Cisco Ironport installation Nutanix AHV


Badge +1
HI,
Can somebody help me to know that if I want to implment Cisco Iromport Virtual Appliance on Nutanix AHV ,Is it possible in AHV ?
The Virtual Appliance is curently available in OVF .

9 replies

Userlevel 7
Badge +30
If you upload the disk image within the OVF/OVA, you can use that as a disk image for making a new VM in AHV. You'll need to assign CPU, memory, and network.

The biggest challenges will likely be if Cisco IronPort supports VirtIO, which is the high performance network and storage device drivers used by KVM-based hypervisors like Nutanix AHV.

This is controlled by the IDE/PCI/SCSI setting when you make the VM. The network component to switch away from VirtIO is done via CLI, so let's save that step until only after its needed.

Give it a try, and post screenshots along the way and we'd be happy to help.
Badge +1
HI,
As per Cisco ,it's Ironport do support KVM and subsequently support VirtIO as well.
In this case does it pose any challange while installing the Ironport on Nutanix AHV?
Please confirm

Userlevel 7
Badge +30
- It should be fine, I did check out the install guide for Cisco content security (new name for Iron port): http://www.cisco.com/c/dam/en/us/td/docs/security/content_security/virtual_appliances/Cisco_Content_Security_Virtual_Appliance_Install_Guide.pdf

and the KVM install steps are pretty straight forward.

Note: These steps would NOT be exactly the same on Nutanix AHV, as we dont use virt-manager or virt-install, you could just create a VM with the CPU/memory you need through Prism, and install the software with the ISO. It's actually quite a bit easier than regular KVM is.
Userlevel 4
Badge +17
I had no experience deploying Ironport virtual appliance on AHV but play a lot with hardware based Ironport
Last time I deployed Avaya Aura (Linux) on AHV
- Untar OVA using tar –xvf or using vmware standalone converter
- Check .vmx for config VM
- Upload .vmdk to AHV using Image Service
- Create VM
- Mount the disk file to the VM

I found no issue regarding driver as Aura using Linux
Will be nice to see your update for the Ironport (FreeBSD) on AHV

Badge +2
Recently was helping a customer to deploy this appliance in AHV. Version 9.7 was not booting however when we tried with version 10 (latests) it worked without problems. These are the details:

Product: Cisco C660V Email Security Virtual Appliance
Model: C600V Version: 10.0.1-087 Build date: 2017-01-07

I would suggest trying this version when deploying in AHV.


Badge
I haven't had any luck with any of the Cisco "virtual" appliances on AHV thus far. Cisco ASAv and WLCv are a couple of examples. The machine gets built and begins the boot process, however it is failing at what seems to be a "digital signature" check. In my case it seems that Cisco is looking for the cpu flag of the host Bios to be "Red Hat" and that doesn't match our hosts.
I've opened up a TAC case with no luck so far.
If anyone has had success in implementing an ASAv or other Cisco virtual products, i'd appreciate the feedback.

Thanks.
Badge +2
There is a way to disable AHV branding. I would recommend opening a case with Nutanix support, they will give you a hand on how to apply it.
Userlevel 1
Badge +5
Could you share the guide?
Userlevel 1
Badge +5
disable_branding = Disable Nutanix brandingacli vm.update XXXX disable_branding=true

Reply