With FortiOS version 5.4.1 and above, Fortinet added support for initial configuration of a FortiGate virtual machine by attaching a cloud-init config drive. When the FortiGate VM powers up for the first time, it will automatically read the data from the config drive and apply both license and configuration to the FortiGate. This is an excellent way to automate deployments of FortiGate virtual machines in production or lab environments. You can read more about the config drive support and how to use one at http://cookbook.fortinet.com/config-drive-esx-vcenter-vmware-5-4/. In this blog post, I will try to capture some of the missing pieces and also provide pointers on how to troubleshoot.
VMware has a guide available at https://pubs.vmware.com/vsphere-65/topic/com.vmware.ICbase/PDF/vsphere-perl-sdk-65-installation-guide.pdf, which if you follow carefully you will be able to successfully install the vSphere SDK for Perl without any issues. I, unfortunately, didn’t follow the guide properly and landed into some issues, which I have documented here. This blog post captures:
- How to install vSphere SDK for Perl on Ubuntu 14.04
- Issues encountered
FortiOS 5.4 introduced a long-awaited feature called auto-script. Head over to http://help.fortinet.com/fos50hlp/54/index.htm and then “5.4 What’s New” if you are interested in learning more. For those of us, who have worked on Cisco routers and used aliases or EEM feature, the auto-script feature is somewhere in between the two. It allows commands to be executed periodically or either once and I see this to be a great add to the feature set, especially when it comes to collecting lots of information quickly. This blog post captures:
- How to configure auto-script feature
- How to execute a script
- How to view the results.
- How to upload results to an FTP server
- Maximum limit
- Few features that I would like to see in future FortiOS releases
esxcli is a command line tool that can be used to manage VMware ESXi host. In my opinion it’s a good way to learn more about the inner workings of ESXi and can be used in scripts for automating tasks. In this blog post, I will show you how to use esxcli to add portgroups and vlans to vSwitch0 of an ESXi host.
Introduction and Setup
If you came here via a search engine, chances are that you looking for a quick and dirty way of testing DSCP on your network. Differentiated Services, described in RFC 2474 and RFC 2475 provide a way to mark, prioritize, police, etc IP flows based on various attributes. This allows network operators to maintain different levels of QoS on their networks.
This post captures details on how to generate traffic from a client with different DSCP fields set and verify that they are received on the server side.
In the home or work lab, I often have to connect to various devices that are either temporary or don’t support SSH keys. In my home lab, I typically set all the lab equipment with a standard username and password, which allows me to connect to them quickly. As almost all devices these days support SSH, I setup a bash function that acts as an alias allowing me to quickly connect to a device using SSH either from my Mac or Linux desktop.
This blog post captures details on how to copy SSH key to multiple servers. If you manage more than one Linux server and have been challenged with automating mundane tasks, using SSH keys to login to a server without having to enter your password can be extremely irritating. There are more than one way to automate login to a Linux server.
- Use a utility like sshpass where you can provide the password as an argument.
- Use public-private SSH key pair.
- Creating SSH Keys
- Copy SSH Key to Servers
VMware released PowerCLI Core for Linux and Mac that allows users to run cmdlets, which were possible to run only on Windows earlier. This post captures details on how to install PowerCLI Core on CentOS 7.
- Install Microsoft .NET Core
- Install PowerShell
- Compile curl from source
- Install PowerCLI Core
The automated process has been tested only on CentOS 7 droplet and will install and configure the following:
This post captures details on how to install NetBox and configure it on a server running CentOS 7. NetBox is an IP address management (IPAM) and data center infrastructure management (DCIM) tool. As part of the install process, we shall be installing and configuring, the following:
- PostgreSQL – Database used by NetBox
- Apache – NetBox can be made accessible either using Apache or nginx. This post covers Apache and setting it up as reverse proxy.
- NetBox – the application itself
- gunicorn – Python WSGI server
- supervisord – a process control system used to control gunicorn.
- firewalld – used to configure firewall on CentOS 7