_name}-vmx-vcp-hdb-17.1R1.8-base.qcow2 196870144",
      "sleep 1",
      "virsh vol-upload --pool default #{username}-#{guest_name}-vmx-vcp-hdb-17.1R1.8-base.qcow2 /opt/vagrant/storage/vmx-vcp-hdb-17.1R1.8-base.qcow2",
      "sleep 1",
      "virsh vol-create-as default #{username}-#{guest_name}-vmx-vcp-hdc-17.1R1.8-base.img 16777216",
      "sleep 1",
      "virsh vol-upload --pool default #{username}-#{guest_name}-vmx-vcp-hdc-17.1R1.8-base.img /opt/vagrant/storage/vmx-vcp-hdc-17.1R1.8-base.img",
      "sleep 1"
    ]
    add_volumes.each do |i|
      node.trigger.before :up do |trigger|
        trigger.name = "add-volumes"
        trigger.info = "Adding Volumes"
        trigger.run = {inline: i}
      end
    end

    delete_volumes = [
      "virsh vol-delete #{username}-#{guest_name}-vmx-vcp-hdb-17.1R1.8-base.qcow2 default",
      "virsh vol-delete #{username}-#{guest_name}-vmx-vcp-hdc-17.1R1.8-base.img default"
    ]
    delete_volumes.each do |i|
      node.trigger.after :destroy do |trigger|
        trigger.name = "remove-volumes"
        trigger.info = "Removing Volumes"
        trigger.run = {inline: i}
      end
    end

    node.vm.network :private_network,
      # vmx-vcp-01-int1 <--> vmx-vfp-01-int1
      :mac => "#{get_mac()}",
      :libvirt__tunnel_type => "udp",
      :libvirt__tunnel_local_ip => "127.255.255.1",
      :libvirt__tunnel_local_port => 10001,
      :libvirt__tunnel_ip => "127.255.255.2",
      :libvirt__tunnel_port => 10001,
      :libvirt__iface_name => "internal",
      auto_config: false

  end
  config.vm.define "vmx-vfp-01" do |node|
    guest_name = "vmx-vfp-01"
    node.vm.box = "juniper/vmx-vfp"
    node.vm.box_version = "17.1R1.8"
    node.vm.guest = :tinycore
    node.vm.synced_folder ".", "/vagrant", id: "vagrant-root", disabled: true

    node.ssh.insert_key = false
    node.ssh.username = "root"

    node.vm.provider :libvirt do |domain|
      domain.default_prefix = "#{domain_prefix}"
      domain.cpus = 3
      domain.memory = 4096
      domain.disk_bus = "ide"
      domain.nic_adapter_count = 11
    end

    node.vm.network :private_network,
      # vmx-vfp-01-int1 <--> vmx-vcp-01-int1
      :mac => "#{get_mac()}",
      :libvirt__tunnel_type => "udp",
      :libvirt__tunnel_local_ip => "127.255.255.2",
      :libvirt__tunnel_local_port => 10001,
      :libvirt__tunnel_ip => "127.255.255.1",
      :libvirt__tunnel_port => 10001,
      :libvirt__iface_name => "internal",
      auto_config: false

  end
end

TROUBLESHOOTING:
If vms don't come up maybe because a vagrant destroy was interrupted, this is a drastic solution that tends to work:

virsh list --all
virsh destroy <THE_MACHINE> 
virsh undefine <THE_MACHINE> --snapshots-metadata --managed-save
virsh vol-list default
virsh vol-delete --pool default <THE_VOLUME>

rm -f /var/lib/libvirt/images/* 
systemctl restart libvirtd

vagrant up
vagrant ssh vmx-vcp-01