This document provides information on how to install the ExtraHop Command virtual appliance on a Linux kernel-based virtual machine (KVM). This guide assumes that you are familiar with basic KVM administration.
If you need either the installation package files or a license key for the virtual appliance, contact email@example.com
|Important:||If you want to deploy more than one ExtraHop virtual appliance, do not clone an existing instance. Always start with the original deployment package when deploying additional instances.|
The installation package for KVM systems is a tar.gz file that contains the following items:
- The domain XML configuration file
- The boot disk
- The datastore disk
Before you can install the ExtraHop virtual appliance, make sure that your environment meets the following requirements:
- A KVM hypervisor environment capable of hosting a VM that has:
- 4 GB RAM
- Two vCPUs
- One 4 GB boot disk (virtio-scsi interface recommended)
- One 40 GB datastore disk (virtio-scsi interface recommended)
- An ExtraHop virtual appliance license key
Identify the bridge through which you will access the management interface of your Command appliance.
- Make sure the management bridge is accessible to the ExtraHop virtual appliance and to all users who must access the management interface.
- If you need to access the management interface from an external computer, configure a physical interface on the virtual management bridge.
- (Recommended) Configure separate bridges for the Command appliance management bridge and any bridge you will capture network traffic through on other ExtraHop appliances.
After you identify the management bridge, edit the configuration file, and create the ExtraHop virtual appliance.
- Extract the tar.gz file that contains the installation package.
- Copy the two disks extrahop-boot.qcow2 and extrahop-data.qcow2 to your KVM system. Make a note of the location where you store these files.
Open the domain XML configuration file. Find and edit the following
Change the VM name (ExtraHop-ECA) to the name you want
to assign to your ExtraHop virtual appliance.
Change the source file path [PATH_TO_STORAGE] with
the location where you stored the virtual disk files in step 1.
<source file='[PATH_TO_STORAGE]/extrahop-boot.qcow2'/> <source file='[PATH_TO_STORAGE]/extrahop-data.qcow2'/>
Change the source bridge for the management network (ovsbr0) to match
the name of your management bridge.
<interface type='bridge'> <source bridge='ovsbr0'/> <model type='virtio'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> </interface>
If you are configuring Open vSwitch virtual switch software for your virtual bridge, add the following virtualport type setting to the interface (after the source bridge setting):
<virtualport type='openvswitch'> </virtualport>
- Change the VM name (ExtraHop-ECA) to the name you want to assign to your ExtraHop virtual appliance.
- Save the XML file.
- Log in to the KVM console.
Create the new ExtraHop virtual appliance with your revised domain XML
configuration file by running the following command:
virsh define ECA_KVM.xml
Start the virtual machine by running the following command:
virsh start <vm_name>
Where <vm_name> is the name of your virtual appliance.
After you have created your ExtraHop virtual appliance, you can log in to the management interface through a web browser and apply your license key, see network traffic, and customize your ExtraHop virtual appliance.
Log into the KVM console and view the IP address for your new ExtraHop virtual
appliance by running the following command:
sudo virsh console <vm_name>
Where <vm_name> is the name of your ExtraHop virtual appliance.
- Open your web browser and type the IP address of your ExtraHop virtual appliance.
- Log in with the default user name (setup) and password (default).
Complete the following steps to apply a product key supplied by ExtraHop Support.
If you do not have a product key, contact firstname.lastname@example.org.
- In your browser, type the IP address of the ExtraHop appliance (https://<extrahop_ip_address>/admin).
- Review the license agreement, select I Agree, and then click Submit.
- On the login screen, type setup for the username.
For the password, select from the following options:
- For a physical appliance, type the service tag number found on the
pullout tab on the front of the appliance.
Note: The serial number for the EDA 1100 is located on the bottom of the appliance, and displayed in the Appliance info section of the LCD menu.
- For a virtual appliance, type default.
- For a physical appliance, type the service tag number found on the pullout tab on the front of the appliance.
- Click Log In.
- In the System Settings section, click License.
- Click Manage License.
- Click Register.
- Enter the product key and then click Register.
- Click Done.