Setting up Cisco VIRL using VMware Workstation 10
I did receive my Cisco VIRL download link yesterday and after a couple of minutes waiting (do use a download manager as they recommend, without it would abort a couple of times for me) I finally got the OVA and key file as well.
So what do you need to get started?
- VMware Workstation / Player / Fusion
- 50 GB of disk space (currently it is only taking 15GB on my install)
- Intel VT-x / EPT or AMD-V / RVI
- 2 vCPUs
- 4 GB of RAM (8 and more recommended)
- Internet access from within the Workstation environment
- Java Runtime installed on the PC that will act as a client for the VM Maestro client machine and included in the PATH variable
I did choose the Workstation image as all my own lab ESXi lab gear uses AMD CPUs and only Intel is supported as of now. Essentially the installation will consist of network creation, OVA deploy and settings tweaking which will result into an Ubuntu VM running Openstack with neutron covering the networking bits. Environment management and registration will then happen via a client machine using a website and the VM Maestro client.
The first thing that needs to be done after the download is to set up the virtual networks required by VIRL, these will be 4 in total covering 4 different IP ranges. The can be added by going to “Edit” -> “Virtual Network Editor”. I stuck to the recommended IP ranges in the actual manual for sake of simplicity and also deactivated the local DHCP service for these networks.
Afterwards you can deploy the OVA either by using the “File” -> “Open…” way or simply double clicking the OVA file. Choose a path and name and wait a couple of seconds for the import (having an SSD does help here).
Do not power on the VM yet though, first the network mappings and CPU settings need to be done, so right-click the freshly created VM and click on “Settings”.
You can choose to give the VM more CPU and RAM than the default of 4 vCPUs and 8 GB RAM if you want to do “large” scale deployments (especially NX-OS wants 2 GB of RAM per virtual router and can get quite hardware hungry), but remember that the license only allows to deploy up to 15 virtual routers for now. Additionally make sure that the “Virtualize Intel-VT…” option is enabled as otherwise the nested VMs in Openstack cannot be deployed successfully. Lastly map the first virtual NIC to NAT (which should be the default anyway) and the other virtual NICs to the new networks created a couple of minutes ago, in exactly that order.
Now it is time to power on the VM and log in for the initial OS configuration. The default credentials are virl / VIRL to log in.
You can open a shell from the desktop using the “xterm” icon. The first thing you want to check is that the VT-x bits are actually set, you can do this by using “sudo kvm-ok”. Additionally you want to ping something like www.cisco.com to see if internet access is available.
I personally did not need to follow the NTP steps in the manual as proper generic servers were already pre-configured, the manual seems to be a bit outdated there. If NTP is not working for you it can easily be fixed by entering “sudo nano /etc/ntp.conf” and restarting the ntp service with “sudo service ntp restart”. Minimize the terminal windows for now as you will need it again for some other sanity checks later on.
You will find another link on the desktop called “ip-address”, double-click that and note down the IP and enter it into a browser on the actual Workstation host machine (if your normal browsing requires a proxy configure the browser to ignore the proxy for that address). The first link you want to click is the “User workspace management”.
The default credentials are “uwmadmin” and “password”. This will give you an overview of all used resources and deployed instances. As well as the option to do the initial license registration to start deploying your own lab builds. To do this click the “Salt status” link on the left.
When you are initially configuring the system you will see some sort of error message on the following screen, don’t worry about it but click on the “Reset keys and ID” button. There is some fields to fill out. The first field will need the name of your license file without the .pem extension. I chose my Cisco account email address for the email field. You should add 2 salt servers by comma separating them. The manual says they are provided in the order emails but I did not find anything in there so I took the two European ones from the manual which mentions the following 4.
- salt-master.cisco.com (US)
- salt-master-2.cisco.com (US)
- eu-salt-master.cisco.com (Europe)
- eu-salt-master-2.cisco.com (Europe)
I left the sign public key field at the default and the last field gets the full contents of the license file. After you have filled out everything click the “Reset” button on the bottom and don’t jump if you are still getting an error message. On the left click “Salt status” again, wait a couple of seconds (I waited around 30 seconds) and then click on “Check status now”. This time no more errors should appear but instead a status screen like below.
Don’t be alarmed about the expiration time, this is not the license expiration time but the offline timer. You are allowed to have the lab offline for 7 days until it will stop you from provisioning any more builds until it wants to contact the salt servers again.
Some more sanity checking is needed before you can get started to deploy your own labs. Maximize the xterm window again and check the internal nested networking with “neutron agent-list”. All 4 networks should be available which is indicated by a smiley face. Next up you want to check the main services status using “sudo virl_health_status | grep listening”, STD and UWM should be shown so.
The last step will be installing the VM Maestro client. To do this go back to the VM IP again and this time click on “VM Maestro Clients”. This will give you the offer of downloading a linux, MAC OS and Windows image of the Maestro client. Run the installer (I just accepted the defaults) and start the client (it might complain about missing Java, either fix the PATH system variable or copy the JRE files to the path in the error message).
With this you are basically done except for one last sanity check. Start the client and log in with the default credentials “guest” and “guest”. After the UI loads you should be seeing a small guest button in the bottom right. Click that button and verify all Web Services show a green status.
With this the installation is done and you can start deploying virtual routers. The overall process took me about 45 minutes without any major hickups. The GUI is not the most intuitive on how to actually connect to the routers etc. and I therefore would advise to visit the video tutorials if you get lost at any point.