Overview
Learn how to deploy Firewall Management Center Virtual on Alibaba Cloud by creating a custom QCOW2 image, launching an ECS instance with required settings, configuring networking and key pairs, applying optional Day-0 data, and verifying deployment through system logs.
You must ensure that the image of the management center virtual that you plan to deploy appears on the Image Configuration.
Procedure
|
1. |
Log into https://www.alibabacloud.com/ and choose your region.
Note
Alibaba Cloud is divided into multiple regions that are isolated from each other. The region is displayed in the upper right corner of your window. Resources in one region do not appear in another region. Check periodically to make sure you are in the intended region.
|
|
2. |
Create Custom Virtualized Image.
Alibaba Cloud supports a QCOW2 image only.
-
Go to Object Storage Service (OSS), then create a bucket that contains the QCOW2 image and do the following:
Bucket names must be globally unique within your Alibaba Cloud project.
-
Upload QCOW2 image from local directory to the Alibaba Cloud bucket.
-
From the left navigation pane, click
-
Choose Private as ACL and copy the OSS Object address mentioned in the object details after the upload is completed successfully.
-
Paste the OSS object address of custom image from the bucket.
-
Choose Linux as OS and Others Linux as variant type.
-
Choose x86_64 as System Architecture.
-
Choose Image format as QCOW2.
-
Choose license type as BYOL.
-
Create an instance from the para-virtualized image from the previous step.
-
From the left navigation pane, click
|
|
3. |
Create Instance from Custom Virtualized Image.
-
Go to the and select the following:
-
Billing Method: Pay-As-You-Go
-
Region: As per requirement.
-
Instance Type: ecs.r6.xlarge
-
Quantity: As required
-
Image: Custom image you created in the previous section.
-
System Disk: 250GB (or Default) as the minimum value.
-
To proceed further, do the following:
-
VPC: VPC in which management center virtual will be deployed.
-
Vswitch: Subnet of the Primary Interface.
-
Assign Public IPv4 Address: It is required to connect using SSH (If not selected, then the management center virtual can only be accessed via Console connection of Alibaba Cloud from the UI).
-
Security Group: Choose the appropriate Security Group.
-
Interfaces: Primary interface belongs to the subnet chosen in step 2. Management center virtual requires one interface only.
-
Move to the next section and do the following.
-
Key-Pair: For key-based login, generate a key-pair if not done already. You can also access the instance with a password.
Note
You can select an existing key pair or create a new key pair. The key pair consists of a public key that Alibaba Cloud stores and a private key file that the user stores. Together, they allow you to connect to your instance securely. Be sure to save the key pair to a known location, as it may required to connect to the instance.
-
Instance-name: Name of instance as suitable.
-
Day-0 (User Data): Provide the Day-0 configuration as per the requirement (Do not choose 64-base encoded). Sample Day-0 Configuration to manage management center virtual using the Management Center:
#FMC
{
"AdminPassword": "<enter_your_password>",
"Hostname": "<Hostname-vFMC>"
}
Note
In case the user does not provide any password in the day-0 configuration, the default password will be the instance ID of the FMCv as seen on Alibaba Cloud console or CLI.
-
Accept the Terms of Service and Create the Instance.
|
|
4. |
Click Review and Launch. |
|
5. |
Click Launch. |
|
6. |
Select an existing key pair or create a new key pair. |
|
7. |
Click Launch Instances. |
|
8. |
Click View Launch and follow the prompts. |
|
9. |
Go to . |