Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

To deploy an on-prem host in VMware vCenter by using ovftool, do the following:

  1. In the Cloud Services Portal, go to Administration > Downloads.
  2. On the Downloads page, click Download Package for VM and save the OVA file on your system.
  3. Prepare the YML and JSON files for deploying an on-prem host. Either download and modify the sample YML and JSON templates, or create your own files. Note that you update the API access key in the YML file and the network configuration in the JSON file. For instructions on modifying the YML and JSON files and downloading sample YML and JSON templates, see /wiki/spaces/BloxOne/pages/9080632.
  4. After you have updated the YML and JSON templates or created new files, open any Linux terminal and use the VMware OVF tool to execute the following commands for encoding the cloud configuration for user data to the base64 format:
    For Linux systems:
     userdata=$(cat userdata_file | base64 -w0)
 metadata=$(cat metadata_file)

    For Mac systems:

     userdata=$(cat userdata_file | base64)
 metadata=$(cat metadata_file)

    where userdata_file and metadata_file are the file names.

  5. Optional: To add multiple network interfaces to the on-prem host, modify the VMX configuration as shown below. For details, see Multiple Network Interfaces for On-Prem Hosts
    ovftool --allowExtraConfig bloxone_vA.B.C.ova bloxone_dual_nics.vmx

    Then, add the required interface configuration to the VMX configuration:
    
echo 'ethernet0.networkName = "wan"'        >> bloxone_dual_nics.vmx
echo 'ethernet1.networkName = "lan"'        >> bloxone_dual_nics.vmx
echo 'ethernet1.present = "true"'           >> bloxone_dual_nics.vmx
echo 'ethernet1.virtualDev = "vmxnet3"'     >> bloxone_dual_nics.vmx
echo 'ethernet1.connectionType = "bridged"' >> bloxone_dual_nics.vmx
echo 'ethernet1.startConnected = "true"'    >> bloxone_dual_nics.vmx
echo 'ethernet1.addressType = "generated"'  >> bloxone_dual_nics.vmx

    After you modify the VMX configuration, execute the following commands:
    ovftool "--net:wan=mgmt-nw" "--net:lan=local-nw" \
    --allowAllExtraConfig \
    --extraConfig:guestinfo.cloudinit.userdata="${userdata}" \
    --extraConfig:guestinfo.cloudinit.metadata="${metadata}" \
    ... \ # other required args
    --sourceType=VMX bloxone_dual_nics.vmx \
    "vi://${VCENTER_USER}:${VCENTER_PASS}@${VCENTER_HOST}/<Datacenter>/host/<Cluster>"

    To pack the image back to OVA, execute the following command:
    ovftool --allowExtraConfig bloxone_dual_nics.vmx bloxone_vA.B.C-dual_nics.ova

    Note

    If you do not provide metadata for the interfaces, only the first Ethernet interface is enabled with the DHCP mode. You must add an interface configuration by using the metadata network-config.

  6. To deploy the on-prem host, execute the following commands:
     ovftool --acceptAllEulas --skipManifestCheck --allowAllExtraConfig --sourceType=OVA
 --powerOn --datastore="<datastore name>" --name="<name for the proxy>"
 --net:"lan"="<standard switch ID>"
 --extraConfig:guestinfo.cloudinit.userdata="${userdata}"
 --extraConfig:guestinfo.cloudinit.metadata="${metadata}" ngp_onprem_vx.x.xx.ova
 vi://<username>:<password>@<ESXi server IP>

    where
    datastore name is the name of your datastore on which you want to deploy the on-prem host.
    name for the proxy is the name of the on-prem host.
    standard switch ID is the name of the vSphere standard switch that allows the on-prem host and external networks to connect.
    ngp_onprem_vx.x.xx.ova is the name of the on-prem host OVA file, where x.x.xx is the version number of this file.
    username password is the username and password for the ESXi server.
    ESXi server IP is the IP address of the ESXi server on which you have configured the VM for deploying
    the on-prem host.

  7. You have now successfully deployed the on-prem host. It might take a few minutes for the proxy and BloxOne Threat Defense Cloud to connect. Once connected, the proxy starts collecting information from your on-prem devices and transmitting the data to BloxOne Threat Defense Cloud.

  8. For the on-prem host to function properly in OVA deployments on ESXi servers, be sure that you have enabled the Synchronize guest time with host option during the deployment and that your ESXi host is synchronized with the NTP server. If you do not select the Synchronize guest time with host option, or if it is disabled, the on-prem host synchronizes with the Ubuntu NTP servers ntp.ubuntu.com and ubuntu.pool.ntp.org. When you disable this option, be sure that you have opened the UDP 123 port for time synchronization with the servers. For more information, see /wiki/spaces/BloxOne/pages/9080626.

  9. To check the current status of the on-prem host, go to Manage > On-Prem Hosts in the Cloud Services Portal. For more information, see Viewing On-Prem Host Status.


  • No labels